All Posts

This documentation is to document the following Architecture Diagrams & Designs Technical Detail of every single component in Architecture Diagram Technical Information hat MUST be taken note at all times Technical Pre-requisites if any updates/modifications is required in the future It's a documentation that needs to meet compliance during an IT Audit, where it is readily available by being up-to-date. The documentation must match exactly with the configuration & the impleme

Gone are the times where we can simply assign any permissions we need to get the work moving on with minimal disturbance and with minimal constant approval. Unfortunately, it has lead to a huge trending problem now that one has to monitor with a microscope to ensure ONLY the needed permissions are assigned in a granular manner. It's time to implement the Least Of Privilege Permissions and Segregation of Duties as a CyberSecurity Policy and not only as Security Controls/Best P

Service Accounts, the accounts that lack TLC since the day they are created rapidly to meet the requirements of a new implementation or for troubleshooting purpose. The next in line are Service Prinicipals which are heavily used in Cloud Environments (Azure/AWS/GCP). This is a manual task at the moment although there are several IAM Management Tools now to monitor them in an automated manner. Not only that, almost every company is now working on automating this manual proces

Funny isnt it, how these two words is simply driving everyone so cautious in everything they do and the dire need to now discover and monitor ALL Privileged Accounts? Well, it's time to do so actually and it's a commendable effort to trying to get it right or even the intiatiting process of it. Kudos to you! Alright, these is where the misunderstandings/confusion start to rise. Let's break it down and we will see how we go. Feel free to comment your thoughts away, it's pretty

Fabulous, now that we have found the answer, excited to work on the project? Yes, you should be! This is from me to you, projects are FUN! Honestly, it will break you but if you REALLY TRULY love projects, it will mould you into a person where the project itself will begin listening to you and help you to move it forward. This is from technical terms, hence we begin from Layer 1 which is the Physcial Layer. This step which is call ‘Site Survery’ is a MUST DO and HIGHLY RECOMM

Did you manage to sucessfully find the answer? If yes, amazing job! Your superiors understand the need & purpose of it. If no, you are not alone! So here we are to teach and learn. Now, if you ask me what’s the real need & the real purpose for a Firewall Tech Refresh Project? Oooooooo……so many reasons. Here we go: First reason : When one firewall begin to malfunction or found out the warranty/maintenance is about to expire which means it applies to all firewalls purchased. As

Alright people, here it goes. This is me explaining the process to you as if I am sitting right beside you and having a open discussion about the project. Every organization is different and have different business requirements that needs to be upgraded to keep up with the evolving trends and threats. What I will be providing is a standardized process of what are the mandatory/compulsory/needed/required details to execute the Firewall Tech Refresh Project. If there’s any addi

So, let’s see….. how many of us have actually worked on a firewall tech refresh project? Let it be on the: Project management side, Technical configuration side, Implementation side, Delivery side, Cutover/handover to BAU side, Documentation side Most of the time, there is this unspoken annoyance of how many times do we need to keep repeating, the unanswered questions that forms in our mind, how can they not know about this stuff? Why are they being assigned to this project?