May 13 2008 4:06PM GMT
Posted by: Troy Tate
howto,
CIO,
DataCenter,
DataManagement,
email,
Microsoft Windows,
Networking,
LAN,
WAN,
Security,
antivirus,
malware,
Monitoring,
anti-virus,
metrics,
reporting,
research,
tools
An acquisition or merger is not a frequent event for my organization. However, it seems like in the past year or so we have worked on a number of these activities. So, it seems like it may be time to create a formalized checklist for the IT department items that need to be addressed during an acquisition.
To get the ball rolling, I am listing some items that I consider to be important to the infrastructure/security folks like me. I know this list is not exhaustive or complete. It is a work in progress and will need to be refined for each event since they are all different. Some of these may be done in the due-diligence but the rubber hits the road during the implementation.
So, without further ado:
Absorbing a new acquisition - to do list (general & incomplete)
- Private WAN connectivity - 30-90 days or more lead time depending on location
- flexible IP addressing scheme to absorb devices on new network(s)
- Internet firewall changes - ports, source addresses, NAT, etc.
- DNS ownership and management
- changing DNS nameservers - use a dig tool to get information concerning current configuration - MenAndMice
- Network hygiene - how clean are the devices and what personnel habits need to be changed?
- Device inventory - what effort will it take to do this?
- Software licensing inventory
- What about handling loss of staff & knowledge?
- Documentation of processes, procedures, configurations?
- Phone list sharing
- E-mail addressbook sharing
- E-mail system integration
- ERP process integration
- Resource access permissions
- Financial reporting integration - accounts payable, receivable, tax, etc.
- Staff reporting structure
- Other HR activities - benefits, payroll, etc.
I welcome your insight and experience on the many other activities you feel is important to address during a merger/acquisition.
Thanks for your time. Let’s be good network citizens together & practice safe networking!
May 9 2008 12:51PM GMT
Posted by: Troy Tate
howto,
troubleshooting,
Networking,
LAN,
WAN,
forensics,
Monitoring,
metrics,
Performance,
reporting,
tools,
humor,
packet capture,
wireshark,
network analysis
I have always had an appreciation for Laura Chappel of www.packet-level.com fame and her quirky sense of … hmmmmm.. sense?? hahaha… well… she does have a great sense of humor and a heightened sense of awareness with respect to those bits and bytes flowing across our wired and wireless networks.
Laura Chappell has now gone viral after her “initial concern about being somewhat infectious”. She has launched the BitSpitters video series - fast answers to fast questions. The BitSpitters videos are hosted on YouTube right now - feel free to link to her BitSpitters page at www.wiresharktraining.com/bitspitters.html to always get the latest. After seeing the initial response from viewers, it seems more folks are interested in the humorous “How Do I Look Smarterest?” style so according to her recent Wireshark U newsletter she will be putting out some more ‘unique’ short videos for your viewing pleasure - and her newsletter has the following warning: “just wait until you see the ‘beach scene’ coming up! [Don’t even get that ‘bathing suit’ thought in your head!]“
In case you want more packet level and data networking education, I HIGHLY recommend her Master Library which you can purchase through WiresharkU. For a short time only, she is offering an dditional 50% off already discounted price. Coupon code: NLMAY Expiry: May 31, 2008.
Thanks for your time. Let’s be good network citizens together & practice safe networking!
Apr 29 2008 5:11PM GMT
Posted by: Troy Tate
CIO,
DataCenter,
Linux,
Microsoft Windows,
troubleshooting,
Networking,
Security,
Monitoring,
tools
My apologies to the Rolling Stones for munging their classic song.
How many times have you encountered a situation in your organization where something needs to be done yet either IT is not able or willing to support your business related efforts. There are lots of reasons for this to happen in the business world.
One division of our business is electronics manufacturing solutions where we assemble parts designed by the customer. I recently encountered a situation where a customer has some onsite testing gear to measure QA data on devices we manufacture for them. The testing gear was not for our engineers but for the customer. According to the supporting engineer, his IT department was not interested in supporting these test devices. So, the engineer was asking my organization to support the test hosts.
Well, our side of the story now… these test devices run linux as the operating system. My IT organization typically does not support linux because our focus is on Microsoft Windows systems. So, here’s the conundrum… who supports this engineer and his manufacturing requirements? The test hosts are owned and designed by the customer, yet the hosts are at my organization’s facility.
Tough situation for sure! Right now our answer is to do our best effort in supporting this engineer and the engineer is going to talk to his in-house IT department to see if they will support his requirements. It seems to be a shame that this engineer cannot find support from his own organization. He really could use this when in the end, these test systems are there to support the quality of his organization’s product.
What are your thoughts on this situation? Does your IT organization have to support third-party systems within your facility? If so, what protections have you put into place for your organization?
Thanks for your time. Let’s be good network citizens together & practice safe networking!
Apr 23 2008 5:13PM GMT
Posted by: Troy Tate
Networking,
tools,
Data security,
LAN,
WAN
Don’t you wish that every vendor’s competitor had something similar to the Dear John (Chambers of Cisco fame) site found here.
What would a Dear Bill (Gates) letter website look like? Well a video documentary was produced and can be found here. Isn’t he a charming young man? A quick Google search for “Dear Bill Gates” turned up around 452,000 hits. Lots of folks writing with some very interesting perspectives. How about an entire book written as a letter to Bill Gates? Mark Hughes did just that and you can find his book on Amazon for $16.95 (ISBN 1412014719). I wonder if writing to Mr. Gates is like writing a letter to Santa Claus. You feel excited putting words to paper but then realize that there is little chance the letter will actually be read by the intended reader.
Thanks for your time. Let’s be good network citizens together & practice safe networking!
Apr 15 2008 1:00PM GMT
Posted by: Troy Tate
Virtualization,
Linux,
Security,
Performance,
tools,
troubleshooting,
vmware
Wow! I didn’t know my laptop could have such loud alerts. Yesterday, I shutdown a virtual machine in VMWare’s VMPlayer application. As soon as I clicked the shutdown button in the guest OS, my laptop let out with the most amazing shriek that seems to still be ringing in my ears several hours later.
I had to actually remove power and the battery from the laptop to get the awful racket to stop. Fortunately, the machine restarted without a glitch.
I was running the Protech ONE security ISO image (this is a nice tool for security testing and education). The VMWare Player is a great tool for running an ISO image if you want to take one for a test drive. I had tried running this same ISO image in Microsoft’s VirtualPC environment but there are issues with this particular ISO and how it handles key mapping so it was just easier to change to VMWare’s Player.
However, now my ears are ringing because of the incredibly loud beeping that my machine let loose when shutting down the guest OS. My laptop speakers are always turned to the lowest level possible so I really have no clue why shutting Protech ONE down would have created such a loud event. I guess I need to see if there is a way I can shutdown this environment without waking up my nearby neighbors in the company Tax department.
Have you ever used any application that performed odd startup or shutdown activities? What did you do to overcome those issues?
Thanks for your time. Let’s be good network citizens together & practice safe networking!
Apr 4 2008 1:40PM GMT
Posted by: Troy Tate
Data security,
Security,
Monitoring,
tools
Many of our organizations use “standard” anti-virus like the Symantec, McAfee, Panda, Trend-Micro products. Virus signatures are still valuable, don’t get me wrong, but it seems like there are newer detection methods out there that are challenging this time-tested technology. Heuristics have gotten stronger. The new kid on the block now seems to be sandboxing or behavioral analysis.
An advertisement came across my desk the other day for one of these solutions that caught my eye with its tagline. The tagline read:
If a car crashes and it takes six seconds for the airbag to be released, would you feel safe? No? Then you think like us at Norman.
Hmmmm… is that challenging the old school way of doing anti-virus? What is the new way? Take a look at:
Norman Sandbox analyzer from Norman Data Defense.
Is anyone using this type of technology? What has been your experience? Does it make sense to move to something like this from the tried-true old-school signature-based anti-virus?
Let me know by adding some comments to this blog.
Thanks for your time. Let’s be good network citizens together & practice safe networking!
Comments Off
Mar 26 2008 6:04PM GMT
Posted by: Troy Tate
Data security,
tools,
wiki,
howto,
Security,
forensics
This blog topic, and future versions, will be dedicated to websites I discover in my internet journey that seems to be useful and may help someone else out there with some need they may have.
Today’s website is called the Forensics Wiki . Of interest in particular to you security practitioners out there would be the tools section. To gain some education and knowledge, you might want to check out the How-To section. This wiki seems to be in it’s infancy stage. The value potential is high though.
Thanks for your time. Let’s be good network citizens together & practice safe networking!
