Solved

2014 initiatives

Posted on 2014-01-08
10
235 Views
Last Modified: 2014-01-23
With the new year underway, what are some of your infrastructure initiatives in terms of security, consolidation, reorganization, documentation etc. for 2014 and the years to come? I would love to assess the commonalities across the various industries.

I would, not only, like to know the initiatives, but also the steps/methods you are taking/plan on taking in hopes of acheiving these targets.

Thanks.
0
Comment
Question by:netcmh
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 23

Expert Comment

by:David
ID: 39767751
Regrets, to my employer this constitutes phishing.  Perhaps you could rephrase the question?
0
 
LVL 63

Expert Comment

by:btan
ID: 39767824
Pardon not able to share the industry...

Network infra - Consolidation of network service routing and monitoring, separating the rule from the actual routing task. Kinda of SDN scheme and exploration of network virtualisation functions but within internal DMZ for intra services transaction and external DMZ for incoming exposed e-service transaction

Application infra - Webification of appl across application delivery layer where consolidation comes in to reduce the footprint and stay green on the physical servers, as well as power consumption. Create a SOA layer to allow various client devices esp the mobile smartphone that can come from wireless or wired for those tablet/notebook remote access.

End to end encryption include network channel to and fro of the organisation application. of course not forgetting the typical security review and vulnerability mgmt on top of the patch mgmt. Ideally is to move from spread scanning to centralised (agent) based scanning with policy driven vulnerability mgmt and central push of fixes and patches esp the emergency security hotfixes.

I will not say the cloud infra is hot as the whole idea is to make sure the house is well kept before exploring the external hosted platform...
0
 
LVL 20

Author Comment

by:netcmh
ID: 39767892
Thank you, breadtan. I agree with the cloud infrastrucure comment.

Please keep the info coming. Document templates and initiative samples will also be highly appreciated.
0
Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

 
LVL 63

Expert Comment

by:btan
ID: 39767907
Thoughts this can help in charting the exploration into making the network more "intelligently" efficient...the devops csn be tough with two house of team and different culture and objective. Virtual teaming to pool expertise will be nice but we lack a chief architect :)
http://searchsdn.techtarget.com/news/2240212161/14-questions-to-ask-SDN-vendors-before-investing
0
 
LVL 63

Accepted Solution

by:
btan earned 250 total points
ID: 39767962
Not forgetting resiliency, ENISA just released a report pertaining to mitigating damages due to power outages. Some relevant outlook to chart ahead in datacenter to reduce the risk of network and service outages caused by power supply failures may include

Analyse the frequency and impact of network outages caused by power cuts. Liaise with providers to collect good practices to increase resilience against power cuts.

Perform a cost-benefit analysis to determine a suitable minimum level of resilience against power cuts. Take lessons learned from outages caused by power cuts and ensure that affected providers work systematically to develop their protection measures.

Act to establish a strategy to promote cooperation and mutual aid agreements on joint service restoration after severe power cuts. Providers should regularly perform checks of existing protection measures, to ensure that shorter and medium duration power cuts will not have any negative impact.
0
 
LVL 20

Author Comment

by:netcmh
ID: 39767995
So far:

Network virtualization using SDN or IaaS
Applications to use ADL
End to end encryption
Vuln. management
DataCenter Power resiliency

More?
0
 
LVL 20

Author Comment

by:netcmh
ID: 39768032
Some more gleaned off the interwebs :)

Uptodate asset inventory
Manage 3rd party asset vuln. mgmt.
Compartmentalize network and data
Baseline network & resolve anomalies
User access lock down
Implement Firewall configuration development life cycle
Train end users in security
Develop & implement risk management methodology
Implement admission and endpoint controls
Develop security metrics based off of business initiatives
0
 
LVL 63

Expert Comment

by:btan
ID: 39768262
Identity access management, unified single identity for users that span across platform in web and device mgmt. Also see besides the usual multi factor authentication going into attribute based or claim based  checks.

I do see more indepth anti surveillance concerns be part of ICT security monitoring nemesis.  Striking a balance of not leaking enterprise IP and not invading staff privacy.  Prevention is no more and should focus on reinforcing detection robustness and closing the number if egress and ingress points. Likewise not forgetting those out of band zones that seems secure and isolated but easily neglected to find out any bridges which tends to be from insider threats carrying those anti air gap storage card....risk based threat modelling in development also another for those R&D folks
0
 
LVL 23

Assisted Solution

by:David
David earned 125 total points
ID: 39768532
You may or may not be aware that the US DoD now requires incoming technical staff to hold a current COMP TIA Security+, and a current computer environment (CE) certifications, such as Oracle 11g OCP.  I'd be expecting that to come into the private sector as well.
0
 
LVL 40

Assisted Solution

by:noci
noci earned 125 total points
ID: 39769022
Before training users on security try to make ppl aware of security issues,
in studies ppl would/did trade their passwords etc. for candy bars.
Security is based on confidentiality & privacy so make ppl aware of those.

It's not just "firewall configuration development" cycle, its "configuration development cycle" for all kinds of equipment not just firewalls. (Firewalls are not a lot more than advanced routers, with an option to break routing rules for some packets).

Risk management should be part of your change management cycle, not a separate item.
every change induces risk changes, the risk profile may become better or worse.
And the risks might be very different During a change.... f.e. if you double up hardware to prevent SPOF's then during a change the backup might be temporary unusable and you only have a giant SPOF until the change is complete.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Both MMF (multi-mode fiber) and SMF (single-mode fiber) are types of optical fiber that can aid in communication applications. These thin strands of silica or glass will allow communication to occur between devices. The transmission of light between…
One of the most frustrating experiences a help desk technician will ever encounter is when a customer comes to them with a solution of their own invention and expects the tech to implement it. This often happens when people with a little bit of tech…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question