Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Network Engineer vs. Network Security Engineer

From: Jason Hurst <Jason.Hurst () PandaRG com>
Date: Mon, 11 Jan 2010 07:44:54 -0800
Hi Johnathan,

That is a tough question, and all I could say is that it depends on what you see your role as, and what the company 
sees your role as.

Are you the security auditor and developer of security policy? If you are, then you should NOT have "write" access to 
the IPS, IDS, Routers, and ASA devices, because then you would be auditing your own work. In that context, you should 
have "read only" access to these devices, and pass change requests to the Network engineer to make tuning changes. This 
would enable an adequate level of segregation of duties.

However, perhaps you are not the auditor, and you are implementing already established security policy at your company. 
In that case, you should have "write" authority to these security devices, as the Network Engineer should have primary 
responsibility of network connectivity, and you should have primary responsibility of security rules.

But some further information might be helpful. What was the reason that the Network Engineer gave for denying your 
access? Was it a segregation of duties argument, or was there something else? Did he deny even read access?
 
Jason Hurst
Sr. Network Security Administrator
Panda Restaurant Group
jason.hurst () pandarg com
Please consider the environment before printing this email

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Johnathan
Sent: Saturday, January 09, 2010 9:04 AM
To: security-basics () securityfocus com
Subject: Network Engineer vs. Network Security Engineer

Hello List,

I am Security Engineer/Analyst at a company who is currently building their security program and have run into a issue 
on defining a Network Security Engineer's roles and duties versus a Network Engineer (on the LAN/WAN side) and where a 
line is drawn and what should overlap.

This subject came about when I requested access to our Cisco IPS, IDS and ASAs. The senior engineer (who, by the way, 
is the only person who has full access to all of our Cisco routers, switches, IPS, IDS, ASAs, etc.) within my company 
fought to disallow my access.

We have Cisco MARS implemented, and I am the primary manager of that device and require access to our Cisco security 
devices (IPS, IDS, etc.) to sufficiently tune and update the appliance.

Was I and am I wrong for requesting access and wanting it? Where should the line be drawn as far as duties and roles? 
Not just for Cisco security devices but on an enterprise wide scale.

I would really appreciate any responses to this.

Than You. 

----
Johnathan

Sent via BlackBerry by AT&T

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: