Reference no: EM133266006
Scenario
The Acme Consulting Agency is a mobile consulting agency that provides computer consulting to a wide range of businesses. Their work force contains 10 remote employees that travel and two offices in the state of North Dakota with 10 employees each. Each office has 10 desktop computers for the staff in those offices. Their network uses an outdated hardware firewall appliance and there is no remote access for employees. They have a single web server that serves the company website. Each office has a networked printer that is available publicly over WiFi. There is no secure network link between the two offices.
Mr. Jones, the CIO, has hired you as an IT consultant in order to evaluate their network for security and enhancements. Mr. Jones wants a network security policy captured so their IT staff can enhance their network and address security issues in the future. In the network security policy document, you will provide the following information:
1. A security evaluation report that describes various threats that can affect their existing network devices and mitigations. Explain the defense-in-depth strategy and how their network can be improved. Identify security tools, from the textbook and the labs, that could be used for further evaluations.
2. A firewall evaluation report that describes good practices for securing a firewall. Describe the overall problems with an ineffective firewall. Recommend a new type of firewall and why it is better than their outdated firewall appliance.
3. A proposal to link the two office networks using a secure VPN architecture. Describe the appropriate VPN technologies to use and the benefits to their office networks.
4. A proposal to offer remote access for remote employees using a secure VPN architecture. Describe security requirements like two-factor authentication and whether split-tunneling is supported.
5. A desktop security plan that explains how desktop computers will be protected. Include details like patch management, hard drive encryption, and backup/restore.