Classic Note Entries

Network Admin Notes

Software Defined Networking (SDN) and Network Function Virtulization

These are the future but it's going to take programming http://www.sdncentral.com/technology/nfv-and-sdn-whats-the-difference/2013/03/
http://www.tid.es/es/Documents/NFV_White_PaperV2.pdf
The following is required experience and knowledge:

  • Professional certification (Certified Information Systems Security Professional CISSP, Global Information Assurance CertificationGIAC, etc.);
  • Experience with developing security practices as a people problem as well as a technical problem;
  • Broad knowledge of information security issues, requirements, and trends, including compliance requirements related to FERPA, HIPPA, PCI and other information-security-related laws and regulations;
  • Knowledge of contemporary hardware, software, and network architectures and how security policy can best be implemented within these architectures;
  • Knowledge of forensic techniques for investigating incidents, determining root causes, and extent of total exposure;
  • Knowledge of authentication, authorization and encryption technologies;
  • Ability to work well on collaborative, cross-functional teams that include both technical and non- technical members;

Take Two

  • Expertise with physical network technology such as fiber-optic and copper
  • Expertise with Cisco switches and routers, including installation and configuration, IOS and Cat/OS, the Nexus 7000 series, and Cisco 6500/4500 series service modules
  • Expert knowledge Aruba Wireless network technology is desired
  • Experience with TCP/IP technologies and protocols including IPV6 desired
  • Experience networking Virtual Machines ESX desirable
  • Familiarity with other products, including firewalls, IDS appliances, and network design and analysis tools
  • Spanning Tree, VLANs, and routing protocols such as EIGRP, OSPF and BGP
  • Experience designing and implementing a network QoS infrastructure
  • Knowledge of network authentication and identity frameworks and protocols, 802.1x, RADIUS, and Kerberos
  • Familiarity of TCPdump, SNMP, Sniffer, MRTG, Open NMS, CiscoWorks, RMON, AirWave and other network monitoring and management technologies
  • Familiarity with network security as it relates to the network infrastructure, routers and switches, and wireless technology
  • Familiarity with VoIP systems and their operation at a network infrastructure level.
  • Familiarity with block-structured programming, shell scripting and basic CGI scripting.

List of issues

  • Securing remote access
  • Keeping virus definitions and AV software up to date
  • Patching systems
  • Monitoring intrusions
  • Securing file transfers
  • Network use monitoring
  • User policy awareness and training
  • Password management and administrative access
  • User training
  • Monitoring of system logs
  • Finding and replacing nonsecure Internet protocols

Problems

For example, to add or move any device, IT must touch multiple switches, routers, firewalls, Web authentication portals, etc. and update ACLs, VLANs, quality of services (QoS), and other protocol-based mechanisms using device-level management tools. In addition, network topology, vendor switch model, and software version all must be taken into account. Due to this complexity, today's networks are relatively static as IT seeks to minimize the risk of service disruption.