More on NOC Blogs


In response to my recent article on NOC blogs, Gordon Weakliem asked about the security aspects. In particular, it seems that there can be (and perhaps is) information that you might want a NOC blog, but not want public. In light of that and some other thoughts, a few comments:

  1. A NOC blog should probably be built using a system that allows multiple authors. Manilla, Movable Type, and Slashcode would all seem to meet this requirement. It would be unusual for single person to be familiar with all aspects of the NOC. It would be more convinient for everyone to post as necessary.
  2. The NOC blog should have public and private parts. Each should have its own RSS feed. The private area should be used for more sensative information like suspected hacks, network configuration posts, and the like. If possible, the system should be configured so that the public feed is a filtered view of the private feed so that people with access don't need to subscribe to both. In some cases, it might work to just keep the private area behind the firewall. In others authentication might be necessary.
  3. Depending on how sophisticated the network and systems are, I think that the more categorization that the NOC personnel can do the better. For example, I might want to only receive a feed of status information for just a single system.
  4. In an ideal world, all of this is driven in some way from the trouble ticket system to avoid double entry by the NOC personnel.

All in all, I think a blog and especially any associated RSS feeds is a great addition to a NOC. If you've read my paper on Tiered Support you'll see right where this can fit in. Given the organization in that paper, I think that the product operations engineers ought to be running one for each product that they manage as well.