ITPROSEC Network Security Operation Tasks List
This post is an example to list all related Network Security Operation Tasks. It will give the team a basic idea what need to be done by yearly, monthly, bi-weekly, weekly and daily.
Contents
Network Security Operation Tasks. 1
a. ITPROSEC Switches Health Check. 5
b. ITPROSEC Routers Health Check. 5
d. Review Sites Documentation. 5
e. Update NetMRIs, STRM, IDP, PRTG to vendor or IPSM suggested version. 5
f. Update WLCs , NetEQ, F5s to vendor or IPSM suggested version. 5
h. Review Security Management Documentation including IT Standard and Infrastructure Design. 6
a. Review Sites Network Diagram.. 7
b. Review the access to Each Site’s ACS and Core Switches. 7
b. Production Firewall Policies Export to local 9
c. Checkpoint Firewall Policies Export or Screenshots. 9
f. Provide Juniper and Checkpoint Firewall Policy or Screenshots to Local Security and Local IT. 11
g. Firewall Integrity Check. 11
h. Qualys Scanning Report Check. 12
i. Monthly Time Card Report send to Managers. 13
j. Review Firewall Local Accounts. 13
k. Archive STRM Logs to Remote Sftp server if needed. 15
l. Check Global IBM Qradar SIEM Sytem Status. 15
m. Firewall Vendor Support Contract and License Check. 15
n. ITPROSEC Local Security Firewall (Fortigate) Maintenance for Markham, Vogell and Montreal 16
o. ITPROSEC Local WLC status Check. 16
p. ITPROSEC Guest WiFi Status Check (Fortigate). 16
q. ITPROSEC Local HelpDesk / Video Conference Line Status Check (Check Point 1100). 16
a. Checkpoint Mgmt Server Backup to Remote Backup Server. 17
b. Review access to NPS Servers, Red Zone TS , Green Zone TS. 17
a. Review Alert Emails from IPSM… 18
d. Check and Work on Maximo Tickets and Firewall Changes. 19
e. Fill in SAP Time Cards Info. 20
f. Check Toronto UAC Status and Log into RDP server 10.94.200.168 with two factor authentication. 20
i. Administering and Monitoring for WAN Connectivity. 21
j. Customer Changes (Projects based for American Area). 21
a. Space IDP Database Download. 22
b. Check Following Mgmt Devices and Services Status. 22
c. Juniper Firewall Security Database Update for all sites. 22
e. Show system storage on all Juniper firewalls. 23
f. Verify Configuration Backup status on Checkpoint Management Server. 23
g. Check STRM Report and NetMRI Report. 23
a. After Hours on Call Support for American Area. 23
b. Urgent Production Changes. 23
1. Yearly Tasks
a. ITPROSEC Switches Health Check
Based on 3.6.5 ITPROSEC IT Policies and Standards V3.8.doc at Z:\Documnets\ITPROSEC-Secure Segment Manual\3 Network Security
b. ITPROSEC Routers Health Check
- Based on 3.6.5 ITPROSEC IT Policies and Standards V3.8.doc at Z:\Documnets\ITPROSEC-Secure Segment Manual\3 Network Security
d. Review Sites Documentation
Located at Z:\Documnets for ITPROSEC, IPSAI, IPSADS, IPSMEX and ITPROSEC – Secure Segment Manual
e. Update NetMRIs, STRM, IDP, PRTG to vendor or IPSM suggested version
If there is no urgent update notice from other sources, those security related devices will be updated based on issues.
f. Update WLCs , NetEQ, F5s to vendor or IPSM suggested version
If there is no urgent update notice from other sources, those security related devices will be updated based on issues.
g. Update Juniper SRX Firewalls, Juniper Space, Checkpoint Firewalls and Checkpoint Mgmt Server to vendor or IPSM suggested version
If there is no urgent update notice from other sources, those security related devices will be updated yearly.
h. Review Security Management Documentation including IT Standard and Infrastructure Design
Located at Z:\Documnets\ITPROSEC-Secure
Segment Manual\
2. Quarterly Tasks
a. Review Sites Network Diagram
Located in each site share folder at Z:\Documnets for ITPROSEC, IPSAI, IPSADS, IPSMEX
b. Review the access to Each Site’s ACS and Core Switches
Confirm access is provided based on
request base and needed base.
3. Monthly Tasks
a. Firewall Health Check
For all those firewall status, if there is any unusual, further action will be taken , such as
- Notify local IT
- Contact Vendor Support
- Report Local Security if there is any breach or accident
b. Production Firewall Policies Export to local
Located in folder Z:\Documnets\Secure Segment Manual\3 Network Security\Policy Documentation
c. Checkpoint Firewall Policies Export or Screenshots
Located in folder Z:\Documnets\Secure Segment Manual\3 Network Security\Policy Documentation
d. Firewall Log Check
e. Firewall Policy Check
f. Provide Juniper and Checkpoint Firewall Policy or Screenshots to Local Security and Local IT
g. Firewall Integrity Check
h. Qualys Scanning Report Check
i. Monthly Time Card Report send to Managers
j. Review Firewall Local Accounts
k. Archive STRM Logs to Remote Sftp server if needed
Detail documentation for archving steps is in the folder:
Z:\Documnets\ITPROSEC-Secure Segment Manual\3 Network Security\STRM
l. Check Global IBM Qradar SIEM Sytem Status
m. Firewall Vendor Support Contract and License Check
n. ITPROSEC Local Security Firewall (Fortigate) Maintenance for Markham, Vogell and Montreal
o. ITPROSEC Local WLC status Check
p. ITPROSEC Guest WiFi Status Check (Fortigate)
q. ITPROSEC Local HelpDesk / Video Conference Line Status Check (Check Point 1100)
4. Weekly Tasks
a. Checkpoint Mgmt Server Backup to Remote Backup Server.
It automatically backed up to our backup server 10.94.19.242.
b. Review access to NPS Servers, Red Zone TS , Green Zone TS
5. Daily Tasks
a. Review Alert Emails from IPSM
Actions:
If there is Critical Alarms, notification of those alarms will be sent to management.
b. Review NetMRI Logs
c. Review STRM Reports
d. Check and Work on Maximo Tickets and Firewall Changes
e. Fill in SAP Time Cards Info
f. Check Toronto UAC Status and Log into RDP server 10.94.200.168 with two factor authentication
g. Check IPSM UAC Status and Log into RDP Server 10.4.19.10 (Green Server), 10.4.7.160 (Red Server)
h. Check Del1 UAC status and log into RDP server 10.109.20.40 to review Production firewall policies
i. Administering and Monitoring for WAN Connectivity
- DC1 Commercial to Montreal
- DC1 Commercial to IPSM
- DC1 Production WAN to Montreal
- ISP BGP Connections
- ITPROSEC ISP Service Availability
- ITPROSEC ISP Connections Performance
- ITPROSEC WiFi – Guest WiFi and Commercial WiFi
j. Customer Changes (Projects based for American Area)
- DRP
- Dedicated Site to Site Connection
- B2B Connections
- VPN Connection
6. Maintenance Tasks
a. Space IDP Database Download
b. Check Following Mgmt Devices and Services Status
- Space – 10.94.200.19 amd 10.94.200.18 (Log)
- Checkpoint Mgmt Server – 10.94.200.37
- STRM – 10.94.200.23
- NetMRI – 10.94.200.40
- UAC – 10.94.200.146
- RDP Server 10.94.200.168, 10.94.200.188, 10.94.200.189
- SSH Server 10.94.200.14 , 10.94.200.28
- PRTG – 10.94.200.13 and 172.17.3.83, 10.99.136.66
- IDP and Port Aggregator Devices
- Production WAN Routers / ASAs
- Markham, Vogell and Montreal ACS5000 and Triplite Devices
- Mgmt Switches and Core Switches Status
- Radius Servers
- Solarwinds Syslog Servers
- NPS Server
c. Juniper Firewall Security Database Update for all sites
- ITPROSEC Markham Prod FW and Pin FW
- ITPROSEC Montreal Prod FW and Pin FW
- ITPROSEC UAC FW
- IPSAI- Twinsburg
- IPSMEX
- IPSADS – GRU1
d. Checkpoint IDP Update
- ITPROSEC DC1 RAS
Firewalls
- ITPROSEC MON1RAS Firewalls
- IPSAI TWN1 RAS Firewalls
- IPSMEX MEX1 RAS Firewalls
- IPSADS GRU1 RAS Firewalls