You have been hired as consultants to design and implement a widespread security

Question

You have been hired as consultants to design and implement a widespread security initiative for a rapidly expanding global eCommerce corporation with two websites and locations in New York, Chicago, San Francisco, London, Paris and Johannesburg. Business is good! In the next three months, the corporation will be acquiring another company in a different line of business with plans to offer products for sale online.

Part of your role is to recommend the best way for integrating both environments. However, not much information is available about the IT setup for the company being acquired. The other company might even have a mix of different operating environment – it is unclear since the IT staff in that company is not very communicative.

Some critical staff members in the other company are not happy with the upcoming merger and have sworn to be as uncooperative as possible. In particular, the Network Manager for the other company is a difficult personality – plans have been afoot to fire him but unfortunately he is the only one who knows the network architecture completely and he is not willing to share. You must find out everything about the new environment and propose specifics on how to seamlessly integrate both environments

In the initial conversation with executives of the global company, you realize that the company does not have a security policy. After much discussion, they have agreed that you should come up with a detailed security policy customized for the company.

In a follow-up meeting with the executives and IT staff of the global corporation, you are also assigned the task of identifying two (2) security audit tools (vulnerability/web scanners), two (2) intrusion detection systems and two (2) network firewall products that would be suitable for the global company. You are to test and describe the features of selected security solutions, indicating (a) which you prefer and (b) providing convincing rationale for why you prefer a specific solution in each category. In other words, you are to evaluate two products for each category and recommend one, giving the reasons for your choice.

Salient points: The new corporate acquisition will increase the total number of computers under you IT department’s care to about 60,000 computers and network devices. The exact number is not clear: even the management at the other company is not sure of the number of systems in that network because of the difficulty in finding out the specifics about the company being acquired.

From the little information that has been gleaned from the other company, it appears to run a mixture of a peer-to-peer network and the domain model. Part of the decision you would have to make would be how the integrated environments would be networked: you have been given the discretion to come up with the design and budget (subject to approval, of course) for the overall security initiative, covering (1) the security policy, (2) network audit to determine what devices and data are being protected, (3) seamless integration between the merging companies, (4) recommendation for IDS system(s), (5) recommendations for security audit tools (web/vulnerability scanners) and (6) recommendation for network firewall device(s).   

Explanation / Answer

The required details are as follows:

1) Intrusion Detection System or Tools: For intrusion detection we required both of the mention things as these two tools are very useful in intrusion detection.
   a). Antivirus Software: There are various free as well as licensed antivirus softwares avaialbe, which are being used by security professionals to find any malicious activities as well as threat. Proffesionals do various types of setting in the antivirus softwares to keep eye on performance as well as track on threats detected.

   b. Wireshark: This tool is also used to analyized the snoop trace of the network, with this tools professionals can see the network activities and can easily see any malicious activities.

2) Security Audit Tools: The two most recommended tools are as follows:
   a) Nmap: This tool is mostly used for the Network scanning and to find out and problem with in the network. Mostly used in various networking domains.
   b) Tcpdump: Its used to capture the network packets. And with the help of these captured packets we can get the health of our network.
  
In the above given tools i will recommend the tool Nmap.

3) Network firewall Products: The best network firewall available are:

   a) ZoneAlarm Firewall:
   b) Comodo Firewall
   c) Outpost Firewall

All of the above given firewall packages are good, you can select any one of them.

4) Security Policy: Security policy is being used to maintain atleast a minimum required security in networks as well as in industrial control systems. This policy include following given steps:

a) Identify: Here in this very step, ve identify the various resource, that we have look for the security issues. In the other way, we can say that, here in this step, we identify, what we need to protect or look for the security issues.

2) Asses: As in the first step various assets have been identified, so now in this step, we perform a security assessment on the resources as well as assets identified on the very first step. Here in this step we take care of various aspects of processes as well as of procedures to look for vulenrability as well as of security concerns. On the bases of the assessment, we derive the security issues as well as the security results, which tells about the security related issues of resource as well as of assets.

3) Protect: Here in this step, we work on the security issues found in the assessment step. Here we try to protect our procedures as well as the processes for security threats. We work on the security issure related results and try to protect and mitigate each and every resources involved in the process.

4) Monitor: After protecting the resources and the processes, we have to keep monitoring it, monitoring is required so that same process, procedure or the resource does not show the security concerns again.

So we can say the security policy is to devlop a security plan that can results in to the imporoved security of our systems as well as of networks. It also provide a model to continuously monitoring our systems and the resources. Security policy provides us the process in which one step leads to the second step and these step wise activities provide us refine and secure system. This security policy is the process that must be executed continuously, as its an ongoing process that help the system in security related issues.

Related Questions

Navigate

• Browse (All)
• Browse Y
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.