NETWORK MANAGEMENT (BIT3204)

Network Administration

Dr. Nadia IRADUKUNDA

E-mail: [email protected]
[email protected]

Kigali, Rwanda
 NETWORK ADMINISTRATION
❖ A network administrator is an individual that is responsible for the maintenance of computer
hardware and software systems that make up a computer network.
◼ These include the maintenance and monitoring of active data network or converged

infrastructure and related network equipment.

❖ The role of the network administrator can vary significantly depending on an organizations size,
location and socio-economic considerations.
◼ Some organizations work on a user-to-technical support ratio, whilst others implement many

other strategies.
❖ Generally, in terms of reactive situations (i.e.: unexpected disruptions to service, or service
improvements), IT Support Incidents are raised through an Issue tracking system.
◼ Typically, these issues work their way through a Help desk and then flow through to the relevant

technology area for resolution.

◼ In the case of a network related issue, an issue will be directed towards a Network

Administrator.
◼ If a network administrator is unable to resolve an issue, a ticket will be escalated to a more

senior network engineer for restoration of service or a more appropriate skill group.

2
 Con’t
❖ Network Administrators are often involved in proactive work. This type of work
will often include:
◼ Network monitoring
◼ Testing the network for weakness
◼ Keeping an eye out for needed updates
◼ Installing and implementing security programs In many cases, E-mail and Internet filters
◼ Evaluating implementing network management software
❖ Network administrators are responsible for making sure that computer hardware
and network infrastructure related to an organization's data network are
effectively maintained.

3
 Con’t
❖ In smaller organizations, they are typically involved in:
◼ the procurement of new hardware,

◼ the roll out of new software,

◼ maintaining disk images for new computer installs, making sure that licenses are paid for and up

to date for software that need it,

◼ maintaining the standards for server installations and applications,

◼ monitoring the performance of the network,

◼ checking for security breaches, and

◼ poor data management practices.

❖ Typically, within a larger organization, these roles are split into multiple roles or functions across
various divisions and are not actioned by the one individual.
❖ In other organizations, some of these roles mentioned are carried out by system administrators.
❖ As with many technical roles, network administrator positions require a breadth of technical knowledge
and the ability to learn the intricacies of new networking and server software packages quickly.
❖ Within smaller organizations, the more senior role of Network Engineer is sometimes attached to
the responsibilities of the Network Administrator. It is not uncommon for smaller organizations to
outsource this function.
4
 Network Management Protocols
❖ A simple protocol defines common data formats and parameters and allows for easy retrieval of
information
❖ A complex protocol adds some change capability and security
❖ An advanced protocol remotely executes network management tasks, is independent of the
network protocol layer
❖ So where is technology today?
❖ The most common protocols are:
◼ 1. SNMP (Simple Network Management Protocol)

◼ 2. SNMPv2 (SNMP version 2)

◼ 3. CMIS/CMIP (Common Management Information Services/Common Management Information

Protocol)

5
 Con’t
❖ SNMP is beyond the simple protocol with adequate monitoring capabilities and some change
capabilities
❖ SNMPv2 greatly enhances the SNMP feature set
❖ The SNMP protocol was a mere 36 pages within these documents
❖ The framework could be extended by defining new managed objects, but changes to the description
rules or the protocol weren’t allowed.

6
 Con’t
❖ Today, there are literally hundreds of SNMP-capable products and thousands of managed object
definitions.
❖ There are two approaches for the management system to obtain information from SNMP:
◼ Traps

◼ Polling

❖ Traps: When an event happens on a network device a trap is sent to the network management
system.
❖ A trap will contain:
◼ Network device name

◼ Time the event happened

❖ The difference between these is who is initiating the conversation.

◼ In Polling, the monitoring server is initiating the conversation asking the network devices for

information.
◼ Traps are the opposite where the network devices are sending information to the monitoring

server right away when something happens

7
Con’t

8
 Con’t
❖ The network management system periodically queries the network device for information
❖ The advantage is the network management system is in control and knows the - big picture.
❖ The disadvantage is the amount of delay from when an event occurs to when it’s noticed
◼ Short interval, network bandwidth is wasted
◼ Long interval, response to events is too slow Network management system:

+ An NMS manages the network elements, also called managed devices.

+ Device management includes faults, configuration, accounting, performance, and security (FCAPS)
management.
+ Management tasks include discovering network inventory, monitoring device health and status, providing
alerts to conditions that impact system performance, and identification of problems, their source(s) and possible
solutions.
❖ CMIS/CMIP approaches the advanced tool, but implementation issues have limited its use.
❖ At the end of the 80’s, a solution was chosen called the Internet-standard Network Management
Framework.
❖ This was a set of three documents defining:
◼ A set of rules for describing management information
◼ An initial set of managed objects
◼ 8A protocol used to exchange management information
9
 Network monitoring and security
❖ Networks are becoming critical components of business success - irrespective of
whether it is small or BIG.
❖ When network fails, customers and employees cannot communicate;
employees cannot access critical information or use basic print or email services,
resulting in productivity loss and revenue loss.
❖ Network monitoring software tools reduce network outages and allow
businesses to operate more fluently, cut costs, and prevent revenue loss.
◼ And for those who are small and are not allowed to think of a budget for network monitoring
software, a better alternative is to start with open source and freeware network monitoring
software that reduce the time and money spent on network administration and management.

10
 Critical Network Elements that Need Monitoring
❖ Businesses depending on their size buy various networking infrastructure elements. Some of the
basic network elements that need continuous monitoring are:
1. Email Servers:
◼ Every organization will have an Email server which distributes emails to all LAN users.

◼ If the email server fails, users are disconnected from the external world and key functions

such as customer support takes a hit.

◼ IT Managers need to monitor their email servers for availability, mails in queue, size of mails

received, etc.
◼ Small Enterprises can save money by optimizing the WAN links.

◼ If oversubscribed, it costs heavily and if under subscribed it chokes the network.

◼ Hence IT administrators should carefully balance the throughput, committed information rate

(CIR) and burst rate with congestion, response time, and discards to optimize the link
utilization.
◼ IT Managers should also find out who’s using the most bandwidth to make necessary
arrangements.

11
 Con’t
❖ Apart from bandwidth monitoring (discussed above), routers need to be monitored for
availability and performance periodically.
❖ If a router fails it halts the entire LAN and hence IT Managers should set thresholds on various
parameters on routers and attend problems immediately.
2. Servers & Services: Servers run critical applications and hence should be monitored for
◼ CPU,

◼ memory,

◼ disc space,

◼ services running on them (FTP, DNS, ECHO, IMAP, LDAP, TELNET, HTTP, POP, etc.)

◼ and their response time.

◼ Moreover the traffic utilization trends of these servers should also be monitored.

12
 Con’t
3. Server logs: is a text document that contains a record of all activity related to a specific web server
over a defined period of time. Small businesses running windows machines should also monitor the
server logs for
◼ failed logon,

◼ account lockouts,

◼ bad passwords,

◼ failed attempts to secure files,

◼ security log tampering etc.

◼ Monitoring these logs gives clear picture of security loop holes existing inside the organization.

4. Applications, Databases, & Websites: Small businesses run several mission critical applications,
websites, and databases which need to be monitored periodically.
◼ Applications can be monitored for availability, response time etc.

◼ URLs should be monitored for availability.

5. LAN Infrastructure: Your LAN infrastructure devices such as switches, printers & wireless devices

13
 Top 3 Network Management Requirements For Small Networks
❖ Small businesses have different network management needs and expectation because technical
expertise and staff are limited.
❖ They want tools that are low cost, easy to install and use, and feature rich.
◼ Low Cost : The network monitoring software should be affordable.

◼ Easy to install and use: The network monitoring software should be intuitive enough to get

started without reading that dry boring documentation.

◼ Feature rich: The network monitoring software should be able to monitor all your resources -

both what you have today as well as what you might have tomorrow.

14
 Open Source Network Monitoring Software for Small Networks
❖ Open Source offers many tools for various IT needs including network monitoring, bandwidth
monitoring, network discovery etc.
❖ Most popular open source tools for network management are:
◼ Nagios: Network Monitoring Software

◼ MRTG (Multi Router Traffic Grapher): Traffic Monitoring Software

◼ Kismet: Wireless Monitoring Software

1. Nagios: The Open Source Network Monitoring Software

◼ Nagios® is a host and service monitor designed to inform you of network problems before your

clients, end-users or managers do.

◼ It has been designed to run under the Linux operating system, but works fine under most *NIX

variants as well.
◼ The monitoring daemon runs intermittent checks on hosts and services you specify using external

"plugins" which return status information to Nagios.

◼ When problems are encountered, the daemon can send notifications out to administrative contacts

in a variety of different ways (email, instant message, SMS, etc.).

◼ Current status information, historical logs, and reports can all be accessed via a web browser.

15
 Con’t

2. MRTG: The Open Source Traffic Monitoring Software

◼ The Multi Router Traffic Grapher (MRTG) is a tool to monitor the traffic load on network
links.
◼ MRTG generates HTML pages containing PNG images which provide a LIVE visual

representation of this traffic.

3. Kismet: The Open Source Wireless Discovery

◼ Intrusion Prevention Software Kismet is an 802.11 layer2 wireless network detector, sniffer,

and intrusion detection system.

◼ Kismet will work with any wireless card which supports raw monitoring mode, and can sniff

802.11b, 802.11a, and 802.11g traffic.

◼ Kismet identifies networks by passively collecting packets and detecting standard named

networks, detecting (and given time, de-cloaking) hidden networks, and inferring the presence of
non-beaconing networks via data traffic.

16
 Con’t
❖ A network monitoring system monitors and tracks network activity for issues or problems caused
by malfunctioning devices or overloaded resources (servers, network connections or other
devices).
❖ Standard network monitoring is often performed using diagnostic tools, dedicated applications or
appliances attached to the network and/or from a command line interface accessing the available
diagnostics or any number of available tools.
❖ It uses measurements and algorithms that set a baseline on data-at-rest and measures three
primary metrics, including:
◼ Availability (uptime)

◼ Performance (data transfer speeds)

◼ Configuration (system inventory, application and hardware settings)

❖ Differing aspects of all three metrics require an individual, a network administrator, who understands
topology, configurations, performance, and security, to manage and oversee the system.
❖ When a problem is detected, an alert is sent to the administrator by way of email, SMS, etc., in
order to address the issue at hand.

17
 Con’t
❖ At times, small businesses can get away with simpler infrastructure designs where many components
are hosted in the cloud.
❖ The administrator would only need to manage and monitor those services hosted in data centers
without fully having to understand the core technologies behind them.
◼ However, an enterprise has many complex parts (including cloud infrastructure) which often span

several geographic locations running on a wide variety of infrastructure.

◼ Therefore, network monitoring within an enterprise requires additional support for managing

advanced subnetting and configurations spread across multiple switches, routers, servers
and load balancers that support thousands of users.
❖ Although basic network monitoring is critical, an arguably more important component of your
infrastructure is the procurement of monitoring tools that provide administrators with real-time statistics
and visibility into the underlying network.
◼ Hardware fails, and the more systems, appliances and components installed on your network, the

bigger chance of a disruptive critical failure.

◼ Most monitoring systems inform you after a failure or a problem occurs within the network;
however, an even more sophisticated, continuous real-time, monitoring system notifies you
before it happens, giving administrators the opportunity to remedy the issue before it affects your
bottom line. 18
Network Security Monitoring – Detection and Response to Intrusions
❖ While network monitoring provides data collection for analysis of basic traffic flows, the overall
structure and integrity of your systems, network security monitoring protects you from the
numerous potential vulnerabilities and exploits in the wild.
❖ Even more important than general monitoring, security monitoring analyzes a myriad of complex
factors (network payload, network protocols, client-server communications, traffic patterns, and
traffic flow) in order to alert administrators to known malicious activities in an attempt to
contain a threat.
❖ The right monitoring tool gives you around-the-clock service that watches over a business
environment for threats and suspicious behavior.
❖ Administrators and analysts can then investigate and gauge abnormal user patterns and take
appropriate actions.

19
 Con’t
❖ Unlike network operational monitoring, network security monitoring and the analysts
leveraging,
◼ it must also be able to detect intrusions and all forms of attacks - including new, zero-day, and

cutting-edge threats - to enable evidence-based decisioning.

◼ No security expert can guarantee 100% protection from attacks, but new continuous network
monitoring and analysis technologies provide levels of detection and mitigation support that
can severely decrease the possibility of an attack or breach.
◼ Those that can leverage continuous real-time network security monitoring, analysis and

remediation will also benefit from a reduction in time to detect and the ability to dramatically
reduce or avoid the resulting damage.
❖ It’s important to point out that it takes only minutes for an attacker to compromise and exfiltrate
data.
◼ So, the quality of a network security monitoring system equates to the speed in which suspicious

traffic is reported to administrators and whether the system continuously analyzes data-in-motion
or data-at-rest.

20
 Although Distinct, Both Tools Overlap
❖ Network monitoring tools typically provide a set of configurable dashboards or controls for
orchestrating specific tests across the infrastructure under management.
❖ Administrators can initiate various tests or analytics as well as set indicators and create whitelists and
blacklists while automating the network analysis process.
❖ Although automated solutions help alleviate responsibility for redundant tasks performed by
administrators or network teams, human judgment is still very much a part of a fully functional
solution.
❖ Additionally, all aspects of network monitoring AND network security monitoring- which do
overlap- must work together to provide comprehensive analytics.
◼ For example, network monitoring focuses on understanding the composition, availability,

status, behavior, performance, and configuration of all the components within the compute
infrastructure; yet, security is inexorably woven into each of these responsibilities.
◼ You can’t have availability if an attacker is able to launch a DDoS attack against servers and

appliances.
◼ You can’t have performance if an attacker can flood the network with malware, taking advantage

of network configurations that leave your systems vulnerable to exploits.

21
 Con’t
❖ For these reasons, it’s not uncommon for network administrators to work directly with the security
team and combine tools to perform several functions and to correlate results.
◼ The dilemma which often arises is that in using the same tools for both network monitoring

and security monitoring, you can reduce the effectiveness of security itself.
◼ Monitoring tools that claim to be a ‘jack of all trades’ are typically mediocre in security monitoring

and, as a result, leave the environment vulnerable to advanced attacks, including zero-day
exploits.
◼ Years ago, both network and security monitoring were only concerned with internal
infrastructure.
◼ Now, even SMB networks can span WAN connections, branch offices, data centers, and cloud

hosts.
◼ This expanded business infrastructure creates a challenge with the massive amount of data to be

collected.
◼ Data collection immediately puts a strain on network performance, and the volume of packets being
analyzed can build up quickly.
◼ Packet captures for only a few minutes can build up to a few megabytes, so just imagine how much
storage and performance requirements are needed for a full day’s worth of packet captures.
22
 Con’t
❖ Administrators need network traffic analysis for all forms of network monitoring, but the wrong
solution can affect availability, integrity and performance.
◼ The only way for monitoring tools to be effective is if they provide continuous, ubiquitous analysis in

real-time.
◼ As mentioned above, since data exfiltration only takes a few minutes, having monitoring tools that

give you hours old data is no longer practical.

23
 Network security Basics
❖ Network security is any activity designed to protect the usability and integrity of your network and
data.
◼ It includes both hardware and software technologies

◼ It targets a variety of threats

◼ It stops them from entering or spreading on your network

◼ Effective network security manages access to the network

❖ How does network security work?

◼ Network security combines multiple layers of defenses at the edge and in the network.

◼ Each network security layer implements policies and controls.

◼ Authorized users gain access to network resources, but malicious actors are blocked from carrying

out exploits and threats.

❖ How do I benefit from network security?
◼ Digitization has transformed our world. How we live, work, play, and learn have all changed.

◼ Every organization that wants to deliver the services that customers and employees demand must
protect its network.
◼ Network security also helps you protect proprietary information from attack. Ultimately it protects

your reputation. 24
 Types of network security
❖ Firewalls
◼ Firewalls put up a barrier between your trusted internal network and untrusted outside

networks, such as the Internet.

◼ They use a set of defined rules to allow or block traffic.

◼ A firewall can be hardware, software, or both.

❖ Email security
◼ Email gateways are the number one threat vector for a security breach.

◼ Attackers use personal information and social engineering tactics to build sophisticated phishing

campaigns to deceive recipients and send them to sites serving up malware.

◼ An email security application blocks incoming attacks and controls outbound messages to prevent

the loss of sensitive data.

❖ Anti-virus and anti-malware software
◼ "Malware," short for "malicious software," includes viruses, worms, Trojans, ransomware, and
spyware.
◼ Sometimes malware will infect a network but lie dormant for days or even weeks.

◼ The best antimalware programs not only scan for malware upon entry, but also continuously

track files afterward to find anomalies, remove malware, and fix damage. 25
 Con’t
❖ Network segmentation
◼ Software-defined segmentation puts network traffic into different classifications and makes

enforcing security policies easier.

◼ Ideally, the classifications are based on endpoint identity, not mere IP addresses.

◼ You can assign access rights based on role, location, and more so that the right level of

access is given to the right people and suspicious devices are contained and remediated.
❖ Access control
◼ Not every user should have access to your network.

◼ To keep out potential attackers, you need to recognize each user and each device.

◼ Then you can enforce your security policies.

◼ You can block noncompliant endpoint devices or give them only limited access. This process is

network access control (NAC).

26
 Con’t
❖ Application security
◼ Any software you use to run your business needs to be protected, whether your IT staff builds it

or whether you buy it.

◼ Unfortunately, any application may contain holes, or vulnerabilities, that attackers can use to

infiltrate your network. Application security encompasses the hardware, software, and processes
you use to close those holes.
❖ Behavioral analytics
◼ To detect abnormal network behavior, you must know what normal behavior looks like.

◼ Behavioral analytics tools automatically discern activities that deviate from the norm.

◼ Your security team can then better identify indicators of compromise that pose a potential

problem and quickly remediate threats.

❖ Cloud security
◼ Cloud security is a broad set of technologies, policies, and applications applied to defend online

IP, services, applications, and other imperative data.

◼ It helps you better manage your security by shielding users against threats anywhere they access

the Internet and securing your data and applications in the cloud.
27
 Con’t
❖ Data loss prevention
◼ Organizations must make sure that their staff does not send sensitive information outside the

network.
◼ Data loss prevention, or DLP, technologies can stop people from uploading, forwarding, or even

printing critical information in an unsafe manner.

❖ Intrusion prevention systems
◼ An intrusion prevention system (IPS) scans network traffic to actively block attacks.

◼ Cisco Next-Generation IPS (NGIPS) appliances do this by correlating huge amounts of global

threat intelligence to not only block malicious activity but also track the progression of
suspect files and malware across the network to prevent the spread of outbreaks and
reinfection.
❖ Mobile device security
◼ Cybercriminals are increasingly targeting mobile devices and apps.

◼ Within the next 3 years, 90 percent of IT organizations may support corporate applications on

personal mobile devices.

◼ Of course, you need to control which devices can access your network. You will also need to

configure their connections to keep network traffic private.

28
 Con’t
❖ Security information and event management
◼ SIEM products pull together the information that your security staff needs to identify and respond to

threats.
◼ These products come in various forms, including physical and virtual appliances and server

software.
❖ Virtual Private Network
◼ VPN encrypts the connection from an endpoint to a network, often over the Internet.

◼ Typically, a remote-access VPN uses IPsec or Secure Sockets Layer to authenticate the

communication between device and network.

❖ Web security
◼ A web security solution will control your staff’s web use, block web-based threats, and deny access

to malicious websites. It will protect your web gateway on site or in the cloud. "Web security" also
refers to the steps you take to protect your own website.
❖ Wireless security
◼ Wireless networks are not as secure as wired ones. Without stringent security measures, installing a
wireless LAN can be like putting Ethernet ports everywhere, including the parking lot. To prevent an
exploit from taking hold, you need products specifically designed to protect a wireless network.
29
 PROCURING NETWORK RESOURCES
❖ The dependency on computer networks has increased progressively for organizations as a
strategically important competitive advantage.
◼ If planned, developed, and managed properly, a network can bring about greater efficiency in

organizational operations, better working environments, and effective decision-making processes.

◼ Therefore, many organizations are trying to catch up the development gap with the industry by
means of technology acquisition.
◼ Technology acquisition process is essential in developing a good management information

system for an organization.

◼ Many IT projects have failed because of poor design planning, false selection of the

development, and a lack of follow up on key milestones addressed in the acquisition process.

30
 Decision Making Strategy in Network Resource acquisition
❖ The term “acquisition” refers to all the stages from buying, introducing, applying, adopting,
adapting, localizing, and developing through to diffusion.
◼ The set of processes for the build, lease, or buy decision must be identical for every instance or

business opportunity that arises.

◼ The processes determine the strategic value and potential savings of the proposed acquisition,
as well as factors like business transformation versus drive for competitive advantage.
◼ Prior to the acquisition process, the detail requirements of the process should have already

been identified clearly.

◼ More importantly, the business objectives should be identified for the solution being sought and

the management decision whether building, leasing, or buying the resources should consider a
value-versus-risk matrix to determine which options can be applied.
◼ Both IT auditors and corporate management should evaluate offerings over the long term and

compare the "trickling" investment over time to the one-time cost of buying and implementing a
network.
◼ Moreover, this technology acquisition process requires an extensive evaluation considering the

system requirements, feasibility analysis, and risk management assessment.

31
 IT Acquisition Process
❖ The acquisition process should involve the identification and analysis of alternative solutions that are
each compared with the established business requirements.
❖ The decision making to acquire a device primarily consists of the following stages:
1. Identifying the Business Objective
◼ One of the most essential assessments in decision making process is identifying the business

objective after first knowing the problems being solved.

◼ The management should primarily identify the business processes involved in the

organization.
◼ The first phase of the acquisition process should align the business process with the

company objectives and the business plan.

◼ Note that specific process may need to be prioritized to fully obtain the benefits of the

Implementation.
◼ Moreover, each process should be carefully analyzed to ensure that it will have the certain

functionality to meet the requirements of the business process and the users, as well as the
benefits which can be justified with its cost.

32
 Con’t
2. Analyzing alternatives
◼ There are several options in procuring networking solutions.

◼ Some available alternatives are:

(1) Buying all equipment from a vendor and installing on your own (2) Leasing equipment from a
service provider (ISP) or lease through utility computing (contracted development), (3)
Outsourcing network services from another company etc.
◼ While an organization is in the phase of deciding which alternative being selected, the

management should carefully examine not only the advantages and disadvantages of each
procuring option, but more importantly, the option must be best-fit with the organization
business plan.
3. Conducting a feasibility analysis
◼ As a part of the assessment in acquiring the solutions, a feasibility analysis is important to identify

the constraints for each alternative from both technical and business perspective.
◼ Feasibility analysis incorporates the following categories: Economic Feasibility - Technical
Feasibility - Operational Feasibility - Legal and contractual feasibility

33
 Feasibility Analysis
❖ Economic Feasibility
◼ Cost-benefit justification with being regard to the expenses of a system, which include

procurement, project-specific, start-up, and operational costs.

◼ Some cost examples are one-time and recurring cost, consultants, support staff, infrastructure,

maintenance and training costs.

◼ This examination ensures that the solution won’t exceed the budget limit as well as it increases

the efficiency and better resource utilization.

❖ Technical Feasibility
◼ It’s the technical reasonableness of the proposed solution.

◼ Technical feasibility evaluates whether the company has the infrastructure and resources

including hardware, software capability to support the new network.

◼ Meanwhile, it also assesses the consistency of the proposed system in terms of the technical

requirements with the company technical resource.

◼ Therefore, this assessment guarantees the reliability and capacity for the future growth.

34
 Con’t
❖ Operational Feasibility
◼ Checks whether the operations can accommodate the proposed system.
◼ The proposed system should solve the business problems and provide better opportunity for the business
since the business process might be changed.
◼ Some alignments that may occur include business process, human resource management, and products or
service offered.
❖ Legal and contractual feasibility.
◼ The proposed solution must pass any related legal or contractual obligations associated with Corporate legal
counsel should ensure that there are no illegal practices corresponding to the new system related with any
preexisting regulations.
◼ Organizations also may work with some experts from Computer Law Association to make sure this analysis
strictly enforced.
◼ Thus, the underlying theme will protect the company and the establishment of the remedy process should the
vendor or contractor fail to perform as promised.
◼ Upon completion of the series of feasibility analyses, the risk analysis review most likely will be conducted.
◼ Risk analysis evaluate the security of proposed system, potential threats, vulnerabilities, impacts, as well as
the feasibility of other controls can be used to minimize the identified threats.

35
 Con’t
4. Selection
◼ Selection procedure is the process of identifying the best match between the available options

and the identified requirements.

◼ In this process, the company requests for a proposal from prospective providers, evaluates

the proposal, and selects the best available alternative.

◼ There are various ways to solicit responses from providers.

◼ Some of the common methods comprise request for information (RFI), request for bid (RFB), and

request for proposal (RFP).

◼ An RFI is used to seek information from vendors for a specific intention.

◼ RFI should act as a tool for determining the alternatives or associated alternatives for meeting the

organization’s needs.
◼ An RFB is designed to procure specific items or services and used where either multiple vendors

are equally competent of meeting all of the technical and functional specifications or only one
provider can meet them.
◼ Furthermore, an RFP specifies the minimal acceptable requirements, including functional,
technical, and contractual aspects. This document offers flexibility to respondents to further define
the requested requirements.
36
Con’t

◼ RFPs can be a lead to a purchase or continued negotiation.

◼ All of these processes should be structurally proceeded to ensure the process would be completed
neatly in a timely fashion. If done properly, this process turns out to be a purchasing decision for
the selected application. Note that the entire process must be documented in a written letter before
moving to the next step. This is an important issue to avoid a bid protest that may be filled from any
other potential vendors. Management, IT auditor and also legal counsel must review every point in
detail before the proposal evaluation process begins.

37
 Con’t
5. Proposal Evaluation Process
◼ Proposal evaluation is a crucial process in the acquisition since one of more key stakeholders reviews
submitted proposals using a list of objective selection criteria and decide the best match between the product
features and functionality with the identified requirements.
6. Negotiating a contract
◼ Once the vendor is selected, then the company can move to the contract negotiation, in which the
company can specify the price of the job and the type of the support to be provided by the vendor.
◼ The contract must describe the detailed specifications, all the included services provided by the vendor,
and other detail terms of the system.
◼ Contract is a legal document so the company should involve the experienced staff in IT and legal matters.
◼ Since the contract can be very tricky so these legal counsel should be involved from the beginning of
selection process.
◼ Establishing a service level agreement (SLA) SLA is formal agreement regarding the distribution of work
between the organization and its vendor.
◼ Such agreement is created according to a set of agreed-upon objective, quality tests, and some what-if
situations. Overall, SLA defines: (1) company and vendor responsibilities, (2) framework for designing
support services, (3) company privilege to have most of the control over their system.

38
 Con’t

7. Implementing the Solution

◼ Upon completion of the contract negotiation, an acceptance plan should be agreed by both the
company and the vendor so that the network can be ready to be installed.
◼ During this process, the level of performance is also tested and user reactions are evaluated.

After implementation the company management may deal with organizational issues such as
conversion strategies, training, and resistant to change.

39
 Discuss the following in Groups
1. Discuss the types of malwares/ or network threats.
2. a. Describe briefly what is TCP/IP model and determine its layers
b. Describe briefly what is OSI model and determine its layers
c. Discuss the difference between TCP/IP and OSI model.

40
Thank you for Your Attention
Dr. Nadia IRADUKUNDA
E-mail: [email protected]
[email protected]