Friday, October 11, 2019

CMTG Network Security Infrastructure

Each Kudler Fine Foods location would be protected via higher end firewall recommended for small/medium size businesses with higher security requirements (Cisco, Watchguard, Barracuda). Each Kudler Fine Foods location, regardless of its geographical location, would have hi-speed internet access that would keep it connected to the headquarters location. Each firewall would be configured to provide maximum security for each location as well as Virtual Private Network (VPN) connection between the location and the headquarters. Headquarters location would host Main POS Database Server which would be synchronized with all other POS database servers every fifteen to thirty minutes. All of the synchronization would take place via VPN that has 1024bit encryption. Each geographical location would be able to access necessary data and files at the headquarters location via VPN at any time. Depending on the network authentication and network policies, not every person would have access to the same data. Since Kudler Fine Foods employs only two computer support specialists, we would recommend for the email to be hosted off site and be accessed either via Outlook Web Access (web-mail) or POP/SMPT/IMAP protocols with the Microsoft Outlook client. We also recommend that Email SPAM filtering be provided by the Email Host, but Kudler Fine Foods computer support staff should have access to email spam filters and manage them as they see fit best for the organization. Read this  Chapter 2 – Why Security is Needed We would also recommend for the Website to be hosted outside of the Kudler Fine Foods network but would recommend that Website’s database be synchronized with the network database via secure connection. Main reason for suggesting Email and Website services to be hosted off-site is security, downtime and support staff. Each firewall would handle IDS and IDP (intrusion detection and prevention service), as well as web access filtering, attachment filtering, traffic monitoring, virus scanning. Each computer and server would also run virus protection software. Firewall would be setup to shut down and block any suspicious network incoming/outgoing traffic in case of security breach and log it and email notify the computer support specialist (DoS, Hacker attacks, Virus outbreak). Firewall security updates would be done automatically and in the background and would provide security against latest threats. We believe that proposed network security infrastructure for Kudler Fine Foods would be secure, centralized, manageable by the small IT staff, reasonably priced to implement and easily upgradable and expendable in the future.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.