Solved

2014 initiatives

Posted on 2014-01-08
10
234 Views
Last Modified: 2014-01-23
With the new year underway, what are some of your infrastructure initiatives in terms of security, consolidation, reorganization, documentation etc. for 2014 and the years to come? I would love to assess the commonalities across the various industries.

I would, not only, like to know the initiatives, but also the steps/methods you are taking/plan on taking in hopes of acheiving these targets.

Thanks.
0
Comment
Question by:netcmh
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 23

Expert Comment

by:David
ID: 39767751
Regrets, to my employer this constitutes phishing.  Perhaps you could rephrase the question?
0
 
LVL 63

Expert Comment

by:btan
ID: 39767824
Pardon not able to share the industry...

Network infra - Consolidation of network service routing and monitoring, separating the rule from the actual routing task. Kinda of SDN scheme and exploration of network virtualisation functions but within internal DMZ for intra services transaction and external DMZ for incoming exposed e-service transaction

Application infra - Webification of appl across application delivery layer where consolidation comes in to reduce the footprint and stay green on the physical servers, as well as power consumption. Create a SOA layer to allow various client devices esp the mobile smartphone that can come from wireless or wired for those tablet/notebook remote access.

End to end encryption include network channel to and fro of the organisation application. of course not forgetting the typical security review and vulnerability mgmt on top of the patch mgmt. Ideally is to move from spread scanning to centralised (agent) based scanning with policy driven vulnerability mgmt and central push of fixes and patches esp the emergency security hotfixes.

I will not say the cloud infra is hot as the whole idea is to make sure the house is well kept before exploring the external hosted platform...
0
 
LVL 20

Author Comment

by:netcmh
ID: 39767892
Thank you, breadtan. I agree with the cloud infrastrucure comment.

Please keep the info coming. Document templates and initiative samples will also be highly appreciated.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 63

Expert Comment

by:btan
ID: 39767907
Thoughts this can help in charting the exploration into making the network more "intelligently" efficient...the devops csn be tough with two house of team and different culture and objective. Virtual teaming to pool expertise will be nice but we lack a chief architect :)
http://searchsdn.techtarget.com/news/2240212161/14-questions-to-ask-SDN-vendors-before-investing
0
 
LVL 63

Accepted Solution

by:
btan earned 250 total points
ID: 39767962
Not forgetting resiliency, ENISA just released a report pertaining to mitigating damages due to power outages. Some relevant outlook to chart ahead in datacenter to reduce the risk of network and service outages caused by power supply failures may include

Analyse the frequency and impact of network outages caused by power cuts. Liaise with providers to collect good practices to increase resilience against power cuts.

Perform a cost-benefit analysis to determine a suitable minimum level of resilience against power cuts. Take lessons learned from outages caused by power cuts and ensure that affected providers work systematically to develop their protection measures.

Act to establish a strategy to promote cooperation and mutual aid agreements on joint service restoration after severe power cuts. Providers should regularly perform checks of existing protection measures, to ensure that shorter and medium duration power cuts will not have any negative impact.
0
 
LVL 20

Author Comment

by:netcmh
ID: 39767995
So far:

Network virtualization using SDN or IaaS
Applications to use ADL
End to end encryption
Vuln. management
DataCenter Power resiliency

More?
0
 
LVL 20

Author Comment

by:netcmh
ID: 39768032
Some more gleaned off the interwebs :)

Uptodate asset inventory
Manage 3rd party asset vuln. mgmt.
Compartmentalize network and data
Baseline network & resolve anomalies
User access lock down
Implement Firewall configuration development life cycle
Train end users in security
Develop & implement risk management methodology
Implement admission and endpoint controls
Develop security metrics based off of business initiatives
0
 
LVL 63

Expert Comment

by:btan
ID: 39768262
Identity access management, unified single identity for users that span across platform in web and device mgmt. Also see besides the usual multi factor authentication going into attribute based or claim based  checks.

I do see more indepth anti surveillance concerns be part of ICT security monitoring nemesis.  Striking a balance of not leaking enterprise IP and not invading staff privacy.  Prevention is no more and should focus on reinforcing detection robustness and closing the number if egress and ingress points. Likewise not forgetting those out of band zones that seems secure and isolated but easily neglected to find out any bridges which tends to be from insider threats carrying those anti air gap storage card....risk based threat modelling in development also another for those R&D folks
0
 
LVL 23

Assisted Solution

by:David
David earned 125 total points
ID: 39768532
You may or may not be aware that the US DoD now requires incoming technical staff to hold a current COMP TIA Security+, and a current computer environment (CE) certifications, such as Oracle 11g OCP.  I'd be expecting that to come into the private sector as well.
0
 
LVL 40

Assisted Solution

by:noci
noci earned 125 total points
ID: 39769022
Before training users on security try to make ppl aware of security issues,
in studies ppl would/did trade their passwords etc. for candy bars.
Security is based on confidentiality & privacy so make ppl aware of those.

It's not just "firewall configuration development" cycle, its "configuration development cycle" for all kinds of equipment not just firewalls. (Firewalls are not a lot more than advanced routers, with an option to break routing rules for some packets).

Risk management should be part of your change management cycle, not a separate item.
every change induces risk changes, the risk profile may become better or worse.
And the risks might be very different During a change.... f.e. if you double up hardware to prevent SPOF's then during a change the backup might be temporary unusable and you only have a giant SPOF until the change is complete.
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question