Das Wichtigste in Kürze:
- Sicherheitsrelevanz: Die Dokumentation der IT-Verkabelung ist essenziell für die IT-Sicherheit und wird im BSI IT-Grundschutz-Kompendium erwähnt. Sie umfasst detaillierte Informationen zu Trassenverlauf, Leitungsführung und Raumplänen.
- Langfristigkeit: Im Gegensatz zu anderen IT-Komponenten ändern sich Verkabelungsstrukturen nur selten, weshalb eine einmal erstellte, gut gepflegte Dokumentation über Jahre genutzt werden kann und Erweiterungen leicht integrierbar sind.
- Betriebsoptimierung: Eine vollständige Verkabelungsdokumentation erleichtert Wartung und Fehlerbehebung erheblich und unterstützt einen reibungslosen IT-Betrieb, indem sie Zeit und Ressourcen spart.
There is hardly anything in your IT environment that we would not suggest to be documented. Physical IT cabling is probably the least thing considered for documentation. Wrongly so, for this is definitely necessary and useful for proper IT operation. Moreover, the IT cabling documentation does not need to be updated constantly as these configurations do not change as fast as the networking environment. Network cables and many patch panels are often in use for many years without being replaced. After all, cabling in a building cannot be replaced so easily. Certainly, there are extensions once in a while, but it should not take too long to update the documentation correspondingly. This, however, requires that you have designed your documentation systematically.
Not only “nice-to-have”, but relevant to security
There are indeed security aspects that speak in favour of documenting physical IT cabling. For instance, the BSI IT-Grundschutz catalogues contain, in the B 2.12 IT Cabling module a safeguard entitled S 2.396 Specifications for documentation and labelling of IT cabling. According to this safeguard, a comprehensive IT cabling documentation consists of multiple parts:
- Cable channel and tray routes and utilisation in the section of the building,
- Cable channel routes, cable routes, and positions of the connection sockets on each floor,
- Room plans for all IT cabling technology rooms, including the cabinet layout and any possible connection points of external networks,
- Projection diagram of cabinets with installed components and patch plans,
- Verification of conformity of the execution to the contract specifications,
- Supplier information, measurement records, and acceptance tests.
To create this documentation in paper form is certainly no longer a feasible option today. Even the use of CAD applications for this purpose will hardly prove to be practical, as they require at least a certain degree of training. This is why most documentation managers prefer Microsoft Visio, maybe in combination with Excel. However, there are dedicated software solutions on the market for this purpose, e.g. FaciPlan from FaciWare. This software allows you to create highly granular plans and also has a search feature. If you check your patch panel and for example want to know which room is served by a particular data line, just enter the number of the respective connection box to get the room displayed. This is of invaluable help for IT Support when setting up workplaces.
A well-structured approach
Start your documentation with the interconnection point of your ISP and include everything right down to the individual network sockets. On the way, document all network cables, optic fibre cables, patch panels, switches, routers, etc. It may prove to be very useful to include even the connection rates of all network switch ports. With this documentation, you will also be able to spot any performance problems in the network. Since you will have to connect to most network switches to retrieve the connection rates, this is a good opportunity to check the passwords along the way. Have all default passwords been changed and have these changes been documented?
In the context of documenting the IT cabling configuration, you will further have to distinguish internal from external documentation. External documentation refers to labelling the network sockets in the office rooms, which, of course, is indispensable. The socket number and the number of the patch panel to which the other end of the network cable is connected should also be documented. But keep it to that – the less information third parties have about your network, the better you are off. The internal documentation, in contrast, should be as comprehensive as possible. This is why that documentation must be protected against unauthorised access. Access should be restricted to the IT staff – other employees would have no understanding of this information anyway, so they do not need to access it.
It is true that, depending on the network size, it will be a long way until the entire IT cabling system is fully documented, but it pays off! Above all, you will regain full control of networks that have grown in an uncontrolled manner. For a small office, it might actually not be worth the effort, but if you have to manage multiple company buildings, warehouses, production sites, etc., nobody will be able to remember which sockets are located in which rooms. A proper IT cabling documentation also safeguards you and your company from brain drain through employee fluctuation or change of external service providers.