Understanding a customer's core business strategy and objectives helps establish the type of network infrastructure that needs to be developed. For example, if the business strategy provides an open, user-friendly environment, then the network infrastructure and architecture needs to be developed in a way that allows the external customer to access information in an interactive manner.
While it could be argued that network management system (NMS) tools are a nice-to-have for small and simple infrastructures, the more complex the environment, the more necessary these tools become. There are core aspects for NMS tools that make them invaluable, such as immediate notification of system problems via automated alerts that are established via threshold settings. The heart of network management consists of the following fundamentals: performance management, configuration management, security management, fault management and asset management. Each of these fundamental areas addresses specific elements ranging from identification of new devices added to the network via auto-discovery, topological mapping of the network infrastructure linked to the auto-discovery capabilities, fault isolation and grouping for advanced troubleshooting, through to network analysis for real-time performance metrics and asset inventory and management.
It is vital to understand business requirements in order to correctly shape the network infrastructure design decisions. For example, the owners and IT management team need to clearly define and document their business requirements, including how they intend to deliver their services or products to the customers, as well as how they intend to do business with their suppliers and vendors. This helps determine if the environment will be designed to allow a vendor access to back-end systems for inventory management and replacement orders to accommodate just-in-time (JIT) deliveries.
Understanding the customer's available resources to manage and maintain the infrastructure aids in determining if the environment will be self-managed or outsourced.
During a compliance audit, you will be asked to provide evidence of centralized logging and monitoring, length of log storage (i.e. 1 year), evidence of event and monitoring actions (tickets, mitigation steps performed), etc. Netgroup as your co-managed partner will provide screenshots, SIEM reports, sample alert tickets, and other supporting evidence for your audit. We are always willing and able to join a call or meeting in progress with your compliance team.
Long term storage is determined during your contract negotiation; each company has different compliance needs. Typically, log storage is 365 days (cold storage). For incidents where data needs to be retrieved (outside of the 10-day active index), you would work with a SOC Analyst determining the time range, user or machine affected, and type of log source, and we will repopulate the SIEM events in collaboration with our SIEM vendor. Log storage is based in the SIEM vendor’s private cloud (S3 buckets) and protected by various means such as RBAC, encryption, and by using a vendor with a SOC II attestation.
Security is about having multiple-layers and a firewall provides a critical layer, but it is only one of many areas that you need to consider. Netgroup Technologies can show you the gaps you may have in your security, where your security baseline is today and create a comprehensive security program to get your business at the optimal level of security and cost. A firewall is a great start, now let’s take security further to enable your business.
Simply put, we take Cyber Security from an business ENABLEMENT point of view, not a lock down and prevent angle. We start with Business drivers and processes, and map your security strategy to your business needs, not the other way around. Other MSSPs simply take a technology approach, selling you software and hardware that just adds complexity instead of enabling you do to business more effectively. We want you to make more money, save money and reduce risks. We know business and security, the ultimate combination.