Step 7: Finalize the Project


Although the agents are deployed and fully operational, you must tie up a number of loose ends before the project is officially over. First of all, operational control of CSA must transition from the deployment team to whoever is going to manage CSA moving forward (see the "Plan for Ongoing Management" section earlier in this chapter for more information). Also, you need to establish procedures to govern the day-to-day operation of CSA. Here are a few examples:

  • Change control This procedure establishes the checks that are in place for CSA configuration changes. It controls how changes are requested, who reviews the changes, and by what criteria they are reviewed.

  • Backup and restore A procedure defining the frequency and type of backup performed on the CSA MC. It also outlines the proper way to restore the CSA MC if needed.

  • Log archive This procedure describes how long CSA event logs should be kept, when they should be archived, what types of events should be archived, and where the archive is stored.

  • Incident response A procedure to manage situations where CSA stops an attack. It should detail who is notified, how they are notified, and any steps that should be taken in response to the attack.

  • Disaster recovery The corporate disaster recovery procedure should be modified to include any necessary CSA items.

  • Policy reviewGuidelines for events that trigger a security policy review. For example, if the CSA policy prohibits software installation, but a user's job requires the ability to install software, this should trigger a policy review.




Intrusion Prevention Fundamentals
Intrusion Prevention Fundamentals
ISBN: 1587052393
EAN: 2147483647
Year: N/A
Pages: 115

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net