Modeling the Enterprise
I've been asked by my boss to look into tools that will allow me to model an enterprise. I would need to model from layer 2 up. Layer 1 would be nice but is harder to do without being on-site.
I'd be looking for:
Basically I need to build enterprise map's.
Surely there is a form of software that does this, price doesn't matter but I'd like to play with it first.
Thanks, feel free to ask any clarifying questions.
-Phil
I'd be looking for:
- Switches
- Routers
- Appliances
- Desktops
- Phones
- Servers
- IP Based Devices
- Ect.
Basically I need to build enterprise map's.
Surely there is a form of software that does this, price doesn't matter but I'd like to play with it first.
Thanks, feel free to ask any clarifying questions.
-Phil
Read my blog @ www.buildingautomationmonthly.com
Connect with me on LinkedIn @ https://www.linkedin.com/in/phillipzito
Connect with me on LinkedIn @ https://www.linkedin.com/in/phillipzito
Comments
-
Deathmage
Banned Posts: 2,496
if you have the resources, Autotask has a very nice network digging tool, a bit more powerful than nmap. Autotask is a ticketing software like Remedy just all web-based and quite powerful. -
philz1982
Member Posts: 978
Interesting, looks like way more then I need.
What I need to do is capture the environment so I can model it and then define inefficiencies that could be improved through alternative architecture. My big metrics are going to be:- Logical and physical topology
- Utilization (Compute, power, Bandwidth)
- Server layout and roles
Thanks for the feedback.Read my blog @ www.buildingautomationmonthly.com
Connect with me on LinkedIn @ https://www.linkedin.com/in/phillipzito -
wes allen
Member Posts: 540 ■■■■■□□□□□
Some kind of flow monitoring might be useful, since that will give you an idea of which devices are talking to which devices, then you can run nmap or nessus against the IPs that show up to find out more about them. -
J_86
Member Posts: 262 ■■□□□□□□□□
Solarwinds has a network mapper. It ok, but I have not used the new version (maybe it got better).
Network Mapping Software - Network Topology - Network Diagram
I demoed NetBrain's Enterprise Suite not long ago, it's pretty nice. It will give you more information as far as utilization. Automated Network Mapping and Dynamic Network Troubleshooting from Enterprise Suite -
philz1982
Member Posts: 978
Solarwinds has a network mapper. It ok, but I have not used the new version (maybe it got better).
Network Mapping Software - Network Topology - Network Diagram
I demoed NetBrain's Enterprise Suite not long ago, it's pretty nice. It will give you more information as far as utilization. Automated Network Mapping and Dynamic Network Troubleshooting from Enterprise Suite
Thanks, I appreciate the feedback, Netbrains, while I like it won't work. The challenge that is making my discovery so damn difficult is this is a one and done discovery. I go in I map the network, capture the flows and then I am out never to return.
Most of the software suites I've seen so far are for capturing and monitoring systems from an operational perspective. I need something from a pre-sales design perspective. Come in snapshot the network and all applications and leave.
-PilRead my blog @ www.buildingautomationmonthly.com
Connect with me on LinkedIn @ https://www.linkedin.com/in/phillipzito -
JeanM
Member Posts: 1,117
Assuming you can run it from a port that isn't limited or will not see/reach "hosts" on the network right?2015 goals - ccna voice / vmware vcp. -
wes allen
Member Posts: 540 ■■■■■□□□□□
You might look at Nessus PVS to work along with your active scans. That will help pick up hosts that have a firewall or ACLs to limit access to them, or that just pop up for a few hours during the day, etc. There are a couple open source tools that work kinda the same as well.
Palo Alto firewalls also have a wire mode, so you could just put one in place at a choke point with all allow rules, and use it to ID hosts and Apps. They do PoC's that way a bit, rather then mirror / taps. -
d4nz1g
Member Posts: 464
You can use CDP to find Cisco stuff and ingoing/outgoing interfaces.
Nmap is useful too, but make sure your network does not block network scanning. -
philz1982
Member Posts: 978
Let me add some further clarity. This would be a drop in drop out project. What I mean, is I would go to the customer site, discover everything, use that to build an Enterprise model and leave. I would not be leaving any software behind for logging for more then 2-3 days at the most and that would simply be to test congestion/bandwidth and flow.Read my blog @ www.buildingautomationmonthly.com
Connect with me on LinkedIn @ https://www.linkedin.com/in/phillipzito -
joelsfood
Member Posts: 1,027 ■■■■■■□□□□
