ITU Regional Standardization Forum For Africa Dakar, Senegal, 24-25 March 2015 The Securing of Networks (Plan of Continuity of service) Bocar KELLY, Leader.

Slides:

Advertisements

Similar presentations

Group 3 A: Capacity Building - Operational (Technical) Support What capacity is needed to ensure an effective operational response to a humanitarian emergency?

Advertisements

Doc.: IEEE /0357r0 Submission March 2011 Marc Emmelmann, Fraunhofer FOKUSSlide 1 A focused path torwards TGai D1.0 Date: Authors:

Course: e-Governance Project Lifecycle Day 1

1 The process of analyzing all core business functions and establishing an optimized timetable for recovery. Provides baseline for:  Justification for.

Optimal redundancy allocation for information technology disaster recovery in the network economy Benjamin B.M. Shao IEEE Transaction on Dependable and.

1 Disaster Recovery “Protecting City Data” Ron Bergman First Deputy Commissioner Gregory Neuhaus Assistant Commissioner THE CITY OF NEW YORK.

Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP)

ITU Regional Standardization Forum for Africa Dakar, Senegal, March 2015 Energy and Environment Protection of Equipment Bocar KELLY, Head of Architecture.

University of Guelph IT Security Policy Doug Blain Manager, IT Security ISC, April 27th.

ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.

Disaster Recovery and Business Continuity Ensuring Member Service in Times of Crisis.

Service Design – Section 4.5 Service Continuity Management.

1 Disaster Recovery Planning & Cross-Border Backup of Data among AMEDA Members Vipin Mahabirsingh Managing Director, CDS Mauritius For Workgroup on Cross-Border.

By Jeff Fetherolf. Business Impact Analysis (BIA) A process of having the business process owners, business subject matter experts, etc. identify the.

African Project Implementation of the 2008 System of National Accounts.

Gulf Coast Energy International Business Continuity / Disaster Recovery Planning and Design Proposal Prepared by Andrew Rolf, Felipe Torres, Pranay Jaiswal.

The Business Plan : Creating and Starting The Venture

John Graham – STRATEGIC Information Group Steve Lamb - QAD Disaster Recovery Planning MMUG Spring 2013 March 19, 2013 Cleveland, OH 03/19/2013MMUG Cleveland.

Business Continuity and You! The Ohio State University Business & Finance Enterprise Continuity Program Quarterly Update October 2008Business and Finance.

ELECTRONIC SYSTEMS ENGINEERING TECHNOLOGY TEXAS A&M UNIVERSITY Innovating tomorrow’s products and systems today Dr. Joseph A. Morgan, D.E., P.E.

1 Working Group on Archives and Records Management WGARM.

MITIGATION PREPAREDNESS RESPONSE RECOVERY FOUR PHASES OF EMERGENCY MANAGEMENT Pre-event Post event Pre-event.

Information ITIL Technology Infrastructure Library ITIL.

ISA 562 Internet Security Theory & Practice

Business Continuity & Disaster recovery

2010 Virginia RIMS and PRIMA Conference October 5, 2010 Business Impact Analysis: The Road Map to Managing Risks.

1. 2 Cost to Recover Time to Recover Last Backup Work Backlog Created Lost Data Recovery Operations Time Cost Disaster Recovery Time Frame Reconstruct.

Business Continuity and Disaster Recovery Planning.

UN/CS/RAI/USAA/DB01/ Development of a Strategic Plan for a Digital Archives Programme Common Services Working Group on Archives and Records.

Proposed Supply Chain Risk Management Process Flow Supply Chain Risk Leadership Council 20 April 2009 DRAFT.

Enterprise Architecture [Product Name] [Enterprise Architect] [Discipline and Names] To-Be Powerpoint Presentation v

The Integrated Food Security and Humanitarian Phase Classification (IPC) Workshop on Feasibility for Continuous and Integrated Drought Management 21 September.

VERMONT COMMUNICATIONS (VCOMM) March 2, 2006.

Benoît Esnault Commission de Régulation de l’Energie (CRE) - ERGEG 19th Madrid Forum, March 2011 Energy Infrastructure Package ERGEG preliminary.

Interdependence between Critical Infrastructures Broadening the definition of infrastructure: from transport to logistics.

Business Continuity Program Orientation (insert presentation date) (This presentation is a template that requires adjustments to meet your needs)

Generation assets important to the reliable operation of the Bulk Electric System What does this mean?

Proposals on standardisation process in ESS, The Hague_ ESS net Preparation of Standardisation 1 Proposals on standardisation process.

INFORMATION SECURITY MANAGEMENT L ECTURE 3: P LANNING FOR C ONTINGENCIES You got to be careful if you don’t know where you’re going, because you might.

Asia & Pacific Regional Expert Group on Disaster-related Statistics Expert Forum for producers and users of climate change- related statistics Geneva,

NFPA 1600 Disaster/Emergency Management and Business Continuity Programs.

Office for Information Resources Crisis Management and DR Larry K. Peck Disaster Recovery Consultant Office of Information Resources State of Tennessee.

Regional Workshop to disseminate Water Supply and Sanitation Standards of Service, adapted to LDCs Préparation to the ISO TC 224 Drafts Standards test.

The Central Role of the Network Operators 28 March 2007 ERGEG-GTE Meeting.

9 juni 2009 Alex van Os de Man BCI Forum 2009 Business Impact Analysis Process.

Guidance document on Water and Climate adaptation Jos G. Timmerman Rijkswaterstaat Centre for Water Management.

Chapter 12 The Network Development Life Cycle

Lecture5 : Contingency planning Lecturer: Kawther Abas 25/12/ CS – Management of Programming Projects.

Erman Taşkın. Information security aspects of business continuity management Objective: To counteract interruptions to business activities and to protect.

RISK MANAGEMENT. CONTENTS  DEFINITION  WHAT IS RISK  TYPES OF RISK  RISK MANAGEMENT PROCESS  APPROACHES TO RISK MANAGEMENT.

CLOUD-BASED VIDS A CIO’S PERSPECTIVE Stephen Alford, CIO WEP, Inc.

A Lightweight Business Continuity & Disaster Recovery Plan Motahareh Moravej Issuers’ Affairs Director at CSDI PHD. Student of Computer Engineering, UT.

This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

Disaster Recovery Management By: Chris Rozic COSC 481.

CYSM Risk Assessment Methodology Co-funded by the Prevention, Preparedness and Consequence Management of Terrorism and other Security-related Risks Programme.

Business Continuity Planning 101

Dr. Gerry Firmansyah CID Business Continuity and Disaster Recovery Planning for IT (W-I)

Donald JG Chiarella, PhD, CISM, CDMP, PEM, CHS-CIA, MBA.

Information ITIL Technology Infrastructure Library ITIL.

Regional Workshop to disseminate Water Supply and Sanitation Standards of Quality of Service, adapted to LDCs Preparation to the ISO TC 224 Draft Standards.

Utilizing Your Business Continuity Plan.

The Business Plan : Creating and Starting The Venture

Response to disruptive events at INEGI - Mexico City Office

The Business Plan : Creating and Starting The Venture

Personal Introduction

WGARM Appraisal Decision Assistance Phase 1, Dec. 2002

Special MRC – Fuel Security

CRISIS EVENT Risk Assessment Crisis Management and Business Continuity

What is IT audit? An examination of how IT systems where implemented to ensure that they meet the organization’s business needs without compromising.

Presentation transcript:

ITU Regional Standardization Forum For Africa Dakar, Senegal, March 2015 The Securing of Networks (Plan of Continuity of service) Bocar KELLY, Leader of Department Architecture and Planning Networks, SONATEL

Context The securing of networks is part of our Plan of Continuity of activities that takes into account all the aspects below Crisis Management (CM) Outside scope  Process allowing to cope with disaster of extreme gravity Work area Recovery (WR) Outside scope  Process of the restoration of a working environment after disaster for critical functions Disaster Recovery Plan (DRP)  Process of resumption after disaster to a level of agreed services of functions Critics Business Impact Analysis (BIA) Outside scope  Identify the critical functions for the business and assess the impact of their Losses Securing networks: one of the stages of the DRP

What Approach ? Functional Analysis Definition of stakes Identification of evaluation criteria of impacts Inventory of fixtures Statements of existing and planned security Risk Analysis Identification of gaps Plans of action Roadmap for setting conformity

Approach : Functional Analysis  Identify the level of service required for each element of the Network (duration of unavailability, duration of loss of information, potential risk, etc. )  Classification of nodes of the network in relation with the level of service (C2, C3, C4, etc. ) Level of AvailabilityYearMonthWeekCategory 2 nine - 99%3.65 days7.20 hours1.68 hoursC2 3 nine per cent8.76 days43.2 mn10.1 mnC3 4 nine %52.56 mn4.32 mn1.01 mnC4 5 nine %5.26 mn25.9 s6.05 sC5 6 nine %31.5 s2.59 s0.605 sC6

Approach : Functional Analysis  Example of classification for some elements of the Sonatel network CategoryLevel of AvailabilityDisaster Recovery MSC/PTS/HLRC55 nine %OUI IN (Réseau Intelligent)C55 nine %OUI Réseau de TransmissionC55 nine %OUI * SMSCC55 nine %OUI Réseau IPC55 nine %OUI* OTA/DMC (Configuration des appareils) C44 nine %OUI CRBT (ring back tone)C44 nine %OUI * : Transmission network/IP in loops

Approach : Inventory of fixtures  Statements of existing or planned securities:  Network Segmentation: o Access Network o Collection, Transmission and IP o Heart of Ntwork CS&PS o Platforms of Service o NRJ and Environment  Analysis of the Level of the Securing of Equipment : o internal redundancy of cards (2N, N+1, etc. ) o Geographical Redundancy o Double Power Supply o Etc.

Approach : Analysis of Risks  Technical study of scenarios of likely disaster for each element of the network  Identify for each risky node, one or several potential risks  For each risk, identify the probability of occurrence  Finally, define the level of gravity in relation with impacts (financial, operational, mark, etc. ) Classification of the various nodes of the network (C5, C4, C3, etc. )

Approach : Plan of Development  Define the scenarios of evolution:  Propose an architecture adapted to each type of service  Define the roadmap of implementation

Use case: Securing the Heart of CS Network Migration of an initial architecture in silo (absence of geographical redundancy for the MSCS) toward an architecture in a pool with a backup of mutual MSCS.

Architecture of the Switching Network of Sonatel Establishment of a geographical redundancy for all critical nodes of the network with securing interconnecting links.

THANK YOU