-
Prevention
- Upgrade before response time becomes unacceptable
- Block ‘bad’ packets before they can do harm
- Disseminate good policies
-
Detection
- Identifying attacks
- Identifying unacceptable response times
- Identify policy violations
-
Response (Correction and/or disciplinary actions)
- Isolating and Fixing problems
- Public Relations Management
- Minimize Legal Ramifications
-
Policies
Define what is to be protected
-
Procedures
Define how to protect assets
-
Training
- Employees must know appropriate policies and
- procedures
- Customers must have ready access to appropriate policies and procedures
-
Procedures
- Policies only define "what" is to be protected.
- Procedures define "how" to protect resources and are the mechanisms to enforce policy.
-
Acceptable Use Policies
- Defines for users what is allowable use of the network and what is not
- Some will be required by law
-
Response Policy
- Defines levels of catastrophes and appropriate responses
- Backups and network documentation
-
Network Management
the activities,methods, procedures, and tools that pertain to the operation, administration, maintenance, and provisioning of networked systems.
-
Operation
- deals with keeping the network up and running smoothly.
- monitoring the network to spot problems
-
Administration
keeping track of resources in the network and how they are assigned.
-
Maintenance
- performing repairs and upgrades
- preventive proactive measures such as adjusting device parameters as needed
-
Provisioning
with configuring resources in the network to support a given service
-
Cost
- The ultimate goal is to reduce and minimize the total
- cost of ownership (TCO) that is associated
- with the network.
-
total cost of ownership (TCO)
consists essentially of the equipment cost, as well as the cost to operate the network.
-
network management tools
can help increase operational efficiency and lower cost:
-
Quality
- includes properties such as the bandwidth that is effectively available, or the delay in the network, which, in turn, is a factor in the responsiveness a user experiences when using services over a network.
- reliability and the availability of a communications service.
-
Systems for the end-to-end provisioning
service automate many of the steps that need to be performed to configure the devices in the network properly
-
Performance trend analysis
detect potential network bottlenecks and take preventive maintenance action before problems occur
-
Alarm correlation capabilities
- enable faster identification of the root cause of observed
- failures when they occur, minimizing the time of actual outages.
-
opportunity cost
the cost if quality is not met
-
revenue enabler
- The capability to turn up a service quickly translates into
- quicker time to revenue generation.
-
Moore’s Law
- As hardware power doubles, network size and complexity are likely to more than double, making Moore's law of doubling CPU price/performance every 18 to 24 months possibly work against network
- management applications, not for them.
-
Scale Issues
is taken account at every stage of design
-
a Value on Network Management
- no more than a certain fraction of a networking investment should go into network management;
- 10-to-1 ratio 90% equipment and 10% operation
-
SANS Policy Primer
- Policies define appropriate behavior.
- Policies set the stage in terms of what tools andprocedures are needed.
|
|