Professionals starting in network security (or any other specialized IT job) are often concerned about improving their skills and knowledge in networking and the products and gear they spend most of their time with. Although it’s extremely important to know the technology you work with, it’s also very important to learn at least a little about all the other technologies you may find in the IT environments you’re (and will be) dealing with. Even very basic tasks as defining or reviewing firewall rules are challenging when there’s no context available. I’m tired of seeing people with stupid hardwired rules in their minds (HTTPS is good; FTP is bad; and so on…) struggling to understand why a specific control is in place or swallowing stupid justifications such as “we need port 80 open both ways (bi-directional – ugh) for this app to work” just because they know nothing about any other technology or process that is not directly related to their job descriptions.
Adding context - tech jobs
Adding context - tech jobs
Adding context - tech jobs
Professionals starting in network security (or any other specialized IT job) are often concerned about improving their skills and knowledge in networking and the products and gear they spend most of their time with. Although it’s extremely important to know the technology you work with, it’s also very important to learn at least a little about all the other technologies you may find in the IT environments you’re (and will be) dealing with. Even very basic tasks as defining or reviewing firewall rules are challenging when there’s no context available. I’m tired of seeing people with stupid hardwired rules in their minds (HTTPS is good; FTP is bad; and so on…) struggling to understand why a specific control is in place or swallowing stupid justifications such as “we need port 80 open both ways (bi-directional – ugh) for this app to work” just because they know nothing about any other technology or process that is not directly related to their job descriptions.