Networking Security and Administration - Essay Example

TOC: Introduction 2 Bottlenecks 2 Problems of Growth 3 Legacy Systems 4 Business Constraints and Goals 5 Corporate and Geographic Structure 6 Applications 6 Information Flows 7 Shared Data 7 Network Traffic, Access and Performance 8 Conclusion 8 Introduction Integrating the other company's existing network infrastructure into my organization's one requires number of network and security issues. Integrating the security infrastructure of two organizations involves a number of complex policy administration, engineering, implementation, and managerial tasks. It may be necessary to make appropriate human resource investments also. That's why following infrastructure issues must be entirely determined to perform successful integration: Security Policies - a comprehensive compilation of all security policies for both organizations. Server Systems - list of all server systems, their current operating system and version number, their current IP addresses, their physical location, their logical (network) location, and applications that reside on each server system. Network Equipment -- List of all current network equipment such as routers, switches, encryptors, their current operating system (if any) and version number, their current IP addresses, their physical location, and their logical (network) location. Applications - list of all applications that must be functioning over the new integrated infrastructure. Bottlenecks Connection between my organization's network and other organization's is provided using the Internet as the medium. The danger in doing this is that there is no privacy on this channel, and it's difficult to provide the other office access to internal resources without providing those resources to everyone on the Internet. To prevent this bottleneck in security I plan to use VPN. VPNs provide the ability for two offices to communicate with each other in such a way that it looks like they're directly connected over a private leased line. The session between them, although going over the Internet, is private because the link is encrypted. Also the link is convenient, because each can see each other's internal resources without showing them off to the entire world. A number of firewall vendors are including the ability to build VPNs in their offerings, either directly with their base product, or as an add-on. If you have needed to connect several offices together, this might very well be the best way to do it. Problems of Growth There are two problems of integration of the other company's existing network infrastructure into my organisations: performance and infrastructure. Network performance is common problem of growth for corporations. A lot of companies haven't easily been able to gather the data needed to illustrate what was flowing over their networks. In most cases, companies took a reactive rather than a proactive approach. After users complained about slow response times, a technician would walk to various network-connection points, install a protocol analyser that would gather network throughput data and generate reports outlining how different segments were performing, and then manually sift through the reports to determine a problem's source. This process was both time-consuming and error-prone. Now many network-equipment vendors working with the Internet Engineering Task Force began to outline standards that could automate the collection of performance data, that enables network managers to automatically pull management information from network devices, such as routers and switches. So when they see that network traffic exceeds existent equipment's performance abilities, they can order more productive equipment. Integration of one company's existing network infrastructure into the others may need structural changes in the existing network. Good solution can be treating new company as a branch, so I need to provide a sub-domain to its network and to build trust relations accordingly. Legacy Systems Since the new company uses Windows for desktops and servers and current support person was awarded the MCSE certificate and is now studying at TAFE for a Certificate IV in Technical Support, I recommend leaving Windows network in the new company. The new company have already made investment in all this, so it would be inefficient to reinstall all software and to train the support person in other operating system. When connecting two company networks that are passing valuable company data, meshing the security policies is required to make sure data moving from one enterprise to the next reflects corporate security policies. In addition, depending on the size of the organization and the type of industries involved, there may be a broad range of relevant security policies covering all aspects of physical security, data communications security, access controls, log management and retention, event reporting, etc. In an increasingly networked environment, security policies must be applied evenly across the entire organization, because one weakness in the network can invalidate the security of a great portion, even all, of the entire network. For proper integration of the new company's infrastructure to my company's one I need completely rebuild it and probably build it from the beginning. So I need to develop plan of migration for the new company's network, including domains, user accounts, groups and so on. Since Windows-based network uses Active Directory for storing this data, I can use the Active Directory Migration Tool for the process of migrating user accounts, groups, service accounts, trusts, and computers. It includes user account migration, group migration, computer migration, trust relationship migration, and service account migration Business Constraints and Goals Business management must own the initial requirements prioritization effort. I need to develop a list of business goals of the integration process in priority descending order and use this list as a guide to order IT goals execution. It is critical for both business and IT participants to share a common understanding of the comprehensive requirements list. I suggest following one: Sharing of the corporate-wide data Providing data flow between headquarters and all branches (including the new company) Application sharing for the corporate network Providing security of access to business data Providing of secure access to corporate network for users who work from home Printer, scanner and other equipment sharing To avoid integration project failure I need to develop the list of constraints and foresee all the most important constraints that can occur during integration. It's necessary to examen the following issues: Budget constraints Human resource constraints Hardware and software performance constraints ISP and other third party providers constraints Corporate and Geographic Structure The headquarters is in a large inland city. It has branches in three other regional centres and new company is situated in another regional centre. Corporate and geographic structure of the organisation is basement for building its network. I suggest the structure shown on the picture below: Applications It's a good practice to use common standards for applications in the entire organisation. In the Windows networks of a medium-sized company following applications are used: Microsoft Office (Word, Excel, Access, PowerPoint, Outlook) Image Viewer. I recommend IrfanView as a very fast, small, compact and innovative freeware (for non-commercial use) graphic viewer for Windows 9x/ME/NT/2000/XP/2003. Communication software. Although Windows includes MSN messenger for short messages sending, I recommend using ICQ or Miranda IM for this, because both of them are free and easy to use. Miranda IM is the best choice, because it is a multi protocol instant messenger client. It is designed to be resource efficient and easy to use; it uses very little memory and requires no installation. Information system. As the company provides some activity, have customers, orders, executors and other entities; it's a good practice to use a web-based corporate-wide information system. Information Flows I plan to organize information flows inside company in such way when information from the regional centres comes to the headquarters and information the headquarters is distributed between regional centres. Operators in the regional centres input information about customers, orders and freight traffic to web-based corporate-wide information system. Management in the headquarters is permitted to analyse this information, manage it and build charts and reports. I will also integrate new company's specialist e-mail lists and on-line newsletter with feedback to corporate infrastructure by moving them to the headquarters' web server. Shared Data There are a number of information issues that must be shared between managers and other specialists: Customer database Truck inventory Company's organization chart Marketing and development plan Company budget I plan to place all this information at the main server in the headquarters Network Traffic, Access and Performance For improvement of management of network traffic, access and performance management I recommend using Windows Server 2003 for main server of the network. Windows Server 2003 has three basic tools for monitoring network traffic: Task Manager, Performance Console and Network Monitor. Group Policy and the Active Directory services infrastructure in Windows Server 2003 enable IT administrator to automate one-to-many management of users and computers, simplifying administrative tasks and reducing IT costs. Network performance in Windows Server 2003 can be measured with Performance Monitor. The Performance Monitor, or System Monitor, is a utility used to track a range of processes and give a real time graphical display of the results, on a Windows 2003 system. Conclusion Integrating the security infrastructure of two organizations is a complex task that requires precision planning and excellent teamwork. These security integration projects often get delayed and cause frustration among the personnel involved because of a number of negative factors. These issues include: incomplete or fluid business requirements, inappropriate prioritization, failure to enlist appropriate human resources, serial task execution, ineffective communication, tentative (or worse, dubious) collaboration, and critical information and dependencies not clearly identified nor tracked to completion. Reference: 1. Pabrai, Uday O. Ali and McCright, Matt (2001). 'Integrating Network and Security Infrastructures'. Advisor.com (online). Available: http://advisor.com/Articles.nsf/aid/PABRU05 (June 28, 2005) Read More