?
Solved

2014 initiatives

Posted on 2014-01-08
10
Medium Priority
?
248 Views
Last Modified: 2014-01-23
With the new year underway, what are some of your infrastructure initiatives in terms of security, consolidation, reorganization, documentation etc. for 2014 and the years to come? I would love to assess the commonalities across the various industries.

I would, not only, like to know the initiatives, but also the steps/methods you are taking/plan on taking in hopes of acheiving these targets.

Thanks.
0
Comment
Question by:netcmh
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 23

Expert Comment

by:David
ID: 39767751
Regrets, to my employer this constitutes phishing.  Perhaps you could rephrase the question?
0
 
LVL 64

Expert Comment

by:btan
ID: 39767824
Pardon not able to share the industry...

Network infra - Consolidation of network service routing and monitoring, separating the rule from the actual routing task. Kinda of SDN scheme and exploration of network virtualisation functions but within internal DMZ for intra services transaction and external DMZ for incoming exposed e-service transaction

Application infra - Webification of appl across application delivery layer where consolidation comes in to reduce the footprint and stay green on the physical servers, as well as power consumption. Create a SOA layer to allow various client devices esp the mobile smartphone that can come from wireless or wired for those tablet/notebook remote access.

End to end encryption include network channel to and fro of the organisation application. of course not forgetting the typical security review and vulnerability mgmt on top of the patch mgmt. Ideally is to move from spread scanning to centralised (agent) based scanning with policy driven vulnerability mgmt and central push of fixes and patches esp the emergency security hotfixes.

I will not say the cloud infra is hot as the whole idea is to make sure the house is well kept before exploring the external hosted platform...
0
 
LVL 21

Author Comment

by:netcmh
ID: 39767892
Thank you, breadtan. I agree with the cloud infrastrucure comment.

Please keep the info coming. Document templates and initiative samples will also be highly appreciated.
0
Optimum High-Definition Video Viewing and Control

The ATEN VM0404HA 4x4 4K HDMI Matrix Switch supports 4K resolutions of UHD (3840 x 2160) and DCI (4096 x 2160) with refresh rates of 30 Hz (4:4:4) and 60 Hz (4:2:0). It is ideal for applications where the routing of 4K digital signals is required.

 
LVL 64

Expert Comment

by:btan
ID: 39767907
Thoughts this can help in charting the exploration into making the network more "intelligently" efficient...the devops csn be tough with two house of team and different culture and objective. Virtual teaming to pool expertise will be nice but we lack a chief architect :)
http://searchsdn.techtarget.com/news/2240212161/14-questions-to-ask-SDN-vendors-before-investing
0
 
LVL 64

Accepted Solution

by:
btan earned 750 total points
ID: 39767962
Not forgetting resiliency, ENISA just released a report pertaining to mitigating damages due to power outages. Some relevant outlook to chart ahead in datacenter to reduce the risk of network and service outages caused by power supply failures may include

Analyse the frequency and impact of network outages caused by power cuts. Liaise with providers to collect good practices to increase resilience against power cuts.

Perform a cost-benefit analysis to determine a suitable minimum level of resilience against power cuts. Take lessons learned from outages caused by power cuts and ensure that affected providers work systematically to develop their protection measures.

Act to establish a strategy to promote cooperation and mutual aid agreements on joint service restoration after severe power cuts. Providers should regularly perform checks of existing protection measures, to ensure that shorter and medium duration power cuts will not have any negative impact.
0
 
LVL 21

Author Comment

by:netcmh
ID: 39767995
So far:

Network virtualization using SDN or IaaS
Applications to use ADL
End to end encryption
Vuln. management
DataCenter Power resiliency

More?
0
 
LVL 21

Author Comment

by:netcmh
ID: 39768032
Some more gleaned off the interwebs :)

Uptodate asset inventory
Manage 3rd party asset vuln. mgmt.
Compartmentalize network and data
Baseline network & resolve anomalies
User access lock down
Implement Firewall configuration development life cycle
Train end users in security
Develop & implement risk management methodology
Implement admission and endpoint controls
Develop security metrics based off of business initiatives
0
 
LVL 64

Expert Comment

by:btan
ID: 39768262
Identity access management, unified single identity for users that span across platform in web and device mgmt. Also see besides the usual multi factor authentication going into attribute based or claim based  checks.

I do see more indepth anti surveillance concerns be part of ICT security monitoring nemesis.  Striking a balance of not leaking enterprise IP and not invading staff privacy.  Prevention is no more and should focus on reinforcing detection robustness and closing the number if egress and ingress points. Likewise not forgetting those out of band zones that seems secure and isolated but easily neglected to find out any bridges which tends to be from insider threats carrying those anti air gap storage card....risk based threat modelling in development also another for those R&D folks
0
 
LVL 23

Assisted Solution

by:David
David earned 375 total points
ID: 39768532
You may or may not be aware that the US DoD now requires incoming technical staff to hold a current COMP TIA Security+, and a current computer environment (CE) certifications, such as Oracle 11g OCP.  I'd be expecting that to come into the private sector as well.
0
 
LVL 40

Assisted Solution

by:noci
noci earned 375 total points
ID: 39769022
Before training users on security try to make ppl aware of security issues,
in studies ppl would/did trade their passwords etc. for candy bars.
Security is based on confidentiality & privacy so make ppl aware of those.

It's not just "firewall configuration development" cycle, its "configuration development cycle" for all kinds of equipment not just firewalls. (Firewalls are not a lot more than advanced routers, with an option to break routing rules for some packets).

Risk management should be part of your change management cycle, not a separate item.
every change induces risk changes, the risk profile may become better or worse.
And the risks might be very different During a change.... f.e. if you double up hardware to prevent SPOF's then during a change the backup might be temporary unusable and you only have a giant SPOF until the change is complete.
0

Featured Post

Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When the s#!t hits the fan, you don’t have time to look up who’s on call, draft emails, call collaborators, or send text messages. An instant chat window is definitely the way to go, especially one like HipChat. HipChat is a true business app. An…
If you are IT support and need to work after hours to resolve customer issues then here are a few tips on how to handle after hours support
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses
Course of the Month11 days, 3 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question