6.10 SYSTEM NETWORK MANAGEMENT AND ADMINISTRATION

6.10 SYSTEM / NETWORK MANAGEMENT AND ADMINISTRATION

Network management includes the execution of the set of functions required for controlling, planning, allocating, deploying, coordinating, and monitoring the resources of a communications network (either voice or data) including initial network planning, predetermined traffic routing to support load balancing, authorization and access control, configuration management, fault management, security management, performance management, and accounting management.

System management provides support services, ensures reliable operations, promotes efficient use of information systems, and ensures that prescribed service-quality objectives are met. In an enterprise environment, these functions and services are standardized and applied uniformly throughout the organization, centrally managed, and provide support to capacity planning and management operations.

• Development of an Information Management and Technology Plan that includes security;

• Auditing tools, metrics, processes including data capture, analysis (monitor), and review (action);

• Virus protection tools and processes;

• Standard processes for software and hardware installs , upgrades, updates, fixes, and subsequent testing;

• Backup and recovery processes and tools;

• Inventory management including initial logging and disposition of assets (e.g., hardware, software, media);

• Configuration management of infrastructure assets, reflecting both the static and dynamic aspects, that includes change management procedures and subsequent security testing for any incurred vulnerabilities in the changed infrastructure;

• Network monitoring, alarm, and management mechanisms;

• Internet access monitoring and management;

• Monitoring of service levels in accordance with established SLA(s); and,

• Security testing to ensure that system security features of a system are implemented as designed and adequate for the applications environment. The testing process can include hands-on functional testing, penetration testing, and verification.