Overview While you have not been given carte blanche by the CEO, she has made it clear that money isn't necessarily an issue, within reason of course. The problems need to be solved so that the company can safely continue to manufacture its products in the most efficient manner possible.

CEO & CFO "Look, we don't think that we need the Rolls Royce of installations, but we can tell you that everything is riding on our ability to ship our combined products in a timely manner, and the network we're asking you to build is going to be a big part of that. We think the company will continue to grow, though not as rapidly as in the last several months. So, that being said, give us a network that makes sense."

The Multinational Conglomerate 365


1. What is the current business ss


The e-mail systems are not secure.


Each of the units is connected to the Internet with no firewalls in place.


Management is suddenly concerned with security.


Remote and traveling users need to connect securely.


Users need to access resources all over the tree.


Single sign-on is an issue.


Performance is an issue.

2. What solution(s) should you implement to solve the customer's business problem?


Ensure that each location has a secure connection to the Internet by instituting a bastion host type firewall solution.


Institute Kerberos KDC so that users can access network resources all through the tree.


Up-version all servers to Windows 2000.


Begin the risk management process to provide a framework for the internal and external security plans.


Make sure secure passwords are in place.


Assure that all users are on a uniform O/S desktop, and that service pack and service release levels are current.


Establish a VPN and an EFS security policy.


Plan and deploy a combination of bastion host and screened subnet types of firewalls.

Copyright ©2000 SYBEX, Inc., Alameda, CA


1. D, E, F. Now that the network is up and working, everyone is starting to want everything. While the e-mail system may or may not be secure, at this point it doesn't seem to be a major problem. Because the firewalls were not mentioned, we can again discern that issue has been addressed. Remote and traveling users are creating a financial burden that must be addressed. It was stressed by several people that users need to access resources all over the tree. Passwords seem to be a hangup also. There is also the issue of the 1,500 new computers, but that is not mentioned here.

2. B, E, G. It looks like you have a big task ahead of you. First of all, you have to make sure that Kerberos KDCs are in place, so that users can be authenticated through the tree. That will help solve the single sign-on issue. To maintain your password security, you want to make sure that complex passwords are required.

Next, you have to help the poor person in Athens. Any computer that is a part of that domain will have the security policy applied to it.

Finally for the traveling users, there are VPNs and EFS. With a VPN your user can attach to your network from anywhere and still maintain security. With EFS, if a laptop is stolen, the data can be secure.


Was this article helpful?

0 0

Post a comment