IT Operations Team Responsibility

Scope and Responsibilities

DNS Security

Email Security

FireWalls alerts ( FortiAnalyzeir)

SOC Sandbox

EMS

Microsoft Defender Alerts

CrowdStrike

Azure
Oracle

Systems Valnaribiltes.
 Internet, VPNs and MPLS connections

Router, Switches and Access Points

VOIP Serves & IP Phones

CRM and ERP

NOC

DC and Azure's Servers

Local Network performance

Applications Services (HITS, Attendance, etc)

Datacenter ACs

Incidents Report

E-Compound Access Control and CCTV servers

Storage and Backup

UPS
erations Team Responsibility
Details
1-Monitoring DNS Valnaribiltes

1-Monitoring
2-Release
3-Enhance Rules & False Positve khaled

1-Check FireWalls alerts

2-Take necessary actions according SOPs
3-Escalate to vendors ahmed

1-Check alerts
2-Enhance Rules mohamed

1-Monitoring
2-Take necessary actions according SOPs ahmed

1-Check alerts
2-Take necessary actions according SOPs
3-Enhance Rules mohamed
1-Monitor threats detection
2-Follow up till case closed mohamed
1-Monitoring azure machines for Valnaribiltes
1-Monitoring Oracle machines for Valnaribiltes

1-Check Valnaribiltes alerts

2-Take necessary actions according SOPs
3-Follow up till valnaribilte closed khaled
1-Monitoring Performance
2-Escalate to ISPs
3-Utilization check ahmed

1-Monitoring Performance and Stability

2-Configure according SOPs
3-Update to latest firmware khaled

1-Monitoring Performance and Stability

2-Configure according SOPs
3-Update to latest firmware khaled

1-Monitoring servers reachability

2-Checking application health and stability khaled
1-Monitor Servers CPU & Memory and Storage usage
2-Checking servers health and reachability mohamed
1-Monitor Network speed
2-Cheking network utilization mohamed
1-Monitoring applications services and it's dependencies. ahmed
1-Monitor ACs Operation
2-Checking room temperature and humidity ahmed

1-Generate daily incidents report with Statistics

2-Incidents Analysis khaled
1-Monitoring Health and Performance
2-Checking reachability mohamed

1-Monitoring Health and Performance

2-Checking Battaries life ahmed
1-Monitoring ping on fIrewall.
2-monitor if it reachable or unreachable.

1-Check Classifier
2-Check Email Health (from & header from)
3-Check IP Address
4-Check URLs
5-Check Attachment
6-3-Check (DMARC &SPF &DKIM &Composite authentication)
If all Checks clean ,Release it andIf it was repeated enhance rules to throw it automatically

1-Check FGT CPU & Memory & Sessions

2-Check top Vulnerable Endpoint Devices by Detected Vulnerabilities
3-Check the traffic of any user
4-Check the status of Internet Links from SD-WAN
5-Check Status of IPsec-Tunnel
6-Check the status of SSL-VPN
7-Check (IPs &Applications &Websites &Policies) in the network that have high traffic
8- IF detected issue Escalted it to security team

Scan files for threats by manually uploading them.

Scan the URL for threats contained within the files.
check How long does it take before scan is made for her
Check how long does it take for her to be scanned

1-Monitoring status of all endpoints

2-if any endpoint have Vulnerabilities
3- enter device name of this endpoint at endpint field (from all endpoint)
and shows all Vulnerabilities of this endpoint
4- IF detected issue Escalted it to security team

1-Security alerts are triggered by advanced detections available.

2-Each alert provides details of affected resources, issues, and remediation steps.
3-Defender for Cloud classifies alerts and prioritizes them by severity.
3-This is because the alert might indicate a potential breach to your organization that needs to be further. investigated."
CrowdStrike protects the people, processes and technologies that drive modern enterprise.
in ransomware protection,in advanced security attack detection ,in automated threat prevention.

1-Checking all alert‘s in FGT By Monitoring (Top Vulnerable Endpoint Devices by Detected Vulnerabilities)
2-IF any endpoint have Vulnerabilities ( Critical Risk)
3-checked it in (FGT & EMS)
4- IF detected issue Escalted it to security team
1-Monitoring link( state &usage) in forigate& SolarWinds
2-Checking status at site
3-IF detected issue Escalted it to( Network & security team)

1-Monitoring Health ( CPU&Memory )and Performance and availability of all (switches&Routers&AP ) on SolarWinds and
fortigate.
2-Follwing up alerts from SolarWinds Escleted issue to Network

1-Monitoring Health ( CPU&Memory ) and Performance and availability of VOIP Call Manager on Solarwinds
2-Follwing up IP Phone Issue and solved it

1-Monitoring servers reachability on ( Forigate& SolarWinds)

2-Checking application health and stability
3-Checking ERP-ORA-Tunnel on firwall
4-Monitoring ERP&CRM ( packet loss & Average Response Time) From SolarWind
5-Follwing up alert‘s on ERP&CRM from solarWinds and Escleted issue to The specialized team
1-Analyze and monitor CPU, memory and storage usage of servers.
2-monitor and analysis health servers and reachability.
1-The performance and efficiency of the network can be seen through the firewall.
2-Monitor bandwidth and how things are going.

1-Follwing up all incidents in all day.

2-Record all incidents and actions in Excel sheet amd send an Operation Daily Report To Operation team manager.
 Planning Team Responsibility
Scope and Responsibilities
RFPs
Support Contracts
Testing
Documentation
SLAs
Escalation Matrix
Vendor Select & Management
Budgeting and Cost Management
Sizing & Capacity
Hardware Procurement
Software Licensing and Asset Management
Risk Assessment
Training and Awareness
Disaster Recovery and Business Continuity
Cloud Infrastructure
Network Architecture
Design
Roadmap prep
penetration tests
project Managments
Planning Team Responsibility
Details