Planning a big deployment...

deanwebb · October 15, 2016, 11:38:13 AM

NAC project, global rollout, 400K+ endpoints, three years to full enforcement, and who gets asked to plan the whole thing? Me.

It's a stretch, for sure, but I'm really getting into this. I'm not labbing this weekend, I'm drawing up plans for a very complicated operation. I'm stoked, and this is where I can take all the stuff I've learned about doing NAC in a limited way and scale it out for the global enterprise.

But make no mistake, this is not an easy thing. I made an outline of things to consider last night and it ran to just shy of 7 pages. Now I'm fleshing out the outline and creating a timeline from it. Having some project management experience is good because it helps me think of which tasks can be done in parallel and which have to be done in serial.

If I accidentally write a book on this subject, I hope I'll be able to get it edited and published, that's for sure.

Dieselboy · October 16, 2016, 09:29:57 PM

Sounds like fun. What's your approach?

My biggest rollout has not even been 10% of your project.

deanwebb · October 17, 2016, 06:34:55 AM

Monitor everything before enforcing anything.

Then enforce by degrees, testing all the way.

Nerm · October 17, 2016, 08:50:36 AM

Wow! Sounds like quite the task.

deanwebb · October 17, 2016, 09:10:37 AM

Indeed... monitoring is pretty straightforward. It's getting to enforcement for all our sites that will be the biggest mess.

1. Deploy ForeScout CounterACT NAC
2. Monitor everything
3. ? ? ?
4. PROFIT!

icecream-guy · October 17, 2016, 10:43:43 AM

Quote from: deanwebb on October 17, 2016, 09:10:37 AM
Indeed... monitoring is pretty straightforward. It's getting to enforcement for all our sites that will be the biggest mess.

1. Deploy ForeScout CounterACT NAC
2. Monitor everything
3. DOCUMENT
4. PROFIT!

Nerm · October 18, 2016, 07:47:56 AM

Document? Who wants to document? lol

deanwebb · October 18, 2016, 11:03:58 AM

This is what we hire tech writers for, this documentation thing...

But now I'm considering how many people we need and for how long in order to take care of certain tasks. Project management, baby! I'll also get into questions of budget for gear... and travel...

Otanx · October 18, 2016, 11:49:04 AM

Don't forget training.

-Otanx

Nerm · October 20, 2016, 12:35:41 PM

Quote from: deanwebb on October 18, 2016, 11:03:58 AM
This is what we hire tech writers for, this documentation thing...

But now I'm considering how many people we need and for how long in order to take care of certain tasks. Project management, baby! I'll also get into questions of budget for gear... and travel...

You have people dedicated to writing documentation? That is awesome!

deanwebb · October 20, 2016, 01:15:59 PM

Welcome to Major Global Multinational, Inc. And while we have writers for everything, those writers write procedures for everything...

Nerm · October 20, 2016, 03:28:05 PM

I work for a large (IMO) global company but we don't have technical writers. Well if we do I don't know any of them lol.

wintermute000 · October 20, 2016, 10:01:10 PM

we're supposed to have them, but I"ll be f--ked if I know who actually gets to use them, or what the f--k they actually write, as all the doco I've ever seen have been hammered out by engineers desperately trying to get if off their plate

deanwebb · October 21, 2016, 09:10:00 AM

One of those problems of a company of a certain size...

icecream-guy · October 21, 2016, 10:51:14 AM

Quote from: deanwebb on October 21, 2016, 09:10:00 AM
One of those problems of a company of a certain size...

added it to the thread