Purpose:
Section titled “Purpose:”To provide you with the back ground information on filling out the request
Assumptions:
Section titled “Assumptions:”- You know where you should be filling our a Standard Request For Change
- Relevant information has been gathered before filling out the request
Steps (template is in normal, notes are in heading3):
Section titled “Steps (template is in normal, notes are in heading3):”- All Sites, Subnets that need monitoring setup:
- Site Name 1 / Subnet / VLAN Tag (For Documentation)
- Site Name 2 / Subnet / VLAN Tag (For Documentation)
- Site Name 3 / Subnet / VLAN Tag (For Documentation)
- ***Any sites that cannot have probes configured need direct access to primary probe to talk to it.***
**Collect a list of what is the site name, subnet(s) that you would like scan and the associated vlan**
Section titled “**Collect a list of what is the site name, subnet(s) that you would like scan and the associated vlan**”- Discovery Jobs
- What Sites/Subnets need discovery jobs setup?
- What should be automatically imported?
- Any devices that should be excluded from Discovery Jobs (Lab Systems, out of band management systems, etc.)
**You will provide this information here for site/subnets to be configured with a discovery job. For Devices that should automatically be imported, I recommend that only devices that can have an agent installed (Windows Servers and Windows Workstations) be imported automatically. Other devices should be done manually to ensure that the correct name and device type of are configured as part of the import process. **
Section titled “**You will provide this information here for site/subnets to be configured with a discovery job. For Devices that should automatically be imported, I recommend that only devices that can have an agent installed (Windows Servers and Windows Workstations) be imported automatically. Other devices should be done manually to ensure that the correct name and device type of are configured as part of the import process. **”- AV Deployment
- Deploy AV Standard “CIT - Secure” Configuration with all clients
- Ensure that remove existing third party antivirus is selected so clients are not running multiple AV solutions.
**You will need to provide what exceptions such has services or file path should be excluded from being scanned**
Section titled “**You will need to provide what exceptions such has services or file path should be excluded from being scanned**”- Maintenance Windows
- AV Maintenance Window
- Date/Time
- Windows Updates (Workstations/Servers)
- Date/Time (If different from above)
**AV Maintenance Windows is basically when AV Defender will be updating virus definitions and application updates**
**Windows Updates are for when workstations and server should be prompted to reboot so that the updates can be applied**
- Date/Time for deployment:
- What day/time do they want the following deployed?
**When should the discovery jobs start running so that devices can be imported. Patching, AV, etc. will all be driven by the maintenance windows requested above**
Section titled “**When should the discovery jobs start running so that devices can be imported. Patching, AV, etc. will all be driven by the maintenance windows requested above**”- Critical Systems (Exchange, Domain Controllers, PBAs)
- Apply N-Central templates to monitor critical services (standard and custom)
**What is the list of critical Servers/services that need to be monitored? N-Central has default templates already configured for Exchange, Domain Controllers, IIS. If the client has a Primary Business App or other critical server that has specific windows services that allow the app to run. Document that and provide that here so that they can be monitored**
Section titled “**What is the list of critical Servers/services that need to be monitored? N-Central has default templates already configured for Exchange, Domain Controllers, IIS. If the client has a Primary Business App or other critical server that has specific windows services that allow the app to run. Document that and provide that here so that they can be monitored**”- Self-Healing on Critical Services and system
- Outline each service name that isn’t standard (PBA or custom non-windows services)
**For the services that you have identified, should self-healing be configured? Basically, if the service were to go to a failed state, N-central will automatically try to restart the service. If it can’t do that, an alert will be generated to the appropriate team for analysis.
Section titled “**For the services that you have identified, should self-healing be configured? Basically, if the service were to go to a failed state, N-central will automatically try to restart the service. If it can’t do that, an alert will be generated to the appropriate team for analysis.”- Devices or Systems that we should not deploy N-Central to or monitoring is not required.
- Outline each System name or Device that should be excluded from N-Central Monitoring.