The Best Ways to Eliminate Boredom and Terror on Your Network: Part 3
In part one and part two of this series, we introduced why best practices for improving network configuration management are important and talked about the first three.
These practices support the thesis that you can eliminate the leading cause of network downtime: simple human error. The first three practices are all about helping you identify all systems under management, standardizing the way you manage these devices, and protecting them from harmful changes. Let’s now build upon this by talking about the remaining two and why they are important.
Audit Configurations for Compliance to DISA STIG and NIST/FISMA Standards
Our objective with this practice is to ensure compliance with all applicable policy standards. There are a variety of security policies and standards that your organization may choose (or be required) to follow. These standards are designed to protect the confidentiality, integrity, and availability of systems, data, and other resources. This is important when these systems contribute to mission success.
These standards are expressed as controls that are implemented as router, switch, firewall, or other device configuration settings. Therefore, by auditing selected configuration settings you can determine your compliance with the standards you follow.
Audits are notoriously unpleasant. They are time consuming and often reveal shortcomings that can reflect poorly on managers and administrators alike. However, for many, they are a fact of life. By regularly reviewing your own “pre-audit” reporting you can discover problems before they are noted by the auditor. Therefore, when proactively finding and correcting violations, you can not only dramatically reduce risk and receive higher scores, but also improve network uptime and mission success.
Use Change Controls to Manage Updates
Our final best practice is powerful because it helps you maintain your configurations after you’ve spent time and effort implementing and perfecting them - even as your environment continues to evolve.
For this best practice, there are four suggestions we recommend you consider adding to your management regiment. These are:
- Create configuration baselines.
- Use workflow to ensure proper change request review and approval.
- Use automation to perform routine tasks.
- Track and manage device end of life.
The first suggestion calls for creating a configuration baseline. To “baseline” a configuration is to create an internal standard that allows you to measure other configurations and future changes. So it goes without saying that your baselines should be error-free and stable. Once you designate a configuration baseline then you can detect changes and determine whether those changes are needed and whether they followed your change control processes.
Which is a great segue into our second suggestion: creating a well-disciplined change control process. Ideally, you want to be able to review and approve all changes prior to implementing them in your network. This is useful if you have teams of admins or engineers.
Using a change control process will help coordinate activities between teams. Or you may have less experienced admins or engineers making changes. Again, a formal change control process will allow you to review all changes and detect and fix errors before the change is made.
Our third recommendation suggests using automation to deploy configuration changes, especially if the change needs to be deployed across many systems. Using automation can help ensure the change is made the exact same way and error-free. Automation is your friend.
The last recommendation deals with using change control to manage end-of-life (EOL) devices. You may be wondering why tracking EOL devices is so important. Consider the following reasons:
- Prevent excessive support costs. The primary driver for increasing support costs for EOL hardware is due to vendor end-of-sale and EOL policies. As a device approaches EOL, the support services can become both explicitly and implicitly more expensive. Failure to secure or renew a maintenance agreement before critical EOL dates expire will prevent you from receiving vendor technical support and maintenance upgrades. Therefore, you may be forced to develop or maintain more expensive in-house skills or contract externally for needed services.
- Regulatory non-compliance. Non-conformance costs will become an issue if the device is unable to achieve control objectives defined by your policies. This may be due to a lack of technical capability or because the device is no longer able to receive updates that address security vulnerabilities.
- Business disruption. This risk often produces a broad spectrum of effects caused by catastrophic device failure and can lead to business disruption and accompanying lost revenue and/or brand damage. These problems are amplified when remediating a legacy device consumes even more time because spares cannot be located or the replacement device requires extensive installation and configuration effort.
- Diminished productivity. IT is a significant business productivity driver. Therefore, when new technologies are not adopted and utilized, opportunity costs may negatively affect bottom-line financial performance. This problem is also realized when the business wants to expand service, only to discover that the underlying infrastructure won’t support the business requirements because it is no longer supported. This discovery then forces unplanned expenditures and cost overruns.
By carefully tracking EOL hardware, you can work to eliminate these problems. To implement EOL tracking, you will need tools to help you easily research and manage critical support dates.
Summary
Experience informs us that when these five best practices are followed, you can eliminate network downtime, which improves mission success and reduces costs. Achieving this success is a factor of both smart process and the right combination of tools.
SolarWinds® Network Configuration Manager (NCM) is a network configuration and change management solution (NCCM) that integrates with SolarWinds Network Performance Manager and is part of the Orion IT management platform. NCM can help you implement these best practices.
NCM provides an easy way to:
- Discover network devices and build device profiles
- Standardize device configurations
- Archive, monitor, and protect device configurations against unwanted changes
- Assess configuration compliance using DISA STIG and NIST/FSMA standards
- Gain powerful change management, task automation workflows, and device EOL tracking
You can download a free 30-day trial to test these capabilities yourself by visiting the SolarWinds website.
Related Blog Posts
Federal Government, IT Perspective, State & Local Government
As government agencies and organizations look to modernize their technology stacks to keep up with changes in the workforce, aging solutions, and closing contracts, they’ll all set out with a similar process: submit an RFP, review submissions, and choose a vendor. Seems simple enough.
But what government CIOs often don’t realize is that requiring proven, specific use cases may be limiting what their new (and likely expensive) technology investment can do for their organization. Here’s what I mean.
Vishal Hanjan
Cloud Computing, Cybersecurity, Federal Government, IT Perspective
Over the last few years, the federal government has begun to embrace a zero trust approach as the new cybersecurity standard for agencies. Utilizing the latest solutions and best practices, the hope is to bolster federal cybersecurity and create a robust and resilient IT infrastructure that can protect and secure networks from attacks and breaches.
Kevin Tierney
Cloud Computing, Cybersecurity, IT Perspective, Technology
Last January, the Office of Management and Budget (OMB) released M-22-09, a memorandum that set forth the federal government strategy on zero trust adoption, in an effort to reinforce the security and protection of government agencies’ critical systems, networks, and IT infrastructures.
David Presgraves
Application Lifecycle, Federal Government, IT Infrastructure, IT Perspective
In the post-COVID world, the federal government spends about three-fourths of its technology budget maintaining aging computer systems including platforms more than 50 years old and even some that use floppy disks, according to a recent Government Accountability Office report.
Roland Alston
Cloud Computing, IT Perspective, Tips and How-Tos
What’s next for cloud in 2022 (and how can you prep for it?)
There were so many noteworthy AWS re:Invent 2021 announcements out of this year’s big Amazon Web Services (AWS) conference. But what will that news mean for the year in cloud ahead? And how can learners and businesses prepare for the opportunities these will create?
Pluralsight
Application Lifecycle, Cybersecurity, DevSecOps, Federal Government, IT Perspective, Technology
On the Tech Transforms podcast, sponsored by Dynatrace, we have talked to some of the most prominent influencers shaping critical government technology decisions. From supply chain to machine learning, this podcast explores the way technology advancement intersects with human needs.
In March 2022, we sat down with these government technology visionaries:
Carolyn Ford
IT Perspective
The Technology Modernization Fund (TMF) recently received a much-needed influx of funds, bringing its total to $1 billion. This money is a small part of the funding for technology upgrades in the government, and a very small part of the overall COVID relief bill of which it was a component. The bill does not indicate how the money is to be spent but for most observers modernization is almost equivalent to cloud adoption, with cybersecurity a close second. While most observers accept that the U.S.
Don Maclean
Application Lifecycle, IT Perspective
Blog originally posted by Federal News Network here.
Savanna Evans
IT Perspective
2019 has ended with more uncertainty than normal—even than the federal government is used to. Last year at this time, of course, Christmas brought the advent of a record-long lapse in appropriations for about half the departments and agencies. The exceptions of Homeland Security, Defense and Veterans Affairs kept IT dollars flowing, but the partial shutdown left its mark nonetheless.
The ugly impeachment process working its way down the hall from the house to the Senate might be a psychic distraction but will have no effect on IT procurement.
Chris Wilkinson
IT Perspective
SolarWinds (NYSE:SWI), a leading provider of powerful and affordable IT management software, today announced that the SolarWinds® Orion® Suite for Federal Government v4.0 is undergoing evaluation for Common Criteria to Evaluation Assurance Level (EAL) 2+ under the Netherlands Scheme for Certification in the Area of IT Security (NSCIB).
DLT Solutions
Uncategorized
Article originally posted on GovDesignHub here.
Autodesk University (AU) returns to Las Vegas from November 19-21 – and we have some good news. In addition to discounted conference passes now available on GSA Schedule, Autodesk Certification exams are back at AU 2019!
Caron Beesley
Uncategorized
By Mav Turner, VP, Product Management, SolarWinds
For federal IT pros, moving to a cloud environment is a “when” rather than an “if” proposition. From the government’s recently released Report on IT Modernization, calling for agencies to identify solutions to current barriers regarding agency cloud adoption, to the White House’s draft release of a new “Cloud Smart” policy, which updates the “Cloud First” policy introduced in 2010; cloud migration continues to be a priority.
DLT Solutions
IT Perspective
The SolarWinds Team at DLT is excited to announce after rigorous testing, the SolarWinds Orion® Suite for Federal Government v3.0 has been placed on the Department of Defense Information Network (DoDIN) Approved Products List (APL). The Orion Suite also has Common Criteria certification.
The Orion Suite for Federal Government v3.0 includes:
AndreJones
Federal Fiscal Year End, IT Perspective
The month of September marks the busiest buying season for the federal government. In the final month of fiscal year 2018, an astonishing $97 billion was spent on 509, 828 contracts. On average, this equates to $3.2 billion per day.
September is also getting busier and busier. Between 2015 and 2018 spending increased by 39%.
Brian Strosser
Federal Fiscal Year End, Uncategorized
The old business adage runs, “Nothing happens until somebody sells something.” To which you might add this corollary: nothing good happens in the absence of strong requirements.
Brian Strosser
IT Perspective
It’s the most wonderful time of the year…as the song goes and that is also true of the U.S. Federal IT market right now. The month of September marks the end of the fiscal year and the beginning of the federal government’s annual spending frenzy. Federal agencies scramble to spend what’s left in their budgets, in fear that leaving excess funds will prompt Congress to send less in the following year. We call it “use it or lose it” spending, and it happens every year.
DLT Solutions
IT Perspective
The days are getting shorter, and, as the end of September approaches, the window of opportunity for technology providers to capitalize on federal fiscal year-end sales opportunities is shrinking. September 30th marks the end of the federal government’s fiscal year which means the run-up to month-end is a busy one as contractors vie for federal “use it or lose it” dollars.
Brian Strosser
Cybersecurity, IT Perspective
Every Federal IT pro knows that security threats are a top agency priority. Yet, according to the SolarWinds 2019 Cybersecurity Survey, those threats are increasing—particularly the threat of accidental data exposure from people inside the agency.
DLT Solutions
IT Perspective, Uncategorized
The latest data on the progress of federal government agencies’ implementation of the Federal Information Technology Acquisition Reform Act (FITARA) was released on June 26 by the House Oversight and Reform Committee as Scorecard 8.0.
Melissa Perez
IT Perspective, Uncategorized
The latest data on the progress of federal government agencies’ implementation of the Federal Information Technology Acquisition Reform Act (FITARA) was released on June 26 by the House Oversight and Reform Committee as Scorecard 8.0.
Melissa Perez
IT Perspective
DLT Solutions recently sat down with Red Hat Chief Technologist, North America Public Sector, David Egts, to discuss the recent release of Red Hat OpenShift.
DLT: So David, tell us a little about what you do at Red Hat.
DLT Solutions
Cloud Computing, Uncategorized
Key takeaways show how public sector customers are achieving more with cloud.
As cloud continues to transform the public sector, cloud has had its own metamorphosis: from a trendy buzz word to a catalyst for meaningful change, innovation, and more. Last month, AWS hosted its 10th annual AWS Public Sector Summit. The conference brought together more than 17,000 attendees for 2+ days of insights, sessions, and networking, and explored how cloud is fueling the public sector for a limitless future.
Recap
Isabella Jacobovitz
Infrastructure, IT Perspective
A vast majority of government networks are driven by Microsoft products, from Office 365 to the Azure cloud platform. It should come as no surprise, then, that more and more agencies are looking for tools to monitor Microsoft systems more effectively—all through a single pane of glass.
The good news is there are ways to make the most of existing Microsoft technology with complementary monitoring strategies that will meet the needs of the federal IT operations security teams, SysAdmins, DevOps pros, and managers.
DLT Solutions
IT Perspective
Bringing government-ready solutions that solve the unique needs of the government in addition to having superior public sector expertise is our bread and butter. But DLT is also a powerhouse government distributor and a vital part of the government marketing ecosystem.
But what does that mean for OEMs and IT companies seeking to break into or grow their public sector market footprint?
DLT Solutions
Uncategorized
Many states' fiscal years are quickly coming to an end, and at DLT we’re committed to making the job of the procurement officer as easy as possible as they scramble to make smart and responsible purchasing decisions with remaining taxpayer dollars. Part of this process is raising awareness of what’s new in our extensive portfolio of IT solutions including big data and analysis, cloud, cybersecurity, application lifecycle, digital design, IT consolidation and management, and more.
Brian Strosser
IT Perspective
If you’re a technology solutions vendor, you’re about to enter a crazy busy time of year. It’s state and local government fiscal year-end season! The days are getting longer, and time is running out to close those year-end sales deals before June 30th.
Work is already a top source of stress for many Americans – you don’t need anymore. So, we’ve compiled some stress management techniques that will help you thrive and survive SLED fiscal year-end 2019!
Brian Strosser
IT Perspective
The state and local government IT market has always been something of a chimera to marketers. At $130 billion annually, it’s a third larger than federal. But it’s a fragmented market, given that it consists of 50 states and more than 3,000 counties. Throw in the large cities from Boston to Los Angeles and it becomes even harder to access.
Brian Strosser
Uncategorized
Earlier this year DLT announced they were selected as the “Master Government Aggregator”
DLT Solutions
Business Applications, Uncategorized
Not all Ivy League schools have massive endowments and bank accounts. Some have to get more creative when looking to build new facilities on a budget – or simply embrace innovative new approaches to design and construction.
DLT Solutions
Business Applications, Uncategorized
It’s that time of year again! Spring is here and Autodesk has commenced its steady roll-out of 2020 software releases.
First off is AutoCAD 2020. Released in late March 2019, AutoCAD 2020 includes interesting and exciting new features. With a subscription to AutoCAD 2020, you’ll get industry-specific toolsets; improved workflows across all your devices – web, mobile, and desktop; and new integrations with cloud storage vendors.
Here’s a round-up of what’s new.
Kirk Fisher
IT Perspective
Congress and the Trump administration may not agree on much, but everyone wants to keep pressing federal agencies to strive for modernization with their information technology systems. In hearings just this month, for example, members of the House Veterans Affairs Committee bore in on VA’s struggle to replace its electronic health record system and to modernize its legacy financial and other administrative systems.
DLT Solutions
IT Perspective
For nearly 30 years, DLT has grown to be one of the nation’s top providers of industry-leading IT solutions for the public sector. The strategic decision to focus solely on the public sector market has cultivated trust and assurance with our technology vendors that DLT is their go-to expert. With the evolution of technology and the emphasis on modernizing government, the public sector is changing how it procures new technologies by leveraging consumption-based and as-a-service delivery models.
Art Richer
IT Perspective
There is always something new to learn in the world of information technology, and organizations must act fast to keep pace with the fast pace of change. But where should your agency spend its training dollars to upskill its talent to match your evolving technology strategy?
DLT’s technology partner, Pluralsight, has the answer.
AndreJones
IT Perspective
DevOps became part of the fashionable lexicon for software development a few years ago. The government, at least here and there, has adopted the concept enthusiastically. More recently and with growing urgency, the syllable “Sec” – for security – has joined the DevOps concept. Many federal IT shops call it DevSecOps.
Brian Strosser
IT Perspective
The ongoing 2018-2019 government shutdown which directly impacts 800,000 federal workers is on its way towards being the longest in history with President Trump saying it could continue for months or years.
The longer the shutdown lasts the wider the impacts to government systems, programs, citizens and businesses.
Here are some expected and unexpected fallouts of the current government shutdown.
Muddying an Already Complicated Tax Season
Brian Strosser
Digital Design, Uncategorized
When we launched GovDesignHub in the spring of 2018, we had one goal in mind – to address the lack of resources, discussion, and analysis available online for those who practice in government digital design ecosystem.
Today, we’re proud to be the only website that showcases government design projects and the technology used to support them and deliver content to help public sector organizations accomplish their missions.
In the words of one of our top contributors, Lynn Allen, of Autodesk fame:
Holly Chapman
IT Perspective
Last month, we sat down with DLT Chief Technology Officer David Blankenhorn to get his insight on DLT's evolution to a government solutions aggregator.
Tell me a little bit about DLT’s movement to an aggregator model. Why is that important?
DLT Solutions
Federal Fiscal Year End, Uncategorized
Congress first enacted federal appropriations law in 1809. It’s kept lawyers, contractors, and judges busy ever since. A question arising in many sellers’ minds at this time of year is, what money is available for contracts in more than one fiscal year?
Tom Temin
IT Perspective
With federal fiscal year-end (FFYE) right around the corner, at DLT we’re committed to making the job of the procurement officer as easy as possible as they scramble to make smart and responsible purchasing decisions with remaining taxpayer dollars.
DLT Solutions
IT Perspective
One thing we know about fiscal 2019: There will be plenty of money to go around. The hyper-partisanship that characterizes the government’s political class means that for the second year in a row, there’s more money for guns and butter.
Tom Temin
Federal Fiscal Year End, IT Perspective
If you’re a technology solutions provider, we hope you had a great summer and managed to squeeze in some time off, because the busy season is here, and September has already been a frenzy.
Work is already a top source of stress for many Americans, but right now government procurement teams face enormous pressure as they rush to negotiate and award contracts while ensuring regulatory compliance before the federal fiscal year ends on September 30th.
DLT Solutions
IT Perspective
This week we sat down with DLT Senior Director of Program Management, Steve Wells, to discuss how DLT's contract expertise can be beneficial to its technology company clients and public sector customers, particularly as we approach the end of the Federal Fiscal Year. We also discussed Steve's military career, of which he just celebrated a major milestone.
Interviewer: Hi Steve, thanks for sitting down with us today. To start, why don’t you tell us a little bit about what you do at DLT.
DLT Solutions
IT Perspective
An irony of late appropriations – as the federal government experienced for the umpteenth time in fiscal 2018 – is that rather than rush to spend, your federal customers are actually spending at rates below what they’re authorized to spend. That makes it harder to maximize the year-end spending blitz.
It takes some doing, but if you’ve got the fortitude to plow through reports from the Bureau of the Fiscal Services and the Congressional Budget Office (CBO), it’s possible to discern that agencies simply might not have the time and manpower to execute on every program.
Tom Temin
Digital Design, Uncategorized
New York City Department of Design and Construction (NYC DDC) handles some of the most exciting and dynamic architectural and infrastructure challenges in the world.
Grace_Bergen
Cybersecurity, IT Perspective, News, Technology
Shortly after the federal government suffered it’s largest and costliest data breach ever at the Office of Personnel Management (OPM), a post-mortem analysis found that the breach was entirely preventable, and the exfiltration of security clearance files of government employees and contractors could have been prevented through the implementation of two-factor authentication for remote log-ons.
BradleyGernat
Cybersecurity, IT Perspective, Technology, Tips and How-Tos
Movies and TV would have us believe that data breaches are long, hard-fought battles between the good guy and the bad guy—and the bad guy wins. That could not be further from reality. Hackers are opportunistic. They want to spend as little time as possible getting into the system, getting what they need, getting out, and exploiting it as fast as possible.
Paul Parker
Digital Design, IT Perspective, News, Technology, Tips and How-Tos, Uncategorized
The CAD and digital design sector is vast and growing at breakneck speed. It’s expected to reach $11.21 billion by 2023.
Many end-use industries such as automotive, aerospace, entertainment, industrial machinery, civil and construction, electrical and electronics, pharmaceutical, and healthcare, consumer goods, and others, widely use CAD and 3D design-based tools in their development processes.
DLT Solutions
Digital Design, IT Perspective, News, Technology, Tips and How-Tos, Uncategorized
The CAD and digital design sector is vast and growing at breakneck speed. It’s expected to reach $11.21 billion by 2023.
Many end-use industries such as automotive, aerospace, entertainment, industrial machinery, civil and construction, electrical and electronics, pharmaceutical, and healthcare, consumer goods, and others, widely use CAD and 3D design-based tools in their development processes.
DLT Solutions
CAD General, Digital Design, IT Perspective, Technology, Uncategorized
Aside from developing one of the sought after building information modeling (BIM) software in the industry today, you’ve got to hand it to the Revit product managers over at Autodesk—they listen.
Grace_Bergen
CAD General, Digital Design, IT Perspective, Technology, Uncategorized
Aside from developing one of the sought after building information modeling (BIM) software in the industry today, you’ve got to hand it to the Revit product managers over at Autodesk—they listen.
Grace_Bergen