40g Project Charter Hoehl Khalil

7/23/2019 40g Project Charter Hoehl Khalil

1/4

SANS Technology Institute

Implementing and Automating

Critical Control 19: Secure Network Engineering

for

Next Generation Data Center Networks

SANS Joint Written ProjectProject Charter

1/7/2012

Aron Warren

George halil

!ichael "oehl


2/4

I#$le#enting an% Auto#ating Critical Control 1&' Secure Net(or) *ngineering +or Ne,t Generation -ata Center Net(or)s

Project Charter

1.0 Background

Co##unity Projects are re.uire% +or stu%ents o+ the SANS Technology Institute STI !aster o+ Science %egree$rogra# This Co##unity Project is a Joint Written Project JWP an% the assigne% to$ic is I#$le#enting an%Auto#ating Critical Control 1&' Secure Net(or) *ngineering3

An assign#ent scenario has 4een create% 4y Ste$hen Northcutt an% is $ro5i%e% 4elo('

GIAC Enterprises is a small to medium sized growing business (1,000 employees, two data centers, 200 people incentral business and IT and is t!e largest supplier o" #ortune Coo$ie sayings in t!e world% T!e CI& calls you in

"or a special tiger team pro'ect% GIAC !as recently decided to implement a 0G networ$ to implement t!e capacity

to support mobile apps t!at deli)er "ortunes% A separate team is already wor$ing on ac*uiring t!e tec!nology to

establis! monitoring so t!at is outside t!e scope o" t!is assignment% +our assignment is to design build t!e networ$"or t!e net generation networ$% T!e CI& wants t!is to be in alignment wit! t!e 20 Critical Controls, especially

control 1-% GIAC does not want to add many people to t!e wor$"orce, so solutions t!at can be automated are top

priority%

2.0 Objective

Present technical a$$roaches to i#$le#ent an% auto#ate sa+eguar%s (hich are consistent (ith control 1&' SecureNet(or) *ngineering3 o+ the SANS T(enty Critical Security Controls +or *++ecti5e Cy4er -e+ense

3.0 Requirements

The +ollo(ing are re.uire#ents +or this $roject'

Create an% $resent proect plan+or a$$ro5al Project $lan #ust %escri4e (ho is going to %o (hat $art o+

the (or)6 ho( long tas)s are e,$ecte% to ta)e an% sche%ule JWP tea# has calen%ar %ays a+ter they

recei5e the assign#ent to co#$lete $lan Con%uct researc!an% i%enti+y technical a$$roaches that auto#ate as #any o+ the sa+eguar%s as $ossi4le

+or 80G *thernet net(or)s an% 4e consistent (ith control 1& o+ the 20 critical controls

94tain feed"ack from earl# adopterso+ 80G *thernet net(or)s to learn a4out $ractical $it+alls an%

$ro#ising solutions

Author presentationgenerally it is 10 Po(erPoint content sli%es (ith Notes

Author w!ite papercontaining research an% reco##en%ations +or areas assigne% The (hite $a$er #ust

%etail the technical a$$roaches an% any a%%itional techni.ues %e5elo$e% The $a$er #ust 4e

co#$rehensi5e enough that organi:ations can use it as a re+erence to strongly lo(er their ris) 4y

incor$orating control 1&

JWP tea# has ;0 %ays to co#$lete assign#ent a+ter $roject $lan has 4een a$$ro5e%

4.0 Approach and i!estones

The tra%itional (ater+all #o%el (ill 4e use% to a%5ance through the $roject $hases $ro5i%e% 4elo(s

Project #ilestones an% target co#$letion %ates are $ro5i%e% 4elo(

Project Charter Page 2 o+ 8


3/4


$ilestone %arget Date

Initiation

Present Project Plan +or A$$ro5al 1/&/2012

&esearc! and Anal#sis

In5estigate technologies 1/20/2012

I%enti+y an% inter5ie( *arly Custo#er A%o$terss

etc

1/20/2012

>esearch in+rastructure u$%ate/#aintenance/"A i#$act an% o$tions 1/20/2012

De'elop Design()uild %ec!nical Approac!es

?inali:e technical a$$roaches in sco$e +or (hite$a$er 1/21/2012

)uild *Aut!or Documents+

?irst %ra+t o+ (hite $a$er co#$lete% 1/2;/2012

,A

White $a$er +ee%4ac) +ro# S$onsor recei5e% 1/2@/2012

-roduction Implementation

?inal 5ersion o+ (hite $a$er co#$lete% 1/2&/2012

?inal 5ersion o+ $resentation co#$lete% 2//2012-roect Close

JWP a%#inistrati5e tas)s co#$lete% an% gra%ing 4egins 2/10/2012

.ecurring one !our c!ec$point meetings are sc!eduled (10/0 E3T 4ednesday in addition to wee$end

collaborations%

".0 #roject anagement #rotoco!

The $roject in+or#ation syste# is *,cel Project arti+acts (ill 4e store% in -ro$ o, Project $er+or#ance an%

$ro%uct %e$loy#ent $rogress (ill 4e re$orte% (ee)ly 5ia e#ail to s$onsor an% sta)ehol%ers >ecurring (ee)ly

chec)$oint #eetings (ill also 4e hel% (ith $roject tea# Project s$onsor an% sta)ehol%ers (ill #eet (hen there isan issue re.uiring #anage#ent attention Issues ha5ing a #aterial i#$act on $roject sco$e or $rogress (ill 4e

escalate% to the $roject s$onsor 5er4ally an% 5ia e#ail No +or#al $roject ris) #anage#ent syste# (ill 4e use%Project change control re.uests (ill 4e authori:e% 4y the $roject s$onsor 5ia e#ail No +or#al $roject change

#anage#ent syste# (ill 4e use% Planne% resources an% le5el o+ e++ort to co#$lete tas)s (ill 4e i%enti+ie% %uringinitiation $hase Actual use o+ resources an% associate% le5el o+ e++ort (ill 4e trac)e% in+or#ally (ithin the $roject

$lan No +or#al ti#e re$orting (ill 4e use%

$.0 %e& Resources

A colla4orati5e e++ort 4et(een #ulti$le IT tea#s (ill 4e re.uire% to a%5ance this $roject ey resources to a%5ancethe $roject are liste% 4elo(

>ole Na#e

S$onsor B STI Presi%ent Ste$hen NorthcuttSta)ehol%er B -ean o+ A%#issions Stu%ent Ser5ices -e44ie S5o4o%a

ey >esource B Stu%ent Aron Warren

ey >esource B Stu%ent George halil

ey >esource B Stu%ent !ichael "oehl

ey >esource B *arly A%o$ter o+ 80G Net(or) T-

ey >esource B =en%or o+ 80G Net(or) Technology Grace Ng

Project !anager Aron Warren

Project Charter Page ; o+ 8


4/4


'.0 Risks and Assumptions

80G net(or)3 re+ers to 80 Giga4it $er secon% s$ee% *thernet net(or)s inten%e% +or #o%ern %ata centers

>e#aining critical security controls can 4e re+erence% in (hite $a$er6 4ut no ela4oration is re.uire%

Actual co##ercial 5en%or $ro%ucts are to 4e $art o+ research an% inclu%e% in technical %iscussion

>?D +or syste# integrator consultant or consulting +ir# is not in sco$e Secure Net(or) *ngineering inclu%es integration o+ security controls necessary to sustain in+rastructure

Co##on 4usiness $rocesses eg6 ">6 ?inance6 Procure#ent6 etc are not in sco$e The $ri#ary +ocus is

to $ro5i%e technical gui%ance associate% (ith an in+rastructure that ser5ices #o4ile a$$lications o5er theInternet

Technical a$$roaches are to inclu%e integration (ith' !anage% Security Ser5ices Pro5i%ers6 2

connections6 an%s tra%itional in+rastructure ser5ices eg6 ta$e 4ac)Eu$6 -NS6 $atching6 con+iguration#anage#ent6 etc

The state#ent' GIAC %oes not (ant to a%% #any $eo$le to the (or)+orce6 so solutions that can 4e

auto#ate% are to$ $riority36 is to 4e inter$rete% as inclu%ing technology6 outsourcing o+ recurring

o$erations %uties eg6 !SSP an% centrali:e% #anage#ent o+ in+rastructure eg6 $atching6 con+iguration#anage#ent6 I-S signature u$%ates6 etc

*,ternal $artnershi$s3 inclu%e custo#ers o+ 80G technology or ser5ice $ro5i%ers that ha5e recentlyincor$orate% 80G technology

*Eco##erce is in sco$e as GIAC *nter$rises (ill nee% to acce$t $ay#ent +ro# a 5ariety o+ custo#ers eg6

+oo% #anu+acturers6 (holesalers6 etc

*E+ortune coo)ie ser5ice is a5aila4le to retail custo#ers to ha5e a +ortune sent to their s#art$hone %aily

InterEsite -ata Center co##unication is out o+ sco$e

-isaster >eco5ery is out o+ sco$e

-elay in res$onse to stu%ent .uestions/concerns

Fn$lanne% a4sence %ue to e#$loyer or +a#ily o4ligations

(.0 )ocument Revision *istor&

Document Name .ersion Date Aut!or

->A?T E 80G Project Charter 501%oc ?or#atting 1/@/2012 !ichael "oehl

->A?T E 80G Project Charter 502%oc -ra+t 002 1/7/2012 !ichael "oehl

->A?T E 80G Project Charter 50;%oc -ra+t 00; 1/7/2012 !ichael "oehl

->A?T E 80G Project Charter 508%oc -ra+t 008 1/7/2012 Aron Warren

>ena#e% to ?INA E 80G Project Charter 5 10%oc ?inal 10 1/7/2012 Aron Warren

Project Charter Page 8 o+ 8