-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathBest Practices
116 lines (81 loc) · 4.54 KB
/
Best Practices
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
Storage Area Network (SAN)
--------------------
Security:
-Segregation: VLAN or segregating SAN network.
-Encryption: Protect data both at rest and in transit.
-Access Controls: Use strong access controls to limit who can access the SAN and what they can be done.
Maintenance/Monitoring
-Regular Review in terms of security and overall set-up
-Identify and track Performance baseline
Documenting:
-Create a schematic of your network to aid in management and troubleshooting
Computer Networks:
--------------------
Security:
Permissions:
-MFA enabling were possible and applicable.
-Implement the principle of granting users minimum level of access.
-Network segmentation i.e VLAN to isolate networks and limit the spread of potential breaches. This would also assist with mangement of network flow.
-Deploy Firewall and IDS utilising packet inspection to idnetify potential suspicious traficc.
-Encrypting Data in transit and at rest to protect again data exilfiltration.
Management:
-Regular updates/patching deployement/testing maintaining rollback configurations. Either periodically or ad-hoc when major vilnerabilities are identifed.
-Regular INTERNAL/EXTERNAL Penetration Testing to identify and address vulnerabilities.
-Educate employees about security best practices i.e passwordm phishing to limit these types of threats.
-Continuous Monitoring and review to verifyuser and device activity.
-Documentation to aid in Network troubleshooting.
-Test implemented mechanism i.e failover processes peridocally.
hen it comes to computer networking, following best practices can help ensure your network is efficient, secure, and scalable. Here are some key recommendations:
1. Network Design
Simplify Connections: Keep your network design simple and straightforward. Avoid unnecessary components and connections1.
Document Everything: Maintain detailed documentation of your network design, including diagrams and configurations1.
Plan for Scalability: Design your network with future growth in mind to accommodate increasing demands1.
2. Security Measures
Implement Firewalls: Use firewalls to protect your network from unauthorized access and threats1.
Use Strong Authentication: Ensure that strong authentication methods, such as multi-factor authentication (MFA), are in place2.
Regular Security Assessments: Conduct periodic security assessments to identify and mitigate vulnerabilities2.
3. Performance Optimization
Monitor Network Performance: Regularly monitor network performance to identify and address bottlenecks1.
Optimize Traffic Flow: Use techniques like load balancing and Quality of Service (QoS) to optimize traffic flow and ensure critical applications have the necessary bandwidth3.
Update Hardware and Software: Keep your network hardware and software up to date to benefit from the latest performance improvements and security patches3.
4. Maintenance and Monitoring
Regular Maintenance: Schedule regular maintenance to ensure all network components are functioning correctly and efficiently1.
Automate Monitoring: Use automated tools to monitor network health and performance continuously3.
Backup Configurations: Regularly back up network configurations to quickly restore service in case of failures3.
5. User Training and Policies
Educate Users: Provide training to users on best practices for network security and usage2.
Establish Clear Policies: Implement clear network usage policies to ensure users understand their responsibilities and the importance of network security2.
By following these best practices, you can create a robust and reliable computer network that meets your organization’s needs. If you have any specific questions or need further details on any of these points, feel free to ask!
Governance:
Developed Information Security policy to establish authorized access management and authenticator management for internal and third-party personnel.
Ensured policy documents are aligned with business objectives, implementable b.y the organization, and practical for compliance by ensuring purpose, scope, authority, and policy statements incorporate operational perspective and constraints
Server
--------------------
RAID
redundancy
FileShare i.e Zero Trust
Anti-Virus/EDR/XDR etc
OS/service hardening
PSU
/Host:
--------------------
Anti-Virus/EDR/XDR etc
OS/service hardening
No Local Admin i.e Zero Trust
Physical:
--------------------
Keycard
Door access
Bars on windows
CLOUD:
--------------------
ENVIROMENTAL:
--------------------
Flood
Management:
--------------------
Buisness continuity
Risk Accessment
Chanage management
SOFTWARE
--------------------