security professionals: who are they? loren michael johnson ([email protected])
TRANSCRIPT
Goals
• Inspire You to Become a S.P.• Demystify I.T. Security• Case Studies – Lessons Learned• About Me• Q/A
technology for all.
ONMP Goal• Official Goal: Expose Oklahoma networking
students to the practical day-to-day life of networking professionals.
• Hidden Secret Goal: Identify, develop and recruit talent!
3
Job Shadowing
• On-Site– Schedule a time with us to see what we do!– E-mail the project leader, Henry Neeman (
[email protected]) to set up a time.
• Virtual– E-mail us at [email protected]– Facebook: [email protected]
4
Other Opportunities/Resources
• Cisco Academy– Francis-Tuttle– OU IT internal for now
• IT Internships at OU– Contact Jennifer Pike ([email protected])
• Jobs at OU– http://jobs.ou.edu
• Jobs at OneNet– http://www.okhighered.org/job-opportunities/
5
About Me
• Loren Michael Johnson ([email protected]) -– OU Data Analyst for the IT Security (1996-Present)
• DCTS - Telecom – Network Analyst
– OSU-OKC (Novell) (1995-1996)• Vax Systems Programmer (1994-1995)• Computer Operator (1992-1994) (workstudy -> fulltime)
– CISSP
6
About OU
• OU IT Network Services:– Support 8000+ wireless users– Support 15000+ network users– Support ~25000 host devices– Support ~1300 wireless access points– Support ~850 security cameras– Support ~1250 network switches and routers– Over 200 physical and virtual servers
7
So, what’s it like?
• Is it like the movies?– Some of my favorites are Enemy of the State, The
Italian Job, Law & Order: SVU– Some days it is like The Office
8
Cool stuff
• Visiting Dignitaries– VP, Senators, Foreign Heads of State, Candidates
• Celebrities– NPR’s Science Friday Ira Flatow– U2 Concert
• IT related Cool Stuff– Syncing of Supercomputing Power
9
Network Pro’s typically…
• Work in a team environment• Participate in projects• Provide “Tier 3” support• Manage -
– Routers– Switches– IP, other protocols– Circuits & cable plant– Specialty devices (wireless, security, voice, etc.)
– Network services such as DNS, DHCP, NTP, etc.
10
Also, expect to…
• Multi-task• Sit in the the hot seat• Be the “instant expert” on lots of topics• Work nights, weekends, and other off hours• Be “on call”
11
You’ll spend time…• Logged into network
devices…– Configuring– Troubleshooting– Testing– Learning
• The picture at the right is a screenshot of Cisco IOS, which is very common
12
You’ll spend time…• In meetings
– Leading
– Participating
– Listening
• It pays to develop skills
– Listening
– Presention
– Negotiation
– Conflict resolution
– Whiteboarding
• Solution D!
13
You’ll spend time…• Documenting the
network– Static documents like
Visio diagrams– Living documents like
HP Openview, MRTG, DNS, etc.
14
You’ll spend time…
• Setting up new stuff– Circuits– Hardware– Software– Processes
• Cleaning up old stuff– Cable management– Configurations– Processes
• Know your organization’s change management process– If there isn’t one, lead the way
15
Procurement• As a network professional, you will buys things like…
– Equipment– Circuits– Labor / Services
• You will spend time with vendors– Product evals / design– Negotiations– Competitive bidding
• Understand your company’s policies on vendor relations and avoid unethical conduct
• Spend money as if it is your own – be a good steward
16
Management• Availability
monitoring• Performance
baselining• Asset management
& tracking• Change
management
17
Support
• Support and troubleshooting is usually URGENT!• It can also be time consuming• It is important to be both an effective and efficient – don’t
waste time
18
Disposition
• The network is always in transition – some new, some old
• Retiring systems requires planning and commitment
• Can be complicated• Make it simple for users• Minimize downtime• Be persistent
– Methodical
19
Zane Grey (co-worker)
technology for all.
Zane Grey (co-worker)
technology for all.
Zane Grey (co-worker)
technology for all.
About OU & ME
• What do I do at OU?• A Little History
– Arp Cache Database– Security Incident Database– NullRoute Database
• Current Projects/Initiatives– NET-REG– Training– Network/DNS tracking
23
About OU & ME
24
About OU & ME
• Lead for DNS and DHCP Teams• Part of the Training Team• Security Incident Database• Network Database(s)• NET-REG
25
About OU & ME: Network
• Network Database– A few hundred networks to thousands
• ARP Entries– IP Address to MAC/Network Card Address– Network snapshots, history
• Benefits– Movement, Tracking, Use of Devices– Forensics
26
About OU & ME: Security
• Security Database: a brief history– Sticky notes (here is what I did)– Tracking in text files on a server
• Automation (expect/perl/bash)
– Database• Team wants accounts• Support/Helpdesk want to view• Blocking/Unblocking• Reporting
– Cutting offenders off – Identified by Calling in
27
About OU & ME: NET-REG
• Hundreds of Copyright complaints per week– Too much for a few operators to handle– Policy mandates education, tracking, punishment
• NET-REG– McDonalds, Hotels, Starbucks
• We are not Starbucks (Starbucks^10)– A few people a day VS. 1000’s on right now– Changes every day
28
About OU & ME: NET-REG
• NET-REG:– Tutorial 5 Questions related to Copyright– Ownership of your machine, give it a name– Lasts a whole year (reset before Fall Semester)
• Backend:– Userid -> IP Address -> MAC/Hardware Address– Fed into DHCP, DNS
29
About OU & ME: NET-REG
• How It Was Done– DNS– DHCP– WEB SERVER (feeds DATABASE)– DATABASE (feeds DHCP and DNS)– Key scripts (perl/bash) ties it all together
• RIAA (others) Complaint emails– 90% automated– We are still very kind (1 charged)
30
About OU and ME
31
About YOU & Your NETWORK: OPSU
• OPSU Policy: The OPSU Data Communications Network is a mission critical
strategic University resource. In order to protect the Data Communications Network, devices that are considered end nodes, other than computers, servers, printers, and workstations must not be plugged into any network port, unless special arrangements are made with the campus IT Director. This includes but is not limited to hubs, switches, repeaters, routers, network modems and wireless access points whose installation has not been coordinated and registered with campus IT Director. These devices may be incorrectly configured or incompatible with the OPSU Network causing outages and reliability problems to all or part of the network. Devices not approved for use on OPSU's Data Communication Network may be disabled to ensure the stability and availability of the network.
• But… How do you really know?
32
Resources I Use
• Magazine: Information Week, Computer World (free for those in the ‘business’)
• Podcast: Cyberspeak (.libsyn.com)• Book: Getting Things Done (GTD) – Search for
customized adaptations• Dropbox http://db.tt/w4LH4wL• Evernote (.com) + App• GnuPG
technology for all.
Strategies for Success
34
Hone Technical Skills
35
Know the OSI model Pursue Education & Training Use certifications to motivate and validate
Be Proactive• Be Proactive - act in anticipation of future problems, needs, or
changes – About your tasks– About projects– About your education– About your career– About your life
• Research shows a high correlation between proactivity and success• “Proactivity consistently produces better results than reactivity or
inactivity.” [1]
[1] Kouzes and Posner. The Leadership Challenge 4th Edition. 2007. John Wiley & Sons.
•
36
Put Customers First
• Recognize that without customers, you don’t have a job
• Make sure you leave things better than you found them
• Make sure the customer is satisfied before claiming victory
• Don’t cast blame on the customer
• Use language your customer can understand
• Make it easy for people to reach you for follow-up
• Trusted advisor
• Know that even what doesn’t work can be an opportunity for Learning (ITIL - Information Technology Infrastructure Library)
37
Practice Self-Responsibility
• Take responsibility for yourself• Be really great at something• You are responsible for…
– Staying informed– Getting the job done– Your successes & failures– Your skill development– Your career– Admitting Mistakes
38
Your Resume/Interview
39
What I look for in a resume/interview… College degree, Experience, Certifications
What I look for in a resume… (under the hood) Someone who doesn’t change jobs every 1
to 2 years (probably won’t last long) Someone who understands the “lingo” Someone who knows how to be “relevant”
Your Career
40
Don’t be afraid Public Speaking Project Management
