Network Components and Topology
The institution's network infrastructure is critical to all facets of business operations. Voice and data communication networks form the backbone for information sharing and data transfer and facilitate tight integration of technology systems. In addition to maintaining a complete inventory of hardware and software connected to and operating on the network, management should also fully document the network configuration.
Depending on the size and complexity of the institution's network, management should develop and maintain high-level topologies that depict wide area networks (WANs), metropolitan area networks (MANs), and local area networks (LANs). The topologies should have sufficient detail to:
- Facilitate network maintenance and troubleshooting;
- Facilitate recovery in the event of a disruption; and
- Plan for expansion, reconfiguration, or addition of new technology.
Topologies should also:
- Identify all internal and external connectivity (including Internet and modems);
- Describe the type of connectivity (digital subscriber line (DSL), dialup, cable modem, wireless);
- Note the bandwidth of connectivity within and between network segments;
- Identify and describe encrypted or otherwise secure communication channels;
- Depict the type and capacity of network segment linkages (switches, routers, hubs, gateways, etc.);
- Portray information security systems (firewalls, intrusion detection systems, and hacker-trapping "honey pots");
- Identify primary vendors of telecommunications services; and
- Identify what information is available and where it resides
The network topology should be a technical blueprint of the network structure. Management should collect other important network documentation. Institutions should identify and document the type, location, and volume of information stored and transmitted on their networks. Management should develop a complete description of all network management tools and network administration console capability.
Management should also develop data flow diagrams to supplement its understanding of information flow within and between network segments as well as across the institution's perimeter to external parties. Data flow diagrams should identify:
- Data sets and subsets shared between systems;
- Applications sharing data; and
- Classification of data (public, private, confidential, or other) being transmitted.
Data flow diagrams are also useful for identifying the volume and type of data stored on various media. In addition, the diagrams should identify and differentiate between data in electronic format, and in other media, such as hard copy or optical images.