Upload
pushpraj
View
219
Download
0
Embed Size (px)
Citation preview
7/23/2019 40g Project Charter Hoehl Khalil
1/4
SANS Technology Institute
Implementing and Automating
Critical Control 19: Secure Network Engineering
for
Next Generation Data Center Networks
SANS Joint Written ProjectProject Charter
1/7/2012
Aron Warren
George halil
!ichael "oehl
7/23/2019 40g Project Charter Hoehl Khalil
2/4
I#$le#enting an% Auto#ating Critical Control 1&' Secure Net(or) *ngineering +or Ne,t Generation -ata Center Net(or)s
Project Charter
1.0 Background
Co##unity Projects are re.uire% +or stu%ents o+ the SANS Technology Institute STI !aster o+ Science %egree$rogra# This Co##unity Project is a Joint Written Project JWP an% the assigne% to$ic is I#$le#enting an%Auto#ating Critical Control 1&' Secure Net(or) *ngineering3
An assign#ent scenario has 4een create% 4y Ste$hen Northcutt an% is $ro5i%e% 4elo('
GIAC Enterprises is a small to medium sized growing business (1,000 employees, two data centers, 200 people incentral business and IT and is t!e largest supplier o" #ortune Coo$ie sayings in t!e world% T!e CI& calls you in
"or a special tiger team pro'ect% GIAC !as recently decided to implement a 0G networ$ to implement t!e capacity
to support mobile apps t!at deli)er "ortunes% A separate team is already wor$ing on ac*uiring t!e tec!nology to
establis! monitoring so t!at is outside t!e scope o" t!is assignment% +our assignment is to design build t!e networ$"or t!e net generation networ$% T!e CI& wants t!is to be in alignment wit! t!e 20 Critical Controls, especially
control 1-% GIAC does not want to add many people to t!e wor$"orce, so solutions t!at can be automated are top
priority%
2.0 Objective
Present technical a$$roaches to i#$le#ent an% auto#ate sa+eguar%s (hich are consistent (ith control 1&' SecureNet(or) *ngineering3 o+ the SANS T(enty Critical Security Controls +or *++ecti5e Cy4er -e+ense
3.0 Requirements
The +ollo(ing are re.uire#ents +or this $roject'
Create an% $resent proect plan+or a$$ro5al Project $lan #ust %escri4e (ho is going to %o (hat $art o+
the (or)6 ho( long tas)s are e,$ecte% to ta)e an% sche%ule JWP tea# has calen%ar %ays a+ter they
recei5e the assign#ent to co#$lete $lan Con%uct researc!an% i%enti+y technical a$$roaches that auto#ate as #any o+ the sa+eguar%s as $ossi4le
+or 80G *thernet net(or)s an% 4e consistent (ith control 1& o+ the 20 critical controls
94tain feed"ack from earl# adopterso+ 80G *thernet net(or)s to learn a4out $ractical $it+alls an%
$ro#ising solutions
Author presentationgenerally it is 10 Po(erPoint content sli%es (ith Notes
Author w!ite papercontaining research an% reco##en%ations +or areas assigne% The (hite $a$er #ust
%etail the technical a$$roaches an% any a%%itional techni.ues %e5elo$e% The $a$er #ust 4e
co#$rehensi5e enough that organi:ations can use it as a re+erence to strongly lo(er their ris) 4y
incor$orating control 1&
JWP tea# has ;0 %ays to co#$lete assign#ent a+ter $roject $lan has 4een a$$ro5e%
4.0 Approach and i!estones
The tra%itional (ater+all #o%el (ill 4e use% to a%5ance through the $roject $hases $ro5i%e% 4elo(s
Project #ilestones an% target co#$letion %ates are $ro5i%e% 4elo(
Project Charter Page 2 o+ 8
7/23/2019 40g Project Charter Hoehl Khalil
3/4
I#$le#enting an% Auto#ating Critical Control 1&' Secure Net(or) *ngineering +or Ne,t Generation -ata Center Net(or)s
$ilestone %arget Date
Initiation
Present Project Plan +or A$$ro5al 1/&/2012
&esearc! and Anal#sis
In5estigate technologies 1/20/2012
I%enti+y an% inter5ie( *arly Custo#er A%o$terss
etc
1/20/2012
>esearch in+rastructure u$%ate/#aintenance/"A i#$act an% o$tions 1/20/2012
De'elop Design()uild %ec!nical Approac!es
?inali:e technical a$$roaches in sco$e +or (hite$a$er 1/21/2012
)uild *Aut!or Documents+
?irst %ra+t o+ (hite $a$er co#$lete% 1/2;/2012
,A
White $a$er +ee%4ac) +ro# S$onsor recei5e% 1/2@/2012
-roduction Implementation
?inal 5ersion o+ (hite $a$er co#$lete% 1/2&/2012
?inal 5ersion o+ $resentation co#$lete% 2//2012-roect Close
JWP a%#inistrati5e tas)s co#$lete% an% gra%ing 4egins 2/10/2012
.ecurring one !our c!ec$point meetings are sc!eduled (10/0 E3T 4ednesday in addition to wee$end
collaborations%
".0 #roject anagement #rotoco!
The $roject in+or#ation syste# is *,cel Project arti+acts (ill 4e store% in -ro$ o, Project $er+or#ance an%
$ro%uct %e$loy#ent $rogress (ill 4e re$orte% (ee)ly 5ia e#ail to s$onsor an% sta)ehol%ers >ecurring (ee)ly
chec)$oint #eetings (ill also 4e hel% (ith $roject tea# Project s$onsor an% sta)ehol%ers (ill #eet (hen there isan issue re.uiring #anage#ent attention Issues ha5ing a #aterial i#$act on $roject sco$e or $rogress (ill 4e
escalate% to the $roject s$onsor 5er4ally an% 5ia e#ail No +or#al $roject ris) #anage#ent syste# (ill 4e use%Project change control re.uests (ill 4e authori:e% 4y the $roject s$onsor 5ia e#ail No +or#al $roject change
#anage#ent syste# (ill 4e use% Planne% resources an% le5el o+ e++ort to co#$lete tas)s (ill 4e i%enti+ie% %uringinitiation $hase Actual use o+ resources an% associate% le5el o+ e++ort (ill 4e trac)e% in+or#ally (ithin the $roject
$lan No +or#al ti#e re$orting (ill 4e use%
$.0 %e& Resources
A colla4orati5e e++ort 4et(een #ulti$le IT tea#s (ill 4e re.uire% to a%5ance this $roject ey resources to a%5ancethe $roject are liste% 4elo(
>ole Na#e
S$onsor B STI Presi%ent Ste$hen NorthcuttSta)ehol%er B -ean o+ A%#issions Stu%ent Ser5ices -e44ie S5o4o%a
ey >esource B Stu%ent Aron Warren
ey >esource B Stu%ent George halil
ey >esource B Stu%ent !ichael "oehl
ey >esource B *arly A%o$ter o+ 80G Net(or) T-
ey >esource B =en%or o+ 80G Net(or) Technology Grace Ng
Project !anager Aron Warren
Project Charter Page ; o+ 8
7/23/2019 40g Project Charter Hoehl Khalil
4/4
I#$le#enting an% Auto#ating Critical Control 1&' Secure Net(or) *ngineering +or Ne,t Generation -ata Center Net(or)s
'.0 Risks and Assumptions
80G net(or)3 re+ers to 80 Giga4it $er secon% s$ee% *thernet net(or)s inten%e% +or #o%ern %ata centers
>e#aining critical security controls can 4e re+erence% in (hite $a$er6 4ut no ela4oration is re.uire%
Actual co##ercial 5en%or $ro%ucts are to 4e $art o+ research an% inclu%e% in technical %iscussion
>?D +or syste# integrator consultant or consulting +ir# is not in sco$e Secure Net(or) *ngineering inclu%es integration o+ security controls necessary to sustain in+rastructure
Co##on 4usiness $rocesses eg6 ">6 ?inance6 Procure#ent6 etc are not in sco$e The $ri#ary +ocus is
to $ro5i%e technical gui%ance associate% (ith an in+rastructure that ser5ices #o4ile a$$lications o5er theInternet
Technical a$$roaches are to inclu%e integration (ith' !anage% Security Ser5ices Pro5i%ers6 2
connections6 an%s tra%itional in+rastructure ser5ices eg6 ta$e 4ac)Eu$6 -NS6 $atching6 con+iguration#anage#ent6 etc
The state#ent' GIAC %oes not (ant to a%% #any $eo$le to the (or)+orce6 so solutions that can 4e
auto#ate% are to$ $riority36 is to 4e inter$rete% as inclu%ing technology6 outsourcing o+ recurring
o$erations %uties eg6 !SSP an% centrali:e% #anage#ent o+ in+rastructure eg6 $atching6 con+iguration#anage#ent6 I-S signature u$%ates6 etc
*,ternal $artnershi$s3 inclu%e custo#ers o+ 80G technology or ser5ice $ro5i%ers that ha5e recentlyincor$orate% 80G technology
*Eco##erce is in sco$e as GIAC *nter$rises (ill nee% to acce$t $ay#ent +ro# a 5ariety o+ custo#ers eg6
+oo% #anu+acturers6 (holesalers6 etc
*E+ortune coo)ie ser5ice is a5aila4le to retail custo#ers to ha5e a +ortune sent to their s#art$hone %aily
InterEsite -ata Center co##unication is out o+ sco$e
-isaster >eco5ery is out o+ sco$e
-elay in res$onse to stu%ent .uestions/concerns
Fn$lanne% a4sence %ue to e#$loyer or +a#ily o4ligations
(.0 )ocument Revision *istor&
Document Name .ersion Date Aut!or
->A?T E 80G Project Charter 501%oc ?or#atting 1/@/2012 !ichael "oehl
->A?T E 80G Project Charter 502%oc -ra+t 002 1/7/2012 !ichael "oehl
->A?T E 80G Project Charter 50;%oc -ra+t 00; 1/7/2012 !ichael "oehl
->A?T E 80G Project Charter 508%oc -ra+t 008 1/7/2012 Aron Warren
>ena#e% to ?INA E 80G Project Charter 5 10%oc ?inal 10 1/7/2012 Aron Warren
Project Charter Page 8 o+ 8