Академический Документы
Профессиональный Документы
Культура Документы
12/4/16
It is our desire to implement a secure, stable, and redundant network using Microsoft
Server 2012 and Active Directory, with internet access via an ISP allowing wifi
access throughout the building. Microsoft Active Directory will be used for Authentication,
Authorization, and Accounting. Authentication provides a way of identifying a user, typically by
having the user enter a valid user name and valid password before access is granted. We will
create accounts for every employee, and assign passwords to each individual upon contact. We
will handle the authorization setup, and provide appropriate access levels for each individual.
Stable desktops with an adequate amount of storage and power will be implemented for
optimal productivity. Locks for the server room will be needed for security purposes. A database
for storing client information, sensitive data, and other needs of the organization will need to be
created. File and print sharing access will be provided. An intrusion detection system as well as a
firewall system will be implemented for security measures.
CAT5e Cabling needs to be installed throughout the building to connect the network. A
pair of 24 port switches to replace the hubs that were damaged will also be installed. One router
and ISP will give us a modem. One server rack with one server, a UPS for power outages and
surge protectors for the computers and hardware will be added. Extra air conditioning in the
server room to keep hardware from overheating will be a necessary addition. Separate wifi
routers for the first and fifth floor will be installed. Microsoft Server 2012 with Active directory
and a DNS for the organizations network will be implemented.
Written Description
For this proposal, our network shall be a fairly simple network, consisting of a main
router connected to our ISP, which then connects to a switch connecting our two VLANs, one for
the first floor, and one for the fifth floor as well as our servers. Both VLANs consists of a router
and a 24 port ethernet switch, which connects all of the workstations on their respective floors,
along with wireless access points on each floor. Each workstation is connected to the wall using
ethernet jacks, and the ethernet cables run through the walls into the ceiling, to the switches in
the comm closet.
All of the equipment will be brand new, as the technology left for us was quite ancient.
We shall purchase 24 new workstations, along with all of the switches, routers, cabling, and
various other things as needed to support the network.
As a small NPO, the network doesnt need to be a hugely complicated thing, but we
thought it wise to separate the different floors of the building into separate VLANS, or virtual
local area networks. This way we can give the network on the fifth floor different privileges or
options if you so choose. We decided that all new equipment was necessary as the desktops left
were early 2000s technology, some even from the late 90s, and the networking equipment was
all either damaged or non-existent.
Our network equipment will all be placed in the comm closet, with most of it on the first
floor, but with a router and switch on the fifth floor. Most of the workstations will be placed in
the training room, as well as the empty room next to the conference room.
While the network we are implementing isnt overly-complicated; it meets the needs of
the NPO. Our implementations are more than sufficient to support the needs of the user-base in
an effective manner.
Network Policies
Our network will use DHCP to automatically assign IP address to workstations, as
opposed to making every workstation static, as we wont always be using some of the
workstations. We will have a DNS for our LAN network. Our website with information about
our NPO will be off site hosted by hostgator. The website will not allow connections to our
servers or databases through the internet. We will have our servers be private for security
reasons. Any off site access to directories or files will be strictly limited to a Dropbox account
that our system admins will control. If any employee needs access to files on our server we will
give them access to only those files on our Dropbox account. This will add security and allow
limited access remotely on a employee by employee basis. Through Active Directory we can
create groups that have limited access to the directories. This will allow certain groups to what
they need to perform their jobs and restrict them from accessing files that do not pertain to their
job within the NPO. Active Directory will also allow System Administrators to create and delete
user accounts as need be. Users may then be placed into their respective group allowing them
limited access. We believe these policies will allow the NPO to grow in the future without
adding unneeded complexities for our System Administrators.
Security Policies
Microsoft Active Directory will be used for Authentication, Authorization, and
Accounting. We will create accounts for every employee, and assign passwords to each
individual upon contact. Our organization will handle the authorization setup, and provide
appropriate access levels for each individual. We will provide locks and keys for the server room
so only those who are authorized are allowed to enter. A database for storing client information,
sensitive data, and other needs of the organization will need to be created, and security measures
will need to be implemented for it. We will provide appropriate authentication and authorization
for those who need access to the database via the DBMS. An intrusion detection system as well
as a firewall system will be implemented for additional security measures.
One of the first aspects to consider is personnel safety and awareness. The NPO will keep
an updated list of employee contacts in the event they needed to be contacted in the event of an
emergency, so alerts can be blasted with continuous updates. The NPO will also have an
emergency evacuation plan in place and posted throughout our rooms, additionally the NPO will
execute various types of drills quarterly to ensure personnel are not caught unawares in the event
of an actual emergency. Additionally, certain medical supplies and fire suppressants will be
placed throughout the building, as well as having key members of the organization being trained
in CPR. Counseling will also provided to personnel if necessary as well.
The building in which business is conducted also has safeguards as well. The venue will
of course have property insurance, which will cover the external and internal properties.
Additionally, we will have cyberattack insurance in the event of a security breach in our cyber
properties. A risk management assessment should be conducted every quarter by authorized
personnel.
The NPO has also defined protocol for all physical and electronic files and information.
All essential information whether stored in our databases or servers will be backed up by a
third-party vendor. In the event of cyberattacks, the third-party vendor provides backup copies if
anything is destroyed or altered from a cyber-breach. If a physical disaster impacted operations
at the NPO, then the third-party vendor backup will allow for remote access to such information
and property from the designated alternative venue. Data located on the SQL database and
Microsoft server will be backed up daily through an automated process to the third-party vendor.
Although, the NPO strives for all essential information to be electronic, nonetheless there will be
essential information that will be physically printed on paper or stored on hardware such as
CD-ROM or USB. In the event of a disaster that cripples the main site, a fire-proof cabinet or
safe will be designated so risk to pertinent information stored on physical mediums will be
mitigated.
The NPO also will designate a media relations representative, who is the only authorized
employee to speak to the media in the event of a disaster. Non-designated personnel are not
authorized to speak to the media and any remarks made by such personnel are not considered
official communications of the NPO. The NPO will also work with local emergency
management authorities to coordinate recovery efforts to the main site. This includes assessing
damage, making an insurance claim, or any other action deemed necessary to return to normal
business operations of the NPO. In the event that normal operations cannot be resumed at the
main site, operations will continue at the designated venue. The NPO will work with phone,
internet, mail and application providers to ensure there is no disruption of services. Additionally,
a technology shopping cart will be set up, so any unrecoverable property or technology can be
replaced in a timely manner. Unusable technology such as workstations or desktops will be
sanitized before disposal.
Budget
Item Number required Cost
Dell Precision 5000 20 $20,000
workstations
Installation Costs 1 $10,000
iMacs 4 $5,000
Monitors 20 $4,000
Printer/copier 2 $700
Windows 10 Pro 24 $0
Office Suite 24 $0