3. Management
a) Syslog: Network infrastructure devices, workstations and applications generate syslog messages that an administrator should be periodically reviewing and resolving. These log messages should be sent to a single location to allow effective review and management. Kiwi Syslog Server collects, organizes and archives syslog messages from the entire network, and can alert an administrator to events through email, text or audible alarms [60].
b) Network Monitoring: Monitoring applications, such as SolarWinds, provide the capability to monitor network performance, manage configuration changes on devices, monitor server health, analyze traffic on the network, monitor user devices and monitor compliance with security policies [61]. The monitoring application will be configured to use SNMP v3 whenever possible to secure management traffic [62].
c) Secure File Transfer: Network devices will need to send and receive files in a secure manner. Devices will need to send their current configuration file to a central location as part of backup and change management process, and need to receive firmware and software updates. A specific device should be configured to act as the central storage location for these files. Network devices will be configured to
…show more content…
Group Policy Objects (GPOs): Security settings on workstations and for users should be uniformly applied across all company devices, and should not be modifiable by users. Microsoft Active Directory allows an administrator to set numerous configurations and settings that can be applied on all workstations and user accounts. If it is configurable in Windows, it can be managed by a Group Policy Object (GPO). Any company policy that requires a specific setting, should be enforced by creating a GPO that forces user and workstation compliance. For example, if the Password Policy requires users to choose a password of a specific length and complexity, a GPO can be set that enforces that requirement