Tag: OS – Patch Management

Sample – CDP Network Management Standard

CDP Network Management Standard Overview CDP is used to discover the neighbor networking devices. CDP mostly works with Cisco hardware only, but some other vendors have implemented this as well. CDP is critical in network discoveries and it needs to be enabled on the all the devices. CDP is a layer two protocol only so… Continue reading Sample – CDP Network Management Standard

Overview of – Secure Socket Layer (V 3.0)

The major Security objectives over non-secure networks, as it is the case today with TCP/IP networks such as the Internet, can be expressed as: authentication data integrity data confidentiality non-repudiation SSL is the single most effective method of executing secure communications over the public Internet. The SSL specification, developed by Netscape, specifies a protocol for… Continue reading Overview of – Secure Socket Layer (V 3.0)

Hardware Vendor Server Selection Considerations

Priority Standard Criteria 1 Warranty Support (response time) 2 Price 3 Availability of pre-sales engineers 4 Knowledgeable Vendor sales force 5 Online ordering 6 A National Vendor Sales team.  Preferably the same people for as long as possible.  To provide a consistent point of contact. 7 Standard Configurations for ordering. 8 Online reporting and tracking… Continue reading Hardware Vendor Server Selection Considerations

Sample – IT Integration Framework

Integration Framework The Integration Framework consists of five different layers that provide a distinct set of services as given below: Vendor Connectivity Framework – Provides a consistent abstraction to expose Corporate Business Services.  Functional specifications include: Service Directory – List of all the business services. Service Locator – Provides an abstraction that searches for services… Continue reading Sample – IT Integration Framework

Sample – Software Architecture Document

Introduction The Integration Framework is one part of this strategy.  The aim is the rationalization of the current technology portfolio of middle tier and back end business services using a single, non-proprietary, infrastructure-based solution. This will allow Corporate to support a multi-vendor, channel agnostic approach to the development and delivery of business functionality and support… Continue reading Sample – Software Architecture Document

Sample eHealth / Spectrum – Network Device Monitoring Considerations

Overview: Devices send traps the SDC – Secure Domain Connector  Central trap locations for all devices:  Primary Trap Director          Host-Name: IP Address: Location:  Failover Trap Director   Datacenter Network Devices:  eHealth eHealth Primary snmp-server “Host-Name” snmp-server “community”  Datacenter Network Devices: Host-Name: IP Address: Location:  eHealth eHealth Backup snmp-server “Host-Name” snmp-server “community” Variety of mechanisms monitor enterprise… Continue reading Sample eHealth / Spectrum – Network Device Monitoring Considerations

IT Controls who needs it ?

Supplies a common language for IT activities and key management practices To avoid misunderstandings, to have efficient communications and enable success Provide a business focus and supports governance expectations Executive alignment to business units and IT engagements Is consistent with general accepted IT good practices and corporate governance and standards To provide evidence and acceptance… Continue reading IT Controls who needs it ?

Bluecoat – Regular Expressions

3 Roles Bypass NTLM Dst – Do not Authenticate Force Authentication Regular express ( .*. (FE1 | FE2 | FE3 |…)$ Use splash screen Citrix bypass Proxy if going to Citrix farm / ssl The rules are in layers and can optionally be organized in one or more sections. This is a way of grouping… Continue reading Bluecoat – Regular Expressions

Bluecoat – Using Rule Order to Define Exceptions

When the policy rules within a layer are evaluated, remember that evaluation is from the top down, but the first rule that matches will end further evaluation of that layer. Therefore, the most specific conditions, or exceptions, should be defined first. Within a layer, use the sequence of most-specific to most-general policy. Filter File Structure… Continue reading Bluecoat – Using Rule Order to Define Exceptions

Sample Visio – VMWare Virtualization Architecture

VMWare Server Runs on any x86 server hardware and OS Windows Server and Linux Host OS’s Partition a physical server into multiple virtual server machines Target market – IT centers providing multiple services Allows separate virtual servers to be separately configured for separate IT applications Provisioning Portability, replication, etc. VMware Server ESX Total decoupling between… Continue reading Sample Visio – VMWare Virtualization Architecture

An effective Patch Management Reporting Tool can and should

Gernic Policy: All patches and updates to software installed on computer systems are reviewed and scheduled to be installed based on applicability and severity. In the unlikely event of a breach of security, audit trails are stored for one year and are reviewed by the IT department. Report details on such things as: Servers and… Continue reading An effective Patch Management Reporting Tool can and should

High Level Network Assessment Considerations

Among the many functions to consider the 11 primary functions should be: 1)    Network Discovery of active hosts 2)    Discovery of Domains, Workgroups and Active Directory members including member servers and workstations 3)    Discovery of System, File and Security Identifications (ACLs) 4)    Enumeration of Registry Hives / keys 5)    Discovery of System services 6)    Event… Continue reading High Level Network Assessment Considerations

What is Digital Risk?

The exposure loss or damage from reliance upon technology necessary to achieve business goals. There are clear trends The Worst 1% of the defects = 50% of the failures! The Worst 20% of the defects =  80% of the failures IT services interruptions are consistent across all customers & machines, and are consistent across almost… Continue reading What is Digital Risk?

Sample – IT Service Delivery Lines of Business

Sample Service matrix. Service Category Service Owner(s) Networking Services Network Firewall Services Network Telecommunications Services TeleComm Network Operations Services (NOS) Operations Security Operations Services (SOS) Security Operations Data Center – Production Support Operations Data Center – Server/Database Hosting Operations Server Administration Services Mid-Tier Database Services Database IT Client Services Mid-Tier Application Hosting Application – Operations… Continue reading Sample – IT Service Delivery Lines of Business