General discussion

  • Creator
    Topic
  • #2175310

    Desktop versus Infrastructure – Which is harder to maintain

    Locked

    by changeadvocate ·

    There is a debate on-going as to whether it is harder to administer and maintain a secure desktop configuration versus a secure infrastructure (or even an enterprise software application). Setting aside the skill level differences, which one is harder?

All Comments

  • Author
    Replies
    • #3322579

      Depends on your definition of ‘Infrastructure’

      by dafe2 ·

      In reply to Desktop versus Infrastructure – Which is harder to maintain

      Getting to the point where you have a secure desktop takes a little longer.

      Securing infrastructure – Switches, routers & access points & Servers is reasonably smooth as compared to setting GPO’s & default domain policy. LOL

      • #3329229

        New and changing threats?

        by jdclyde ·

        In reply to Depends on your definition of ‘Infrastructure’

        Getting your infrastructure secure and KEEPING your infrastructure secure are two separate things.

        If you have a proper layered security model in place, then once a PC is in place it should stay safe.

        Updates to servers and firmware on your appliances can be a full time job on larger networks. This doesn’t even include moving to new equipment and replacing it as it breaks down.

        A PC you can Ghost an image, drop it in the forest and away you go. The domain policies wouldn’t change as often?

        The answer to your question is, IT DEPENDS. (you will hear that a lot!)

        Good luck.

        • #3342548

          Power Users

          by changeadvocate ·

          In reply to New and changing threats?

          Desktop support is complicated by power users, especially those that wish to use “cutting edge” (in my opinion “bleeding edge”) technologies. For example, external use of collaboration tools such as IM, netmeeting, etc. are prohibitted at my site but these users continually place requests to the service desk and try to apply pressure through the CIO.
          I agree that patching and upgrades, whether to desktop, servers or network hardware can be simple or complex.
          In my case, the infrastructure supports ~5,000 users in active directory, multiple resource domains, VPN, etc.

        • #3250201

          Essentially the same for myself

          by dafe2 ·

          In reply to Power Users

          Power users are a big issue (Mostly scientific Envoronment)

          Add Patch, GPO’s, Antivirus & advertised applications……well you get it.

          Change Management? We have a change Management meeting once a week with about 120 change requests up for discussion.

          Infrastructure? Well I thing we had to swap a supervisor (CISCO) module about a week ago LOL.

        • #3250198

          All true

          by dafe2 ·

          In reply to New and changing threats?

          But security is only one component at the Desktop and Server Layer.

          Very seldom does change management alter infrastructure. It is reasonably static by definition.

Viewing 0 reply threads