Project to improve network POC database is IN THE WORKS
It's hard to imagine not having contacts saved in our phones, or iPhone users simply saying, "Hey, Siri, call Dave."
Mobile technology makes managing personal contacts easy, but technical point of contact (POC) lists are harder to maintain. This becomes an issue when stakes are high; should a connectivity issue arise, it's critical to quickly identify the party responsible for a segment of the network.
This was the challenge facing the U's Network Architecture Community of Practice (NACoP), a subcommittee of the university’s IT Architecture and New Technology Committee (ANTC). The group was tasked with creating a recommendation to modernize the network POC database to meet evolving security needs, which was approved by ANTC on May 18, and moves to the Strategic Information Technology Committee (SITC) for a final vote on July 14. Highlights of the recommendation are listed below.
"A major driver is accountability," said NACoP Chair Robert White, IT director of Undergraduate Studies. "We need to tie POC data to a team or department as opposed to an individual. For example, if I can't be reached, incident response time is delayed when the POC information is tied to me instead of an organization or team."
White said more accurate POC data supports other security initiatives like network access control, and default-deny firewall hardening. Tying the appropriate organization to an IP address, firewall rule, or other attribute provides the U's Information Security Office (ISO) with the data it needs to expedite incident response.
White said the network POC database will ideally be a single source of truth for network configurations. The project, pending approval, involves migrating network POC information from the existing POC database to the U’s instance of ServiceNow, the common service management platform used by UIT and Information Technology Services staff. The current POC, White said, will become part of a larger data collection that will grow as new features that support current and future initiatives are added.
"A key point of the project is to incorporate scalability. That will allow us to add attributes that aren't currently tracked," White said.
A new network POC database would:
- Validate data around IP address blocks and owners, and find disparities in the data.
- Improve data accuracy for incident response.
- Establish a basis for automating network activities, which relies on accurate configuration information.
- Add accountability for additional data types (e.g., host names for public services and virtual machines).
- Provide authorization and accountability over systems such as network access control, firewall rules, virtual local area network (VLAN) access, and DDI — which stands for domain name service (DNS), dynamic host configuration protocol (DHCP), and IP address management (IPAM). DNS is a directory for machines connected to the internet that maps between host names and IP addresses, which UIT provides for all utah.edu domains; DHCP allows any device to automatically obtain correct IP addressing information; and IPAM is the administration of DNS and DHCP.
- Improve role-based access control (RBAC) and group management. RBAC provides appropriate access to required information based on roles within an organization.
- Establish group data sets, which do not currently exist. These will initially be created in ServiceNow and migrated to the SailPoint identity management system for the long term.
- Define processes to govern POC data.
A cost analysis will determine the investment needed for the project, but White said the NACoP is looking at leveraging systems already in use at the university, including SailPoint, PeopleSoft, ServiceNow, the Infoblox DNS/DHCP/IP address management tool, The Online Automation Services Toolkit (TOAST) network automation tool, and data in the existing POC database.
Our monthly newsletter includes news from UIT and other campus/ University of Utah Health IT organizations, features about UIT employees, IT governance news, and various announcements and updates.