SHIFT

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools


Sidebar

Sponsor:

Would you like to sponsor this site?
Or buy me a beer?:


Recently Changed Pages:

View All Pages
View All Q Pages


View All Tags


Sign up for Q to post comments.





WIKI Disclaimer: As with most other things on the Internet, the content on this wiki is not supported. It was contributed by me and is published “as is”. It has worked for me, and might work for you.
Also note that any view or statement expressed anywhere on this site are strictly mine and not the opinions or views of my employer.


Terms And Conditions for Q users


Pages with comments

PageDateDiscussionTags
2018/07/31 23:30 2 Comments
2017/04/20 16:35 1 Comment
2017/04/20 15:28 1 Comment
2017/04/20 15:23 1 Comment
2017/04/19 14:59 1 Comment
2017/04/19 14:45 3 Comments
2017/04/19 14:44 1 Comment
2017/04/17 20:10 1 Comment
2017/04/17 20:07 1 Comment
2017/04/17 19:58 1 Comment
2017/04/17 19:52 1 Comment

View All Comments

infratoolbox

Infra Toolbox

I've been working on and in Infra teams for almost twenty years now and I decided to create my own personal Infra Toolbox. It's based on my own experience on how to responsibly run an Infrastructure Team.

The major topics are:

  • Operations
  • Security & Continuity
  • ITIL
  • Scrum
  • Responsibilities
  • Team

Note that in the last recent months I've worked a lot with scrum and found that several parts of scrum have a high added value to infrastructure teams. The main pillars, transparency, inspection and adaption, are very valuable with Infra as well. That's why I added the T/I/A column in the tables below to underline the importance.

Operations

Topic Sub Topics Hints T / I / A
Monitoring * Note that monitoring alone is not enough. You should have the resources to follow up on alerts.
* Chain Monitoring is a big plus on keeping an eye on everything.
* Make sure you have a screen with the current status visible
Backup & Restore * Could also be stored under continuity. \\* If data is valuable you should be able to restore it.
* If data is not valuable you should be able to reproduce it.
* Example: It's easier to reinstall certain types of services than to restore it from a backup.
* Keep backup status in monitoring.
* Keep reports for more than a year
Documentation Infra Designs * Templates
* App Info: App Owner, Confidentiality, Integrity (RPO), Availability (RTO), Privacy, Technival App Mgmt, Functional App Mgmt
* Hardware and software
* Interfaces
* Permissions
* Operational Threat Design to virtualize the big picture: (Virtual) Servers, databases, network components (incl. loadbalancer), security components
Technical Documentation * Review yearly
* Enough to reproduce data and or services
* Not too much to make it a burden
* Documentation should be visible and easy to adapt.
Datacenter Floorplan * Keeping an up to date floorplan makes it easier to work with suppliers
Internet * You should have a backup internet plan, from different supplier, with different technology, preferably on a different access point * Report on hardware items and floorplan

Automatisering van overzichten (voor iedereen opvraagbare overzichten van servers, SQL, performance, etc).

Automatisering van werkzaamheden. Houd bij wat geautomatiseerd is, en wat nog geautomtiseerd moet worden en dan de meest toegevoegde waarde heeft.

Security and Continuity

Topic Sub Topics Hints T / I / A
Patching Patching is the most important topic regarding security.
Think about OS, tooling, firmware, products, platforms, databases.
Make sure you can create a patch report.
Framework Create a framework within you can deploy various types of patching. Think of it as a monthly schedule, either on hard dates or relatives dates, for example, all dates dependent on Microsoft's Patch Tuesday
Proxy Should be a benefit, not a burden.
Firewalling
Baselines
Antivirus Antivirus
Antimalware
Antiransomware
Disaster Recovery Runbook Think Telephony, Workplaces, Internet, Infra Backend, Company
Winter What to do when everybody is snowed in
RBAC
PenTest DMZ, internal, social, external, workplace

PKI en Certificaten

ITIL

Topic Sub Topics Hints T / I / A
CMDB * Should be updated automatically
* Could be a double for the product catalog if it holds values for current version and market value
* Could be a double for a basic knowledge matrix
LCM * Provides input for the planning sessions
Incident * Should be easy and logical to follow * Incident process description should be available
* Monitoring should be on:
* * Number of long term open incidents
* * Major incidents
* RCA of majaor incidents should be communicated, solution implementation should have a date
Problem * Should be easy and logical to follow * Problem process description should be available
* RCA should always be done on the same way ( 5 x why)
Change * Should be easy and logical to follow
* The less paperwork it requires to turn a RFC into a change the more likely people will follow it
* Change process description should be available
* Changes can be derived from incidents, problems, backlog and customer request. All options should be embedded in the process.

SCRUM

  • Empirics - pillars and values
  • Events + refinement
  • Roles - 8 Scrum Master stances - Product owner grow path
  • Artifacts + DoD

Scrum is for complex environments, infra is more like complicated.

Responsibilities

Suppliers - (Co) sourcing RACI / Contracts (SLM + renewal) / Licenses - renewal and counting Planning - Product roadmaps - year & quarterly planning - presence (holiday, training, work from home), standby Work Intake - very small, incident/service request - small - backlog - (very) big - through architecture - acceptance criteria, service catalog Architecture - guidelines, project intake → solution architecture → infra design Audit - what will be audited, when will it be audited, automatic trigger for restore/disaster recovery/baselines

Work intake - Incidenten (facilitor & mensen naast bureau & email & nimbus & daily checks) - Requests (facilitor & mensen naast bureau & jira & email & frequent checks) - Problems (facilitor & jira) - Changes (facilitor & jira) - Business projecten (geen duidelijk intake proces) - IV projecten (geen duidelijk intake proces) - ITL projecten (geen duidelijk intake proces) - POCs (geen duidelijk intake proces) - Wintel innovatie (jira) - LCM (jira) - Auditor, IT Control, Compliance & Risk verzoeken (email & agenda) - Vakgroepen (email & agenda) - SCRUM events (agenda)

Wat zijn de afspraken mbt aanwezigheid, bereikbaarheid, SLA's op incidenten etc.

Welke zaken moeten worden goedgekeurd en door wie? Denk aan HR zaken, declaraties, opleidingen, onderhoudsfacturen, overwerk, verlof, etc.

Verjaardagen.

Acties en procedures bij ziekte, incl een kaartje sturen

Kosten inzichtelijk maken (wat kost een server, wat bespaar ik als ik , etc

Interne communicatie methode bij wijzigingen (intranet, email, hoeveel tijd van te voren etc)

P&S Catalog: Functionele omschrijving toevoegen (geen functioneel ontwerp): High level opsomming van functies die het systeem biedt en een summiere omschrijving in max 10 regels van die functies.

Cloud

Cloud Risk assessment, DNB assessment, exit strategie, + alles wat je ook voor je on premise omgeving doet

Team

Team is responsible for making decision to fill in all optional decisions Team self organization Onboarding new team mebers / permissions Fun team offsite

kennismatrix

You could leave a comment if you were logged in.
infratoolbox.txt · Last modified: 2018/05/17 05:42 by sjoerd