Case Study Assignment
Your company, Praetor, Inc, develops non-lethal crowd control technology for police and military use. It has decided to move the headquarters and primary operations to Amarillo, Texas and utilize an outside disaster recovery company to provide a disaster recovery hot site in Wayne, Pennsylvania.
Praetor, Inc, while most of its technology is for the civilian police market, has one Research and Development unit that is developing a light-based crowd control device for large groups for use by the military market. This unit is made up of 25 people - many of which do not currently live in Amarillo and the company has no plans to force their relocation to the new location.
The headquarters building is 3 floors in height and have approximately 150,000 square feet. As the senior CISSP, you have been tasked with designing the network solution with both functionality and usability in mind for the new location.
Further specifications\company requirements:
1. The primary site (Amarillo) is the only one you need to concern yourself with designing as the hot site (Wayne) is considered to be logically identical as it is a mirror hot site for business continuity\disaster recovery
2. There needs to be a constant connection between the two sites with no less than 105 Mbps throughput
3. There will be a datacenter on the third floor
4. There will be 100 network connections on each floor
5. There are 4 primary divisions in the company: Headquarters\Administration, Sales\Customer support, Research and Development (this division includes the Light device research t group) and Information Technology
6. The members of the Light device research group that do not live in Amarillo need to be able to connect to the primary datacenter at any time
7. Physical security as well as logical must be considered
8. There are file servers, database servers, corporate webservers and external sales webservers and all must have high-availability
9. All servers must have redundancy (both physical and how they are configured)
10. The solution should have a plan to verify security measures
Case requirements:
1. You should submit network drawings showing
a. the topology of the network
b. the topology of the VPN setup
They should include the hardware (and be labeled as such) but only generally - no brand names or models, just "switch", "firewall", "router", "server" and so on; any cabling differences should be noted as well.
2. You should include a paper that contains the following:
a. List any recommended cable and where it will be used
b. List the type of connection you will utilize to ensure 105 Mbps connection between sites (do not just give a medium, like fiber or copper, or just a protocol)
c. Recommend wiring closets wherever needed
d. Recommend any WAN or wireless technologies; mention and explain what topologies you used and why
e. How you will set up the servers (both physical and logical should be explained) to have:
i. redundancy
ii. high-availability
f. What logical protections you recommend
i. What measures you will take to protect against attack
ii. What measures you will take to prevent attacks
iii. What measures you will take to be notified that you are being attacked
g. Recommend and describe logical (i.e. network) traps to stop attackers
h. Any physical security measures you deem appropriate
i. What they are
ii. Where they are
iii. How they protect
i. How the remote users will connect securely
j. How will security measures be verified?
k. Justify your recommendations.