Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

***** I ONLY NEED PLAN OF IMPLEMENTATION ****** You have recently been hired by

ID: 3857394 • Letter: #

Question

***** I ONLY NEED PLAN OF IMPLEMENTATION ******

You have recently been hired by a new Japanese accounting firm, headquarter in Tokyo, as the director of Information Systems and Telecommunications. Your assignment is to assist security posture of the firm and develop a security structure for this new company. Write your recommendations and reasons to the firm’s CEO.

The firm has 600 employees in Tokyo, 50 in Houston, and is planning to open two branch offices in India and California. Ten accountants will be hired at each site. USA customers’ data from the Houston and California offices will be transmitted to the India and Japan offices for processing of payroll. The results are then sent back to the Firm’s USA office in Houston. Currently, only TCP/IP (pubic Internet) is being used. The firm’s network is a Windows environment, using CISCO products, with two IPv4 address, 211.156.13.0/24 and 211.156.14.0/24. You may create any subnet as needed.

Assume no security applications are in place since this is a new company. Design a detailed logical and physical security system to be used in the new firm’s plan. Provide information about specific hardware and software.

Also include needed policies and procedures. Provide security details and address policies, government

regulations and industry regulations as needed.

Your high level areas of requirements are as follows (this is a big list – focus on priorities!):

Install critical infrastructure that provides business continuity

Implement IDS/IPS solution

Investigate next generation technology

Implement VPN for Remote Users

Email Filtering (scanning for viruses, spam, etc)

Web Filtering

SIEM Solution (malware analysis, vulnerability scanning, internal penetration testing)

Penetration Testing and Security Auditing (outside service option)

HTTP to HTTPS Conversion

Centralized Management Services for all Networking/Security Devices

Recommend Standards for configuration of all devices and servers

ACL standards (allow/deny), Turn off services, ports, block protocols, etc.

Disaster Recovery (just backup at the config level & data)

Standard for offsite device config backup and recovery

Standard for data backup and recovery

Physical Security (recent incidents indicate espionage risk is high)

Standards for device and physical access (ex: BitLocker, disable USB, biometrics, cameras, security guards)

User awareness & training

Your project must clearly articulate methodologies that address the business needs, determining the infrastructure and operations, developing timelines, and an implementation plan.

The network design must be robust, secure, functional, and support the speed of business. Your organization has a mix of email, web-services, patch/change management, virus protection, basic perimeter based security. Your team is free to make assumptions and recommendations so long as they are clearly documented and relayed to the stakeholders; include anything that your team believes will be needed.

To meet the stakeholder’s needs your solution and presentation will be assessed on:

I. Scope

II. Plan of Implementation (what will be implemented in months 1-3, 4-6, 6-9 and 9-12)

III. Design Document

IV. High Level Project Plan (Time to Implement)

V. Overall cost (guess since you will not have access to discounted prices)

Explanation / Answer


IDS - Intrusion defense systems /IPS - intrusion prevention systems al though they have a common base, but fit into the network in different places, with varied functions, and solve n number of different problems.
IPS is compared to firewall, yet both are control deivces. An enterprise firewall may have thousands of rules to allow the packet pass through.In the absence of a reason to pass the traffic the firewall drops it. But an IPS in the absence of a reason to drop the traffic, the IPS passes it through.IDS being a visibility tool can be compared to an protocol anaylser. An IDS will be required if we want visibility, and buy an IPS if we need to exercise control. But IPS and IDS vendors don't make it easy for us, because they have developed and released hybrid products which combine IDS visibility on top of IPS control.

There may be several benefits of an SSL VPN and an IPsec VPN with a well thought out VPN strategy which needs to be implemented onto an enterprise.
The great benefit with IPsec is it's a fast mode of transport and better optimized for quick access to VoIP and streaming media.
Assess the applications and ensure internal compatibility with the VPN plans for an enterprise.
HTTPS website is better for everyone via privacy, consistency, and security, and more.

Related Questions

*** Use a calculator plz***** The accompanying data are x = advertising share an
Question #2909178
*** WRITE CODE IN C LANGUAGE PLEASE *** Problem: Mother Goose Department Store h
Question #3562992
*** WRITE CODE IN C LANGUAGE PLEASE *** Problem: Mother Goose Department Store h
Question #3563019
*** What are the rest of the MU per Dollar (Pretzels) and MU per Dollar (Eskimo
Question #1134451
*** Will you guys please show me how you got your answer mathematically rather t
Question #2620533
*** Write a Java programm*** This assignment will have you working with Collecti
Question #3722293
*** Write a MATLAB function called maxproduct that takes a matrix A and a positi
Question #3832948
*** Write a function called reverse_diag that creates a square matrix whose elem
Question #3782367

Navigate

Previous
***** I NEED HELP WITH C. NET MARGIN I THOUGHT THAT NET MARGIN = NET INCOME (NET
Next
***** IN PYTHON ***** NEAR PRIME (definition): We call a number near prime if it

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.