You are on page 1of 13

S No Check Points Artifacts

1 Pediodic review with SIFY Data Center by GCC Head


2 Last Review Details
3 Status of Risks identified and Mitigation Plan
4 Governance/Review Mechanism agreed with Sify
Dated Next Action Remarks
S. No Start Date End Date
1
1.1
1.2
1.3
1.4
2

2.1

2.2
2.3
2.4
2.5
3
3.1

3.2
3.3
3.4
3.4.1
3.4.2
3.4.3
3.4.4
3.4.5
3.4.6
3.4.7
3.4.8
4
5
6
7
8
Audit Points
Architecture Review
Network devices like firewalls, Intrusion detection/prevention systems, VPN etc..
Disaster recovery infrastructure and processes
Contingency plan and processes
Vulnerability Assessment
Technology & Managed Services best Practice
Perimeter Security and Devices configuration ( Firewall Service /Intrusion Prevention
Service /AV and Content Filtering Services /E-Mail etc..
Authentication Service
End Point Security /Data Security
Vulnerability correlation & Patch management
Devices Monitoring Alert & notification
Documents
Policy Documents

Procedure documents (Startup & Configuration procedure Document/Reconfiguration/


WAN Location Details Document/Backup & restore configuration files etc..)

Checklist and Reports (Daily Weekly & Monthly)


Process Documents
Capacity Management
Services continuity & Availability Management
Access control Management and Matrix
All critical Devices /OEM Support contract & escalation matrix /Licenses details
Critical devices backup Process
Patch management /Anti Virus /hardening document
OS Image standardization with customer approves Software list
Component Failure Impact Analysis
Roles & responsibility matrix
Knowledge base
Deliverable RACI Matrix
Resource Technical Capabilities and Skillsets
Logs review
Gaps Found Suggestion Benefits Priority Remarks
S. No Start Date End Date
1
1.1
1.2
1.3
1.4

1.5

1.6
1.7
2
2.1
2.2
2.3
2.4
2.5
3
3.1
3.2
3.3
3.4
3.5
3.6
3.7
4
4.1
4.2
4.3
4.4
4.5
4.6
4.7
5
5.1
5.2
5.3
6

6.1
6.2
7
7.1
7.2
7.3
7.4
7.5
7.6
8
9
10
11
12
Audit Points
Architecture Review
WAN Architecture and devcies review like Routers/Switches/connectivity /single point of failure (SPOF)
Disaster recovery infrastructure and processes
Redundancy, protocols configuration and auto-recovery mechanism
optimized Spanning-tree configuration

Optimized routing configuration including protocol tuning with Stub if required and summarization (to be reviewe

Hardware Oversubscription (LAN switches blocking/non blocking, WAN routers)


Route handling capacity incase WAN switches are used and/or BGP being used
WAN
Service provider redundancy
POP redundancy
Hardware redundancy
Optimized re-routing
Gateway redundancy at WAN location with auto-recovery
LAN/DC Switching
Speed/Duplex
Portfast/BPDU guard configuration
port-security in uncontrolled LAN environment
Broadcast and multicast stormcontrol on LAN/DC
UDLD should be enabled on LAN
Appropriate switch configuration for teamed servers
Appropriate switch configuration for NLBS servers
Routing
Gateway configuration
Service Provider peering
Ensure default rouitng towards DC is avoided
Internet Routing(BGP hardening if applicable)
ACL implementation on Internet for anti-spoofing
Route tagging on redistributed routes
Avoid public address routing on INTRANET
Device hardening
Unwanted services to be disabled
Access to devices is secured as per standard
Access to network is restricted using ACL
Documents
Procedure documents (Startup & Configuration procedure Document/Reconfiguration/ WAN Location Details Doc
configuration files etc..)
Checklist and Reports (Daily Weekly & Monthly)
Process Documents
Capacity Management
Services continuity & Availability Management
Access control Management and Matrix
All critical WAN Link /Devices /OEM -ISP Support contract & escalation matrix etc..
Critical devices backup Process
Component Failure Impact Analysis
Roles & responsibility matrix
Knowledge base
Deliverable RACI Matrix
Resource Technical Capabilities and Skillsets
Logs review
Gaps Found Suggestion Benefits Priority
Remarks