Solved

2014 initiatives

Posted on 2014-01-08
10
236 Views
Last Modified: 2014-01-23
With the new year underway, what are some of your infrastructure initiatives in terms of security, consolidation, reorganization, documentation etc. for 2014 and the years to come? I would love to assess the commonalities across the various industries.

I would, not only, like to know the initiatives, but also the steps/methods you are taking/plan on taking in hopes of acheiving these targets.

Thanks.
0
Comment
Question by:netcmh
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 23

Expert Comment

by:David
ID: 39767751
Regrets, to my employer this constitutes phishing.  Perhaps you could rephrase the question?
0
 
LVL 64

Expert Comment

by:btan
ID: 39767824
Pardon not able to share the industry...

Network infra - Consolidation of network service routing and monitoring, separating the rule from the actual routing task. Kinda of SDN scheme and exploration of network virtualisation functions but within internal DMZ for intra services transaction and external DMZ for incoming exposed e-service transaction

Application infra - Webification of appl across application delivery layer where consolidation comes in to reduce the footprint and stay green on the physical servers, as well as power consumption. Create a SOA layer to allow various client devices esp the mobile smartphone that can come from wireless or wired for those tablet/notebook remote access.

End to end encryption include network channel to and fro of the organisation application. of course not forgetting the typical security review and vulnerability mgmt on top of the patch mgmt. Ideally is to move from spread scanning to centralised (agent) based scanning with policy driven vulnerability mgmt and central push of fixes and patches esp the emergency security hotfixes.

I will not say the cloud infra is hot as the whole idea is to make sure the house is well kept before exploring the external hosted platform...
0
 
LVL 20

Author Comment

by:netcmh
ID: 39767892
Thank you, breadtan. I agree with the cloud infrastrucure comment.

Please keep the info coming. Document templates and initiative samples will also be highly appreciated.
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 
LVL 64

Expert Comment

by:btan
ID: 39767907
Thoughts this can help in charting the exploration into making the network more "intelligently" efficient...the devops csn be tough with two house of team and different culture and objective. Virtual teaming to pool expertise will be nice but we lack a chief architect :)
http://searchsdn.techtarget.com/news/2240212161/14-questions-to-ask-SDN-vendors-before-investing
0
 
LVL 64

Accepted Solution

by:
btan earned 250 total points
ID: 39767962
Not forgetting resiliency, ENISA just released a report pertaining to mitigating damages due to power outages. Some relevant outlook to chart ahead in datacenter to reduce the risk of network and service outages caused by power supply failures may include

Analyse the frequency and impact of network outages caused by power cuts. Liaise with providers to collect good practices to increase resilience against power cuts.

Perform a cost-benefit analysis to determine a suitable minimum level of resilience against power cuts. Take lessons learned from outages caused by power cuts and ensure that affected providers work systematically to develop their protection measures.

Act to establish a strategy to promote cooperation and mutual aid agreements on joint service restoration after severe power cuts. Providers should regularly perform checks of existing protection measures, to ensure that shorter and medium duration power cuts will not have any negative impact.
0
 
LVL 20

Author Comment

by:netcmh
ID: 39767995
So far:

Network virtualization using SDN or IaaS
Applications to use ADL
End to end encryption
Vuln. management
DataCenter Power resiliency

More?
0
 
LVL 20

Author Comment

by:netcmh
ID: 39768032
Some more gleaned off the interwebs :)

Uptodate asset inventory
Manage 3rd party asset vuln. mgmt.
Compartmentalize network and data
Baseline network & resolve anomalies
User access lock down
Implement Firewall configuration development life cycle
Train end users in security
Develop & implement risk management methodology
Implement admission and endpoint controls
Develop security metrics based off of business initiatives
0
 
LVL 64

Expert Comment

by:btan
ID: 39768262
Identity access management, unified single identity for users that span across platform in web and device mgmt. Also see besides the usual multi factor authentication going into attribute based or claim based  checks.

I do see more indepth anti surveillance concerns be part of ICT security monitoring nemesis.  Striking a balance of not leaking enterprise IP and not invading staff privacy.  Prevention is no more and should focus on reinforcing detection robustness and closing the number if egress and ingress points. Likewise not forgetting those out of band zones that seems secure and isolated but easily neglected to find out any bridges which tends to be from insider threats carrying those anti air gap storage card....risk based threat modelling in development also another for those R&D folks
0
 
LVL 23

Assisted Solution

by:David
David earned 125 total points
ID: 39768532
You may or may not be aware that the US DoD now requires incoming technical staff to hold a current COMP TIA Security+, and a current computer environment (CE) certifications, such as Oracle 11g OCP.  I'd be expecting that to come into the private sector as well.
0
 
LVL 40

Assisted Solution

by:noci
noci earned 125 total points
ID: 39769022
Before training users on security try to make ppl aware of security issues,
in studies ppl would/did trade their passwords etc. for candy bars.
Security is based on confidentiality & privacy so make ppl aware of those.

It's not just "firewall configuration development" cycle, its "configuration development cycle" for all kinds of equipment not just firewalls. (Firewalls are not a lot more than advanced routers, with an option to break routing rules for some packets).

Risk management should be part of your change management cycle, not a separate item.
every change induces risk changes, the risk profile may become better or worse.
And the risks might be very different During a change.... f.e. if you double up hardware to prevent SPOF's then during a change the backup might be temporary unusable and you only have a giant SPOF until the change is complete.
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

IT certifications are a concrete representation of continual learning on the part of the candidate.  Continual learning is necessary for the long term success of an IT professional, but are IT certifications the right path for you?
We asked our MSP customer base what their favorite tools were and how they help them serve clients. We focused our questions on favorite tools in the following categories: >PSA tools >RMM tools >Alert management tools >Communication tools and Mo…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question