# Network Management Network Management is an [[Foundational Capabilities|Information Technology]] capability that [[Cybersecurity]] capabilities directly depend on. ## Map ``` mermaid <!-- element style="width:90%; height:auto" --> graph TD subgraph two[Foundational] subgraph subPadding1[ ] direction LR F[Application Management] G[Asset Management] H[Backup and Recovery] I[Code Management] J[Data Management] K[Device Management] L[Domain Management] M[Email Management] N[Identity and Access Management] O[Log Management] P[Network Management] Q[Policy Automation] R[Stream Processing] S[Third Party Management] T[Training] F ~~~ G G ~~~ H H ~~~ I I ~~~ J K ~~~ L L ~~~ M M ~~~ N N ~~~ O P ~~~ Q Q ~~~ R R ~~~ S S ~~~ T end end %% Class Definitions %% ===================== class two subPadding; classDef subPadding fill:none,font-size:20px; class subPadding1,subPadding2 subgraph_padding; classDef subgraph_padding stroke:none,fill:none,margin:0; class F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T internal-link,font-color:white; class Top cssClassL0; classDef cssClassL0 fill:black,stroke:#333,stroke-width:4px,font-size:15px,font-color:white; class A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T cssClassL1; classDef cssClassL1 fill:gray,stroke:#333,stroke-width:0px,font-size:15px,font-color:white; class P cssClassCurrent; classDef cssClassCurrent fill:#2f9503,stroke:#2f9503,stroke-width:4px,font-size:15px,font-color:white; ``` ## Maturity Model | | Stage 1 | Stage 2 | Stage 3 | Stage 4 | Stage 5 | | ------------- | ------- | ------- | ---------------------- | ------------------------------------------------------------ | ------- | | **Category** | | | | | | | **Dependent** | | | [[Resilience Testing]] | [[Attack Surface Enumeration]]<br><br>[[Exploit Management]] | | ## Requirements | Category | Guidance | Dependent Capability | Adversary Persona | | ----------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------- | -------------------------------------------------------------------- | | **Configuration Management** | + Track network configuration changes on network devices | | | | **IP Address Management**<br>(IPAM) | + Allocate and track IP addresses assigned to systems. | [[Asset Management]]<br><br>[[Attack Surface Enumeration]]<br><br>[[Resilience Testing]] | [[Insider Threat]]<br><br>[[Nation State]] | | **Network Inventory** | + Identify and track network equipment that supports the digital environment.<br>+ Assign a unique identifier to each network device. | [[Asset Management]]<br><br>[[Exploit Management]]<br><br>[[Resilience Testing]] | [[Insider Threat]]<br><br>[[Nation State]]<br><br>[[Script Kiddies]] | | **Network Protection** | + Ensure that network admin access is protected by multi-factor authentication.<br>+ Ensure that all critical security patches are implemented quickly.<br>+ Implement network segmentation to restrict lateral movement between resources. | [[Exploit Management]]<br><br>[[Resilience Testing]] | [[Insider Threat]]<br><br>[[Nation State]]<br><br>[[Script Kiddies]] | ## Metrics >[!cm-metric] Metric: [[% of Network devices with missing critical patches]] >[!cm-metric] Metric: [[Network Availability]] >[!cm-metric] Metric: [[Mean Time to Detect Errors]] >[!cm-metric] Metric: [[Configuration Compliance Rate]] >[!cm-metric] Metric: [[Mean Time to Remediate]] ## Inspiration & Resources + [IP address management - Wikipedia](https://en.wikipedia.org/wiki/IP_address_management) ## Release Notes + [[WIP - Q3 2024 Release#Document Foundational Capabilities and Develop Templates for sub-pages]] ## [Cyber City Map](https://cybercitymap.com/) © 2023-2024 by [ThirdScore, Inc.](https://thirdscore.com/) All Rights Reserved.