STANDARD OPERATING PROCEDURE FOR NETWORK INFRASTRUCTURE MANAGEMENT SUB UNIT
1. Purpose: This SOP establishes the processes and procedures for effective management and maintenance of the University’s network infrastructure, ensuring high availability, performance, security, and compliance with University policies and industry best practices. This SOP directly supports the strategic goals of the NOC under COMSIT Directorate.
2. Scope: This SOP encompasses all aspects of network infrastructure management, including:
Network Planning and Design: Future-proofing the network, including capacity planning, technology selection, and architectural design for scalability and resilience.
Implementation and Deployment: Physical installation, configuration, testing, and documentation of all network devices and infrastructure.
Maintenance and Operations: Proactive and reactive maintenance, including troubleshooting, upgrades, and performance monitoring.
Documentation and Inventory: Maintaining accurate and up-to-date network documentation, diagrams, and inventory records.
Security: Implementing and enforcing network security policies and procedures.
Vendor Management: Managing relationships with network vendors and service providers.
3. Roles and Responsibilities: (Note: The number of personnel in each role will be determined by the size and complexity of the network infrastructure.)
Network Infrastructure Management Lead: Overall responsibility for the network infrastructure management sub-unit. Develops and implements strategic plans, manages staff, and reports to the Network Administrator.
Network Architect: Designs, implements, and maintains the overall network architecture. Develops long-term plans for expansion and upgrades, ensuring interoperability and compliance with industry standards.
Senior Network Engineers: Responsible for design, implementation, and maintenance of complex network segments (e.g., fiber optics, core routing). Provide advanced troubleshooting and technical guidance to junior engineers.
Network Engineers: Implement and maintain network infrastructure according to designs. Perform routine maintenance, troubleshooting, and performance monitoring.
Network Technicians: Install and maintain physical network infrastructure (cabling, equipment). Perform basic troubleshooting and maintenance; assist engineers with larger projects.
Data Center Technician: Responsible for the physical maintenance of the server rooms and network closets, including power and cooling systems.
4. Line of Command and Reporting:
All Network Infrastructure Management staff report to the Network Infrastructure Management Lead.
The Network Infrastructure Management Lead reports to the Network Administrator.
The Network Administrator reports to the Head of the NOC.
The Head of the NOC reports to the Director, COMSIT.
5. Processes and Procedures:
Change Management: All changes to the network infrastructure (hardware, software, configuration) must follow a change management procedure.
Incident Management: A well-defined incident management process is in place, including clear escalation paths, communication protocols, and reporting procedures.
Problem Management: Proactive identification and resolution of recurring network problems to prevent future incidents.
Preventive Maintenance Schedule: A detailed preventative maintenance schedule is developed and implemented, covering all network devices and infrastructure.
Capacity Planning: Regular capacity planning should be conducted to ensure continuous service improvement for current and future demands.
Network Security Policy: University network security policy and infrastructure management activities must adhere to University network security policies and procedures. Regular network security audits should be conducted.
Vendor Management: Relationships with network vendors are managed through contracts, service level agreements (SLAs), and regular communication.
Documentation: Comprehensive network documentation is maintained, including diagrams, configurations, inventory records, and standard operating procedures.
6. Escalation Matrix:
Issue Type
Level 1 (Technician)
Level 2 (Engineer)
Level 3 (Lead/Architect)
Minor network issues
Troubleshoot and resolve
Escalate if unresolved
Review resolution
Major network outages
Escalate immediately
Troubleshoot and escalate
Coordinate resolution
Security incidents
Escalate immediately
Investigate and escalate
Manage response
Capacity issues
Report to Lead
Analyze and recommend
Plan and implement
7. Performance Measurement: KPIs (Key Performance Indicators) are used to monitor the effectiveness of the Network Infrastructure Management sub-unit:
Network Uptime (Fiber & Wireless): Targets should be set based on industry best practices and service level agreements (e.g., 99.99% for fiber)over a period of time.
Mean Time To Repair (MTTR): Defined targets for resolving network outages based on severity (e.g., under 1 hour for critical outages).
Successful Project Completion Rate: Track percentage of network projects completed on time and within budget.
Documentation Accuracy: Maintain 100% accuracy of network documentation.
Security Incident Response Time: Targets for resolving security incidents based on severity.
7. Review and Updates: This SOP must have review due date(RDD) and should have strictly adhered to,so as to reflect technological advancements, changes to the network infrastructure, and evolving organizational requirements.
STANDARD OPERATING PROCEDURE (SOP) FOR NETWORK SECURITY AND MONITORING SUB UNIT
1. Purpose: This SOP defines the processes and procedures for securing and monitoring the University’s network infrastructure to ensure its confidentiality, integrity, and availability. It supports the overall strategic goals of the NOC and COMSIT.
2. Scope: This SOP covers all aspects of network security and monitoring, including:
Security Policy Enforcement: Implementing and enforcing network security policies and procedures.
Threat Detection and Prevention: Deploying and managing security tools to detect and prevent security threats.
Security Monitoring: Continuous monitoring of network activity for suspicious behavior.
Incident Response: Handling security incidents according to established procedures.
Vulnerability Management: Identifying and remediating network vulnerabilities.
Security Awareness Training: Educating users about network security best practices.
Network Security and Monitoring Lead: Overall responsibility for the Network Security and Monitoring sub-unit. Manages staff, develops and implements security policies, and reports to the Network Administrator.
Security Engineer: Designs, implements, and maintains network security infrastructure; develops and enforces security policies and procedures. Responds to major security incidents.
Security Analyst: Monitors network traffic and security logs; analyzes security events and alerts; investigates security incidents; creates reports.
Network Monitoring Specialist: Monitors network performance using NMS (Network Management System); sets up and configures monitoring tools; analyzes data and generates reports.
4. Line of Command and Reporting:
All Network Security and Monitoring staff report to the Network Security and Monitoring Lead.
The Network Security and Monitoring Lead reports to the Network Administrator.
The Network Administrator reports to the Head of the NOC.
The Head of the NOC reports to the Director, COMSIT.
5. Processes and Procedures:
Security Policy Enforcement: Security policies are clearly defined, communicated, and enforced. Regular training and awareness programs are conducted for all users.
Threat Detection and Prevention: Firewalls, intrusion detection/prevention systems (IDS/IPS), and other security tools are deployed and managed effectively. Regular vulnerability scans are performed.
Security Monitoring: Continuous monitoring of network traffic, security logs, and system events is conducted using SIEM (Security Information and Event Management) and other monitoring tools. Alerts are reviewed and investigated promptly.
Incident Response: A documented incident response plan is in place and followed for all security incidents. This plan includes escalation procedures, communication protocols, and post-incident analysis.
Vulnerability Management: A vulnerability management program is implemented to identify, assess, and remediate network vulnerabilities.
Security Auditing: Regular security audits are conducted to verify the effectiveness of security controls.
Compliance: The Network Security and Monitoring team ensures compliance with all relevant University policies, industry standards (e.g., NIST Cybersecurity Framework), and legal regulations.
6. Escalation Matrix:
Issue Type
Level 1 (Analyst)
Level 2 (Engineer)
Level 3 (Lead/COMSIT Security Team)
Suspicious network activity
Investigate and analyze
Escalate if malicious activity
Full incident response investigation
Security alerts
Investigate and triage
Escalate if critical
Full incident response investigation
Security incidents (minor)
Respond and remediate
Escalate if unresolved
Full incident response investigation
Security incidents (major)
Escalate immediately
Coordinate response
Full incident response investigation
System compromise suspected
Escalate immediately
Coordinate response
Full incident response investigation
7. Performance Measurement: KPIs (Key Performance Indicators) are used to monitor the effectiveness of the Network Security and Monitoring sub-unit:
Security Incident Response Time: Defined targets for responding to and resolving security incidents based on severity.
Mean Time To Detection (MTTD): Track the average time it takes to detect security incidents.
Mean Time To Resolution (MTTR): Track the average time it takes to resolve security incidents.
Number of Security Vulnerabilities: Track the number of vulnerabilities identified and remediated.
Network Uptime due to Security: Track network downtime caused by security incidents.
Accuracy of Security Audits: Ensure 100% accuracy of security audit reports.
False Positive Rate: Minimize false positives from security monitoring systems.
STANDARD OPERATING PROCEDURE (SOP)
1. Purpose: This SOP defines the processes and procedures for managing and maintaining the University’s servers and data, ensuring high availability, performance, security, and data integrity. It directly supports the strategic goals of the NOC and COMSIT.
2. Scope: This SOP covers all aspects of server and data management, including:
Server provisioning and Management: Managing the lifecycle of servers, including procurement, installation, configuration, maintenance, and decommissioning.
Data Management: Implementing and maintaining data management policies and procedures, including backup and recovery, data storage, and access control.
Database Administration: Managing and maintaining databases, including performance tuning, security, and backups.
System Monitoring: Continuous monitoring of server health and performance.
Incident Response: Handling server and data-related incidents according to established procedures.
Capacity Planning: Ensuring sufficient server and storage capacity to meet current and future needs.
Security: Implementing and maintaining appropriate security measures for servers and data.
Roles and Responsibilities:
Server and Data Management Lead: Overall responsibility for the Server and Data Management sub-unit. Develops and implements strategies, manages staff, and reports to the Network Administrator.
System Administrators: Manage and maintain servers, operating systems, applications, and databases. Perform regular maintenance tasks, implement security measures, and resolve server-related incidents.
Database Administrators: Manage and maintain databases, ensuring data integrity and availability. Perform regular backups and implement recovery procedures. Optimize database performance and security.
Data Center Technician: Responsible for the physical maintenance of the server room, including power, cooling, and environmental monitoring.
4. Line of Command and Reporting:
All Server and Data Management staff report to the Server and Data Management Lead.
The Server and Data Management Lead reports to the Network Administrator.
The Network Administrator reports to the Head of the NOC.
The Head of the NOC reports to the Director, COMSIT.
5. Processes and Procedures:
Server Provisioning: A standardized process for procuring, installing, configuring, and deploying servers is followed. This includes documentation of all configurations and settings.
Server Maintenance: Regular preventative maintenance tasks are scheduled and performed, including patching, software updates, and performance monitoring.
Data Backup and Recovery: A robust backup and recovery plan is implemented, including regular backups, testing of backups, and disaster recovery procedures.
Data Storage: Data storage policies and procedures are established and followed, including data retention policies and archiving strategies.
Access Control: Appropriate access control measures are implemented to protect server and data security.
Database Administration: Database performance is monitored and optimized. Regular database backups are performed. Security measures are implemented to protect database integrity and availability.
System Monitoring: Server health and performance are continuously monitored using appropriate tools. Alerts are reviewed and investigated promptly.
Incident Response: A documented incident response plan is in place for handling server and data-related incidents. This plan includes escalation procedures, communication protocols, and post-incident analysis.
Capacity Planning: Regular capacity planning is conducted to ensure sufficient server and storage capacity to meet current and future needs.
Security: Security measures are implemented to protect server and data security, including access control, encryption, and regular security audits.
6. Escalation Matrix:
Issue Type
Level 1 (System Admin)
Level 2 (DBA/Lead)
Level 3 (NOC Management/COMSIT)
Minor server issues
Troubleshoot and resolve
Escalate if unresolved
Escalate only if critical impact
Major server outages
Escalate immediately
Immediate troubleshooting
Incident Management Team
Database performance issues
Troubleshoot and optimize
Escalate if unresolved
Database Administrator Team
Data loss or corruption
Escalate immediately
Initiate data recovery
Incident Management Team
Security incidents
Escalate immediately
Coordinate response
Incident Management Team
7. Performance Measurement: KPIs (Key Performance Indicators) are used to monitor the effectiveness of the Server and Data Management sub-unit:
Server Uptime: Target should be set based on industry best practices and SLAs (e.g., 99.99%).
Database Uptime: Target for database availability (e.g., 99.9%).
Backup and Recovery Success Rate: Track the success rate of backups and recoveries.
Mean Time To Repair (MTTR): Defined targets for resolving server outages based on severity.
Mean Time To Recovery (MTTR): Defined targets for recovering from data loss or corruption incidents.
Data Loss Rate: Track instances of data loss due to server failures or other incidents. Aim for 0%.
Compliance with Data Backup and Retention Policies: Ensure 100% adherence to policies.
8. Review and Updates: This SOP will be reviewed and updated at least annually, or more frequently as needed, to reflect technological advancements, changes to the server and data infrastructure, and evolving organizational requirements. Regular reviews with stakeholders should be incorporated.
STANDARD OPERATING PROCEDURE (SOP) FOR HELP DESK SUPPORT
1. Purpose: This SOP outlines the processes and procedures for providing efficient and effective technical support to University of Ilorin users. It aims to ensure high user satisfaction and aligns with the overall strategic goals of the NOC and COMSIT.
2. Scope: This SOP covers all aspects of Help Desk support, including:
Incident Management: Handling and resolving user-reported IT incidents.
Request Fulfillment: Processing and fulfilling user requests for IT services.
Knowledge Management: Creating and maintaining a knowledge base of solutions to common IT issues.
Communication: Communicating effectively with users regarding IT support issues.
Escalation: Escalating complex issues to higher-level support teams.
Performance Monitoring: Tracking key metrics to measure Help Desk performance.
3. Roles and Responsibilities:
Help Desk Manager: Overall responsibility for the Help Desk. Manages staff, develops and implements support procedures, and reports to the Network Administrator.
Help Desk Analysts (Tier 1): Provide first-level support to end-users, troubleshooting common issues, creating and managing tickets within the ITSM (IT Service Management) system, and escalating complex issues to Tier 2 support.
Second-Level Support (Tier 2): Provide in-depth troubleshooting and technical support for complex issues. Collaborate with other IT units as needed.
4. Line of Command and Reporting:
All Help Desk staff report to the Help Desk Manager.
The Help Desk Manager reports to the Network Administrator.
The Network Administrator reports to the Head of the NOC.
The Head of the NOC reports to the Director, COMSIT.
5. Processes and Procedures:
Incident Logging and Tracking: All incidents are logged in the ITSM system, including detailed descriptions, user information, and priority levels. Tickets are assigned and tracked throughout the resolution process.
Incident Resolution: Help Desk Analysts follow established troubleshooting procedures to resolve incidents. Documentation of the resolution process is required for all incidents.
Request Fulfillment: User requests for IT services (e.g., account creation, software installation) are processed and fulfilled according to established procedures.
Knowledge Management: A knowledge base is maintained containing solutions to frequently encountered IT issues. Help Desk Analysts are encouraged to contribute to the knowledge base.
Communication: Effective communication with users is essential. Help Desk Analysts should provide regular updates on incident status and clearly explain technical issues in non-technical terms.
Escalation: Complex or unresolved incidents are escalated to Tier 2 support or other specialized teams according to the escalation matrix.
Performance Monitoring: Key performance indicators (KPIs) are tracked and analyzed to measure Help Desk performance, such as average resolution time, customer satisfaction, and first-call resolution rate. Regular reports are generated.
6. Escalation Matrix:
Issue Type
Tier 1 (Analyst)
Tier 2 (Second-Level Support)
Level 3 (Specialized Team/NOC Management)
Simple software issues
Resolve directly
Escalate if unresolved
Not usually required
Basic hardware problems
Resolve directly or escalate
Resolve or escalate to vendor
Escalate only if critical impact
Network connectivity issues
Escalate to Network team
Further investigation
Network Infrastructure Team
Account access issues
Resolve directly
Escalate if unresolved
Identity and Access Management Team
Complex technical issues
Escalate immediately
Investigate and resolve
Relevant specialized team or NOC Management
Security incidents
Escalate immediately
Investigate and escalate
Security Team
7. Performance Measurement: KPIs (Key Performance Indicators) are used to monitor the effectiveness of the Help Desk:
Average Resolution Time: Target for resolving incidents (e.g., under 2 hours for high priority, under 4 hours for normal priority).
Customer Satisfaction: Measured through surveys or feedback mechanisms. Target should be 90% or higher.
First Call Resolution Rate: Percentage of incidents resolved on the first contact. Target should be 70% or higher.
Ticket Resolution Accuracy: Percentage of tickets resolved correctly on the first attempt. Target should be above 95%.
Number of Escalated Tickets: Track percentage of tickets escalated to higher levels. Aim for a low percentage.
8. Review and Updates: This SOP will be reviewed and updated at least annually, or more frequently as needed, to reflect changes in technology, user needs, and organizational requirements. Regular reviews with stakeholders should be incorporated.
STANDARD OPERATING PROCEDURE (SOP) FOR POWER AND COOLING ADMINISTRATION SUB UNIT
1. Purpose: This SOP defines the processes and procedures for managing and maintaining the power and cooling infrastructure of the University of Ilorin NOC, ensuring reliable and stable operation of IT equipment. This directly supports the overall strategic goals of the NOC and COMSIT.
2. Scope: This SOP covers all aspects of power and cooling administration, including:
Power Infrastructure Management: Maintaining the primary and backup power systems, including generators, UPS (Uninterruptible Power Supply) systems, and power distribution.
Cooling Infrastructure Management: Maintaining the HVAC (Heating, Ventilation, and Air Conditioning) systems and other cooling equipment to regulate temperature and humidity within the NOC.
Environmental Monitoring: Continuous monitoring of environmental conditions (temperature, humidity, airflow) within the NOC.
Preventive Maintenance: Implementing and adhering to a preventative maintenance schedule for all power and cooling equipment.
Incident Response: Handling power and cooling-related incidents according to established procedures.
3. Roles and Responsibilities:
Power and Cooling Administration Lead: Overall responsibility for the Power and Cooling Administration sub-unit. Develops and implements strategies, manages staff, and reports to the Network Administrator.
Power and Cooling Engineer: Designs, implements, and maintains the NOC’s power and cooling systems; develops and implements preventative maintenance plans; responds to power and cooling system alerts; performs troubleshooting; monitors environmental conditions.
Power and Cooling Technician: Performs routine maintenance on power and cooling equipment; assists the engineer with more complex tasks.
4. Line of Command and Reporting:
All Power and Cooling Administration staff report to the Power and Cooling Administration Lead.
The Power and Cooling Administration Lead reports to the Network Administrator.
The Network Administrator reports to the Head of the NOC.
The Head of the NOC reports to the Director, COMSIT.
5. Processes and Procedures:
Power System Maintenance: Regular preventative maintenance is performed on all power equipment, including generators, UPS systems, and power distribution. This includes regular testing, inspections, and necessary repairs.
Cooling System Maintenance: Regular preventative maintenance is performed on all cooling equipment, including HVAC systems and other cooling devices. This includes regular testing, inspections, and necessary repairs.
Environmental Monitoring: Environmental conditions (temperature, humidity, airflow) within the NOC are continuously monitored using sensors and monitoring systems. Alerts are triggered if conditions exceed predefined thresholds.
Preventative Maintenance Schedule: A detailed preventative maintenance schedule is developed and implemented for all power and cooling equipment. This schedule includes specific tasks, frequencies, and responsible personnel.
Incident Response: A documented incident response plan is in place for handling power and cooling related incidents. This plan includes escalation procedures, communication protocols, and post-incident analysis.
Emergency Procedures: Procedures are in place for handling power outages and other emergencies. This includes backup power procedures and emergency contact information.
Documentation: Comprehensive documentation is maintained for all power and cooling equipment, including specifications, maintenance records, and diagrams.
6. Escalation Matrix:
Issue Type
Level 1 (Technician)
Level 2 (Engineer)
Level 3 (NOC Management/Facilities)
Minor power/cooling issues
Troubleshoot and resolve
Escalate if unresolved
Escalate only if critical impact
Major power outages
Escalate immediately
Immediate troubleshooting
Facilities Management/Emergency Services
HVAC system malfunctions
Escalate immediately
Immediate troubleshooting
Facilities Management
Environmental condition alerts
Investigate and address
Escalate if unresolved
Facilities Management
Generator failure
Escalate immediately
Immediate troubleshooting
Facilities Management/Emergency Services
7. Performance Measurement: KPIs (Key Performance Indicators) are used to monitor the effectiveness of the Power and Cooling Administration sub-unit:
NOC Uptime due to Reliable Power: Track the percentage of NOC downtime caused by power outages. Aim for 0%.
UPS System Availability: Track the percentage of time the UPS system provides uninterrupted power. Aim for 100%.
HVAC System Uptime: Track the percentage of time the HVAC system maintains optimal environmental conditions. Aim for 99% or higher.
Mean Time To Repair (MTTR) for Power/Cooling Outages: Track the average time taken to resolve power or cooling system outages. Define targets based on severity.
Adherence to Preventive Maintenance Schedule: Track the percentage of preventative maintenance tasks completed according to schedule. Aim for 100%.
DOCUMENT CONTROL
Version:
Effective Date:
Review Due Date:
Prepared by:
Approved by:
Distribution:
Head of NOC Unit
Core Mandate Leads (Network Infrastructure Management, Network Security & Monitoring, Server & Data Management, Help Desk & Support, Power & Cooling Administration)
