Answer the question
In order to leave comments, you need to log in
Is there a turnkey solution for storing technical solutions?
Good afternoon.
The problem is that you come across a firewall rule created 5 years ago, it has a comment "Technical decision No. 12345 of 10/06/2009". And in order to understand whether this rule is necessary, it is necessary to find this TR. And the people who developed and coordinated it are no longer there. And looking in the document management system is not an option, you need to raise the archives. And I want to open a portal, enter the TR number and get the necessary documents.
We have: a large organization with IT and information security departments. Dozens of technical solutions are developed annually. Some agree, some don't. There was a question about single storage. The shared folder is not good. I have one solution so far - to create a portal based on some CMS and cut it to fit my needs.
Maybe someone faced such a problem? Does anyone have any ideas how to implement this? Or would you recommend ready-made solutions?
PS One of the requirements - the solution should not be online, only on its own servers, only hardcore.
Answer the question
In order to leave comments, you need to log in
What are your technical solutions? Title, date, description? How are connections established between them? Will any of you bother learning a framework to write your repository? If not, take almost any CMS and put it on your internal server.
1. You need to "connect" the table of all decisions and the existing rules of the firewall.
For example, make a micro-service that will periodically dump the entire list of rules from devices via SSH (giving commands automatically to the remote console) and notify (for example, by mail) if there are any mismatches / deviations.
2. To the decision table, already bind TR documents (integration with an internal portal or just a link to a shared folder), all participants in the document (who issued it, to whom it issued it, when it issued it, etc.) and for which equipment / software (also lists should be).
3. The list of hardware / software can then be linked to the network / software inventory system (for example, with zabbix).
There is such a DevOps concept, and it has such a thing as Infrastructure as code (description / preparation of infrastructure in the form of code), a little more about these ideas here .
Make a rule for all those. solutions in some form (it doesn’t even matter in what form) to store in a repository, for example, Git (GitLab and GitHub). The commit number will be your TR, it is easy to find out why, by whom, when and what change was made to the infrastructure.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question