Share this page!

John Breth (JB) | CyberInsight on YouTube Profile picture
Twitter logo
7 Feb, 9 tweets, 2 min read
Random thoughts on planning a small office relocation. This is off the top of my head. So might change some steps IRL. Step one is going to be updated asset list/documentation/cable connections. What devices/software/data currently exists and what will need to be moved /1
Figure out what IT closets/cabling options are in the new spot and plan accordingly and create transition documentation(cable plan, rack layouts, updated diagrams if needed . Pre-run/label as much as you can. Make sure you test these connections(cable drops to comms closets). /2
Backup all device configs/critical data as needed. If you can phase deployments, that is cool, but you might have to do a hard cut over. Figure out what you are doing for circuits (new or migrating). /3
Figure out order of operations for powering down devices safely. Don't assume you can just pull plugs, flip switches. Some devices need graceful shut downs to not corrupt data/state. Generally I'd start with end devices first, servers, SANs, then network devices /4
Pack devices carefully. Labeling and planning of what goes in which shipping boxing can make redeployment smoother from a logistical perspective. If you're lucky, data center/infrastructure cable plans stay the same and you can pack the prexisting labled cables. /5
Do the inverse of what the takedown operation was, bring up networks devices, SANs, servers, end devices. The prestaging of labeled cables will save you a lot of time here. Make sure you test as new functionalities are brought back online. /6
Test internal and external connectivity. In the earlier planning parts, it would make sense to have a testing checklist of expected responses for internal/external tools/services/data. /7
Take advantage of the fact that you have the ability to get your documentation 100% correct at this point in time. Ensure in your project planning that you build in the adequate amount of time for testing and documentation. /8
Lastly, don't forget to also do security testing. Yes it should be the same equipment/accounts/data, but maybe you added new security zones/devices/data flows. Validate the security/compliance/vulnerability posture (this may also include the physical security of the new location)

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with John Breth (JB) | CyberInsight on YouTube

John Breth (JB) | CyberInsight on YouTube Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @JBizzle703

John Breth (JB) | CyberInsight on YouTube Profile picture
21 Aug 20
I've been seeing some tweets about #BlueTeam and documentation and diagrams. Diagrams are an important part of the engineering process! So, I figured I'd do a little diagram breakdown for folks wondering what are some useful types of diagrams.
High level diagrams provide a non-technical overhead perspective of the environment. If you are at all familiar with DoDAF, this would be like your OV-1 diagram. These should tell a high level story and be easily explainable to someone who is new/and or non-technical.
Network level diagrams show logical connectivity between all nodes/devices in the environment. It should include the IP/hostname of the devices. Other details to include are VLAN information, system/authorization boundaries, as well as any unique information that might make sense
Read 12 tweets
John Breth (JB) | CyberInsight on YouTube Profile picture
14 Aug 20
For fun 😬 let's chat about network ACL's and a high level approach to securing your network. The purpose is to provide multiple levels of protection (i.e. defense in depth).

4 main ACL's to talk about:
✅Premise ACL's
✅Inter-zone ACL's
✅Intra-zone ACL's
✅Host-based ACL's Image
Let's start on the outside with Premise ACL's. These reside on your most outward facing network devices (probably a router or switch) where your Internet circuits are plugged into. These ACL’s would knock down a large amount of unwanted SPAM packets that flood the Internet.
I would implement both inbound and outbound rules. Only allow out traffic from your specific publicly routable IP space, block private IP space, implement Bogans lists, and also only allow known expected protocols that should be coming into your environment from the Internet.
Read 13 tweets
John Breth (JB) | CyberInsight on YouTube Profile picture
8 Jan 20
Have you implemented active defense strategies in your environment? Do you know what active defense is vs. normal security monitoring? Let's talk about some technologies/generic strategies.

Shout out to @strandjs @BHinfoSecurity @ActiveCmeasures @corelight_inc
#30DaysofThreads
Active defense is a strategy used that doesn’t just wait for an adversary to attack and then solely block or react. Active defense can instead be seen as an engaged defense that is actively lying in wait. Think of tripwires implemented to attract and alert on malicious actions.
I'm going to discuss two flavors of AD: annoyance and attribution. In the above diagram I have laid out a very generic architecture and labeled a variety of different infrastructure components and the tools/strategies that could be implemented on them.
Read 22 tweets
John Breth (JB) | CyberInsight on YouTube Profile picture
5 Jan 20
I've seen tweets recently from @gabsmashh and @TC_Johnson about wanting to nail down subnetting. I threw this little diagram together. For me, leaning to subnet took a combination of memorization and finally finding the right explanation that made it click.

#30DaysofThreads
The thing that really clicked for me was understanding that each type of subnet (/24 for instance) is made up of multiple smaller subnets. And the address assignments or boundaries of these smaller subnets cannot change. You can't make a /26 network that bridges two /25's.
So, learning where these boundaries are is critical to learning how to do this all in your head. Also, remember that the first IP address in a network is always the network address and the last is the broadcast address. These are not usable IP's.
Read 11 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @JBizzle703 has new unrolls!

Check out other threads from @JBizzle703!

Read all threads by @JBizzle703