- Worst of the lot: PCConnection and PCMall
- 10 ways the Chinese Internet is different
- Hacker writes rootkit for Cisco's routers
- Cisco loses $2 million order to Nortel
- Enterasys, Extreme hooking up?
BitTorrent blocking; SQL injection attack. Listen now!
Hacker writes Cisco rootkit; Microsoft launches online telescope. Listen now!
Discover how Wait-Time Analysis, a new approach to application and database performance optimization, allows IT professionals to fine-tune applications based on service levels. With this management tool you will find all root causes of problems impacting customers and identify the resources that will resolve that problem. Learn more today.
Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.
IT professionals like the idea of consolidating hundreds of servers into only a few, but it takes a lot more to cost effectively consolidate and virtualize servers. Watch this six-chapter webcast, "Reduce Complexity and Cost - Windows Server Consolidation with Virtualization" to learn how to effectively consolidate your Windows environment. One of the themes explored includes the characteristics of an orchestrated data center, which includes: Resource management, dynamic provisioning, job management, policy management, accounting and auditing and real-time availability. Learn more about orchestration and much more today. Register below to learn more and be entered to win an Archos 605 Portable Media Player.
botnets dont make ur comp slow- Anonymous
Four years ago, Michael Kamens joined Thermo Electron with marching orders to keep the $2 billion-plus maker of scientific instruments' global network up and running. Fast-forward to now, and Kamens finds himself neck-deep in network security and making sure IT is doing its part to make Thermo compliant with rules outlined in the Sarbanes-Oxley Act, which requires that a properly audited system of internal controls and processes is in place by November. Below is a summary of in-person and e-mail discussions between Kamens and Network World Executive News Editor Bob Brown.
Give me a thumbnail sketch of your job responsibilities and your company's network setup.
As global network/security manager I have a lot of responsibilities. I'm responsible for the creation of all IT security policies, Sarbanes audit procedures/testing and the training of 12 IT security auditors globally. My main concentration for the past 18 months has been IT security audits to ensure compliance with Sarbanes-Oxley Section 404 [management assessment of internal controls] and COBIT [security and control practices issued by the IT Governance Institute]. I modified the Deloitte & Touche Sarbanes tool to satisfy the requirements of our 118 global locations. I personally performed more than 60 on-site IT security audits. I'm also responsible for the design, engineering and operation of an [Internet Security Systems] SiteProtector intrusion-detection system consisting of 100 LAN- and host-based sensors plus 750 Desktop Protector licenses. We also beta-tested and installed 500 Determina host-based intrusion-prevention systems globally on all Win2K, [Internet Information Server], SQL Server and Exchange servers.
What about the network itself?
We've designed, engineered and implemented a Nortel Contivity solution with Nortel 2600s in the U.K., California and Massachusetts authenticating via three CiscoSecure ACS RADIUS servers for more than 3,000 mobile users. Migration to Microsoft Routing and Remote Access is in progress to enable more thorough integration with our Active Directory infrastructure. We've also designed, engineered and implemented a 118-node, fully meshed VPN globally utilizing IPSec/Triple-DES with [multipoint generic routing encapsulation] over regular T-1/E-1 circuits. This carries traffic for more than 10,000 users who send between 1.5 million and 2 million e-mails monthly and access corporate SAP, Hyperion, iManage and several other centralized applications.
How has your job changed over your four years at Thermo? For example, how much time are you spending on security-related issues vs. keeping the network up and running?
Initially my responsibility focused on building the VPN, which required 100% of my time. As of 24 months ago, additional security responsibilities such as creating IT security policies, training a global IT security team/IT security auditors consumed most of my time. As such, day-to-day VPN oversight was turned over to my senior network engineer with security requiring 90% of my time and 10% left to the VPN. As of 12 months ago, the Sarbanes requirements started accounting for 40% of my time, with general security 20%, security audits 25% and a [Microsoft] SMS project 15%.
As a network and IT security executive, how big a deal is Sarbanes-Oxley?
Sarbanes is all-encompassing as we consider failure not to be an option. All resources will be utilized to ensure full compliance.
When did your team start preparing for it, and what steps has your group taken?
We started almost 12 months ago but have increased our efforts dramatically in the past six to eight months. A Thermo Control Guide has been formalized along with a portal site to log all our findings and the steps to remediation. We have stepped up our internal education of compliance requirements. Weekly Sarbanes meetings are held to review the current status.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com The Industry Standard IDG List Services |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
