By: Casey Gager
July 30, 2020
How To Learn Network Operational Management
By: Casey Gager
July 30, 2020
Cybersecurity is a diverse and growing field. There are many paths a professional may take to becoming a cybersecurity expert. Also, there are distinct practice areas within the world of cybersecurity. One person may be an expert in technical aspects of cybersecurity, while another person's specialty may focus on compliance. Regardless of the cybersecurity professional's role, understanding how information technology departments and overall business operations are essential to the cybersecurity program's success.
Enterprises combine the roles of the security operations center (SOC) and network operations center (NOC). As technology advances, and enterprises look to improve their resource use, the trend of combining the SOC with the NOC will increase in popularity. Software-defined networking, virtualization, and cloud technologies push the lines between NOC and SOC's responsibility. Once it was the sole responsibility of the NOC to monitor, configure, and maintain the network infrastructure, changes to how technology is managed have demonstrated the need for SOC analysts to have access to consoles traditionally reserved for NOC personnel. Conversely, NOC personnel are increasingly accessing and managing applications and consoles typically reserved for personnel in a security-focused role.
What if you are a person looking to enter the cybersecurity field, or a seasoned compliance officer with a background in a cybersecurity domain less technical than a cybersecurity engineer, network administrator, or SOC analyst? Wouldn't it help you accomplish tasks assigned to your role if you were conversant in the role of network operations? If you want to become more conversant in network management, you are in luck. Cybrary recently released a new course titled "Network Operational Management".
After a section containing an overview of the responsibilities of a network operations team, the course continues with sections on two important topics: network monitoring and network maintenance. Both monitoring and maintenance are important to the functioning of enterprise infrastructure. Network monitoring tools may also be used by the organization to enhance the security capabilities of an organization. The collection of log data and other information from network devices provides a centralized method for determining the current status of a network. Still, the log data may also be correlated to detect and respond to security events and incidents. Network monitoring and maintenance are key to a healthy infrastructure and supply proper service delivery to the organization. Network monitoring can provide security teams with insight into potential blind spots in enterprise networks. Network maintenance such as patching and standardization are key foundational elements of an information security program. Without proper network monitoring and maintenance, an entire organization can cease to function or exist.
The network monitoring section of the course provides a great discussion of network monitoring tools. These tools provide a centralized method of collecting, correlating, and making sense of the data collected from various devices. This section also includes an introduction to several methods of collecting data from networked devices. The instructor does a good job explaining three collection methods: Simple Network Management Protocol (SNMP), Syslog, and Netflow. All three methods are used by personnel in NOC and SOC environments to collect data about the status, events, and traffic occurring on a network. To further the discussion, the instructor includes a hands-on walkthrough of a basic configuration of each collection method. These walkthroughs not only assist the student in applying their knowledge but also reinforce the best practices for implementing the collection methods.
The course ends with a section on network maintenance. In this section, the instructor discusses common remote-access methods for supporting a network. Enterprise networks may be geographically dispersed and have a vast number of devices. Having secure methods by which to administer devices from a remote location is important to ensure the proper function of an enterprise network. The instructor also includes walkthroughs of example configurations of these remote access tools. These walkthroughs are concise, and further, the content taught in the lessons. The end of the course is a detailed wrap-up, including a discussion on network management best practices.
If you are looking for a short course covering network management basics, this course is certainly worth a watch. Even seasoned cybersecurity or technology professionals may learn something new about best practices and methods related to network management. After you complete this course, you can move on to one of Cybrary's other courses related to network management, cybersecurity, or other technology topics covered in their large catalog of courses. Regardless of your level of knowledge or experience, there are always things you can learn.