Information Technology Reference
In-Depth Information
8.9
enterprise operations Management: iA Context
he IA
2
Process approaches operations security from the perspective of enterprise
operations management (EOM). The IA architect derives operational security
needs from external compliance requirements as well as internal strategic and tacti-
cal (operational) requirements and goals. A careful assessment will determine what
exists (as-is), help define what EOM aspects are necessary to maintain expected
performance levels (to-be), and provide a transition plan to modify operations
(transition plan). The EOM approach considers:
n
−
n
−
n
−
Enterprise network operations center (ENOC)
Covers the IT infrastructure, including routers, switches
Enterprise systems operations center (ESyOC)
Covers key applications, servers (e.g., voice server)
Enterprise security operations center (ESOC)
Covers the IA infrastructure, including firewall (FW), VPN, anti-virus
(AV), IDS
Enterprise management operations center (EMOC)
Provides intelligence gathering and intelligence analysis of internal
operations plus external factors that may influence internal operations
decisions
Provides evaluation of event/incident aggregation
n
−
−
EOM also monitors personnel, including identity management, privilege man-
agement, exercise of claim of privilege, employee location (in/out building/room/
data center), plus physical aspects, including campus, building, room access con-
trol, and monitoring of environmentals (i.e., temperature, humidity, fire, flood)
and more. The expense of a comprehensive EOM may be prohibitive for many
organizations; however, the IA
2
Process should examine the need for EOM attri-
butes (Figure 8.7).
The information assurance architecture development process considers the need
to integrate security operations into other technical and business operations as well
as security operations as a separate but integrated part of overall operations. The
following sections elaborate on the EOM attributes in Figure 8.7.
8.9.1
Network Management
Network management includes management models, services, mechanics, prod-
ucts/vendors, operations, compliance requirements, and technical infrastructure.
Starting with architecture and design and going through implementation, network
management is in the operations stage.
Traditional client/server applications provide a 1:1 session link between server
applications or data and client applications. The mainframe delivery model pro-
