Lancope recently put on a webinar that they have posted to YouTube that they have entitled “The Library of Sparta.” This was a great webinar as they talk about the military concept of terrain analysis, where we should constantly think about our threat landscape and what we can do to change that “terrain” to our advantage in this fight against hackers.
Open Compute Project
StandardWhile reading an article from Wired, where they were interviewing Facebook and their development of their new open source switches running on smaller, simpler hardware, I came across a project that I found rather interesting. It’s called the Open Compute Project. Their main mission is to create a forum where innovation and collaboration can occur between different organizations across the world to increase the performance, scalability, and ease of deployment for multiple system types across the IT estate.
Historically, from my perspective as I’ve gone through IT, the method of deployment is too cumbersome. There are too many groups involved that have different request processes and too many dependencies where resources can become tied up in trying to deploy systems and services. On top of that with many of the different platforms out there, many of them require specific training and are cumbersome to configure and understand. Also the adding costs of infrastructure is reducing the ability of IT departments to scale at the rate they need. Seeing the types of equipment that members of the OCP are developing, such as Facebook, Google, and Amazon, is encouraging. They are developing simple platforms that allow for high bandwidth and the ability for tools that currently manage server infrastructure to also manage the networking infrastructure. Many tools are out there to manage large scale deployments of Linux servers as well as automate changes from templates that are created by each respective IT departments. This is definitely something of interest for many companies, as the time to deployment right now is too long and too costly. Granted, with a well managed virtual machine environment and a network that is designed properly from the ground up you can get around the time consumption, but it is all still very costly from a budgeting perspective. If you are more interesting in reading about what they have done, I’ve included links below.
Facebook Now Runs on Networking Gear Designed by Its Own Engineers
Facebook’s New Data Center Is Bad News for Cisco
Going With the Flow: Google’s Secret Switch to the Next Wave of Networking
Open Compute Project
CCNP Passed
StandardI finalized my CCNP studies a few weeks ago by finishing the ROUTE exam. It was a lot of long nights studying in the lab, going through scenarios to get the command structure in my head and observe the behavior of routing protocols, but it was well worth it! I’m currently set to take my ARCH exam for the CCDP at the end of March. This has been a great experience so far learning how networks function and how to build out a resilient, efficient network from the bottom up. If you haven’t started, you should definitely start now!
Cisco Certified Network Professional – CCNP
StandardFor the past year (sadly), I’ve been working on getting my CCNP. I started this road when I arrived at my first networking role. I was a Network Operations Center (NOC) analyst for a US based company at the time. I had no idea what Cisco was or even what subnetting was for, but I did have a desire to learn. I started by going to a Cisco Learning Center at Collin County Community College here in the Dallas-Ft. Worth Metroplex. I learned so much about networking and as I went along, the more I loved IT in general. I finally achieved my CCNA in July of 2007, a year and a half after I started my role, and a full year after I started my CCNA training.
Now I have passed both my SWITCH and TSHOOT exams, with just the ROUTE exam left to go. I’m studying heavily on EIGRP, OSPF, BGP, IPv6, Redistribution and Path Selection in preparation for this exam which I have in December. I kept slacking on my ROUTE exam preparation because I had quite a few things going on in my life ranging from new responsibilities I was having to take on at church to my new role as a network engineer. With my studies I have gained a few insights about why I feel the entire Cisco certification program is such a strong certification to hold for anyone in the IT industry.
Cisco knows networking thoroughly. They don’t just sell a product, they love their product. They love their profession and what it stands for. Tomorrow starts here is not just their company slogan, it is what drives them to innovation. Cisco has provided so much innovation in the field of networking that they have truly revolutionized what networking is from the days of thicknet to today which is the age of wireless and the Internet of Everything.
Since Cisco loves what networking is all about, they throughly understand it. That is great for people like us who are trying to learn networking and expand our horizons. They teach you the principles of networking before they teach you the product and how to configure it. I’ve been through many other certification exams for other products and they entirely focus on their product and nothing more. Ranging from Check Point to Juniper, they don’t truly teach you the principles behind networking or security to help you understand why their product is necessary.
CCNA and CCNP are always in the top IT certifications both from a market need perspective, to a paying perspective. That is yet another reason why you should at least get a CCNA, no matter what you do in IT.
I’ve attached some references for you to look at, which may also lead you to think about what other certifications you might want to get. I know I have my list which I want to get here in the next year.
15 Top-Paying Certification for 2014
What Is the Value of a Cisco Certified Employee
Introduction to Docker
VideoGreat video from dotcloud that covers the concept of Docker
Docker and it’s Engine
StandardI’ve been reading up on the recent developments between Docker and the clouding world and this is an interesting concept. In fact, I do find it interesting that we can’t seem to provide a simple system for implementing basic OS images in VM environments so that we can implement applications on a whim. Also each VM takes up more disk space which is the most costly of all IT resources.
So far, from what I’ve read, Docker is basically a type of Hypervisor, but instead of providing separation for multiple OS environments, it allows for separation of multiple applications, with the Docker Engine being the base OS for all the applications. All of your necessary binaries, libraries, and applications are bundled into a Docker and can be replicated, moved or managed individually.
Google’s Kubernetes helps you manage that environment, but I’ve yet to grasp exactly what it’s purpose is yet. I’ll keep you all posted as I read more. Hopefully in the coming weeks I’ll have a good grasp on how Kubernetes and Docker interact and how we can utilize this to increase the flexibility of IT, while still maintaining the security around the applications and data involved.
Google Kubernetes and Docker
StandardI’ve recently seen that Google has released it’s cloud computing platform in an open-source option called Kubernetes. Also as part of that they are embracing the application packaging technology, Docker. This definitely shows a lot of promise for companies that wish to run their own cloud in their data centers so that they can utilize the processing power available across all of their servers. I’m going to be reading up on this and how you can utilize this with industry audit standards like PCI and HIPAA. I’m also curious how storage access is accomplished with this.
A New Purpose
StandardI’ve recently become interested in overall network design as well as the security built into that design. I’m almost done with my CCNP certification and after that I plan to chase down the CCDP and my CISSP. I also am planning on finishing my bachelors that I started back in 2001. So this blog will encompass many things that I am studying or learning about as part of my studies. Thanks for reading and I hope you guys enjoy!
Redesigning IT Security
StandardAs a member of a global security organization that was global only by name, I’ve seen the extreme downside to having a patchwork and dysfunctional security across all of the IT infrastructure. It takes forever to find problems and breaches, figure out what actually occurred, and then patching the holes and recovering from the issue. I’ve been reading through a few documents recently that cover alot of ideas around IT security historically and where it should be going.
Currently, security is always an after thought. It goes that way with anything in life for most people. They go down the road not planning for an emergency until it’s happened. Now how do you fix it? With the proliferation of cloud technologies such as Dropbox and Evernote (both of which I use personally) and the state of BYOD in the corporate world, there are many holes and opportunities for data loss and reputational damage from breaches. We’ve also got the external threats of phishing, social engineering, hacktivism, and nation-state attacks to worry about and protect ourselves from, yet stay within a sustainable budget so that we can continue being profitable as a company. To do this you have to start from the ground up planning your security. That way you can easily mitigate security risks by properly implementing applications and services within the IT infrastructure. Also, by planning in advance, you can properly design a network and server architecture that utilizes high density and cost effective solutions yet still provide the same level of security. There have been multiple times that I’ve been on a project and due to poor planning we’re being forced to basically setup an entirely new leg of the network populated with servers, SAN, the whole gambit. That creates complexity which increases implementation time, troubleshooting, and training/onboarding of new personnel.
So how should you begin planning your IT security framework? You first need to start with understanding yourself. What is your business about? What compliance and regulation do you need to be thinking of (HIPAA, PCI-DSS etc…)
Once you understand the business, you then need to work on your data classifications. Keeping the number of classifications low will help with the complexity side of things. Three to four is a good number. It could be Public, Internal, Restricted, or maybe Public, Internal, Confidential, Restricted. Whatever you choose and think is best for your organization.
Now that you have a good understanding of your business and data classifications, you now need to work on an understanding of your applications. How do they function with each other and what classification of data do they hold? Getting a firm grip on your applications interactions and functionality will help you in designing a network strategy that will scale well over time as well as include a server and SAN strategy that also scales. It will also help you understand what security gaps there might be that you can use compensating controls and technologies to cover.
Now its down to the designing of your IT infrastructure. Placing external facing applications away from internal facing applications is a great way to help limit unnecessary exposure to external risks. Making sure you are using your firewall and IPS technology effectively in proper network bottle necks will help you keep those costs down as well as simplify the infrastructure. Design your network to be modular. Make it where you can add modules to a central core routing infrastructure so that it scales well. Add strong authentication to all externally facing applications. Make sure that you are doing vulnerability and penetration testing on your environment and utilizing that data to update your IPS policies and patching strategies. Create a simple and efficient SEIM technology so that you can gather logs from critical parts of the infrastructure. Don’t just place SEIM infrastructure everywhere and pull logs into it from everything. You need to make sure that you have SEIM coverage allocated to a specific data classification. That goes for firewalls, IPS, WAF, etc… You need to create a security matrix which gives you the required security controls to consider for each data classification. Not all might be needed but it at least gives you a check list to go through when designing new modules in the network. Also making sure that your endpoint security is simple will help your personnel learn it quicker and actually utilize it, instead of trying to bypass it. My last manager taught me alot about make sure the users have a good experience with the security we put in place. If your own user base is trying to undermine your security posture by bypassing it, then you open yourself for greater risk.
And finally you need to make sure that the process is in place to effectively manage your environment. From HR policies for adding/modifying and removing users, to adding, modifying and decommissioning applications and services in your environment. This allows you to close up infrastructure and save costs and decrease complexity in your infrastructure.
Below is the document I liked the most. HP covered alot of the facets of IT security design and they covered it extremely well and concisely.
Rethinking your enterprise security – Critical priorities to consider – by HP
Welcome to IT Security Redesigned
StandardHello, and welcome! I would like to personally thank you for visiting IT Security Redesigned.  This will be a blog regarding IT security ideas and concepts where we can discuss and improve our ideas of IT security in the various industries around the world.
I would like to start off discussing a little bit about myself and my background. Â I have been working in the field of IT since I was in middle school. Â I had my first class in programming when I was in 6th grade and I’ve been an avid IT junky since then. Â I started with doing programming and web development and then branched out to server management and finally ended up going to a network role in my first corporate job. Â During my time as a network operations specialist I was granted the opportunity to see multiple facets of IT and how corporations functioned. Â I then got my first chance in IT security with a firewall internship at the company for which I work. Â Ever since then I’ve enjoyed learning about security design from authentication and server security to network security.
I currently do not have any accolades in security except for my CCNA Security and my experience in the field. Â But I hope that through my blogs and through study, this will all change. Â Let’s learn together through discussion and team work!