CNWHUD/notesToIngestIntoDendron/ChiefInformationTechnologyOfficer/ITSysSRETodo.md

2.2 KiB

TSYS Technical Operations Todo

System Architect Tasks and Projects

Charles daily driver and dev workstation

  • NASA worldwind
  • google earth
  • flora
  • recoll
  • scansnap (and on my and shared kiosk system)
  • gephi
  • metasploit and armitage (maybe other gui as well? msfgui?)

documentation

  • Adding a VPN user
  • new server setup (via assisted configuration management)
  • AD authentication (app/user)
  • Migrate final bits from IT wiki to TSYS handbook
  • Move VsCode onboarding section to main engineering onboarding section in handbook

IT System Admin - Communications

IT System Admin - Configuration Management

  • full netdata/librenms coverage
  • Local apt mirror
  • port newSrv.sh functions to Salt

Creature comfort setup

  • powerline10k
  • fonts
  • tmux in zsh

IT System Admin - Security/Assurance

This covers areas such as

  • SIEM
  • access control (ldap) / zero trust / authentication / SSO
  • IDS,IPS
  • auditing/reporting/vulnerability scanning
  • Setup IDS
  • Setup IPS
  • Setup outbound web Proxy
  • Setup ICAP clamav scanning on outbound web proxy

SWAG/Authelia

Internal CA

  • Internal CA (use XCA on an airgap workstation and XCA on CA VM with the HSM intermediate device passed through)