Active Directory Implementation

The security design is for the network design for pharmaceutical industry. The company has three locations in Dallas, Houston and Los Angeles had a plan to expand their base shortly. Crete LLC will benefit a lot from the implementation of Active Directory and Windows Server 2016 making use of the various security features that will help administration such as file access. In the paper, we will work on the use of Windows Server 2012 in coverage of Domain Name System, Active Directory, Windows Server Update, Remote Services and Windows Active Directory. Gathering Policies have an additionally preferred standpoint of characterizing which alternative is required to sign into the frameworks and checking unpredictable exercises in the system. UAC can be set up in the workstations which may solidify them and evacuate any noxious programming which might be required to run the PCs with The proposal will also include the plans in handling the domain names, data security and the different access to the remote offices. All these will be done with n aim of maintaining the business mission, objectives, and goals of Crete LLC.

Active Directory

The company uses the Active directory in monitoring internet security. There is data models company will use in the domain model which will operate regionally. One location will allow the root of the forest while other location will have their regional domain trees and structure. Houston Office is to be used as the domain root; this will make Dallas and LA other domains in the region.  This will allow the primary Office Crete LLC to have a stable network environment over time. When considering domain names, Houston location will give the domain, Dallas will have the following domain names, dallas.corp.com while LA will have la.corp.com.

The traffic that passes WAN lines between different domains will not be used in saving the costs of doing business. To arrive at this goal, the domain controllers will be situated in all the three locations within the company. The effect of this is cutting down the expenses and helping in increasing productivity of the company. Since there are two companies in their central offices, which according to the branch offices, requires robust and reliable authentication services.

Active Group Policy

In every system, do not keep default password. Any attempt at the breach of Network will have the adverse effect and could cost the organization a lot of money. The storage calculation is done through calculation of the disk space which gives the nearest approximate of the disk space used. If the usage were not allotted to the current user, the notifications could be done through the use of email. Using the Group Policy, it is easier to regulate the use of password because the same password could be used system-wide while file accesses are still controlled. One of the group policies is how many times can a wrong attempt to the password can be locked out of the system. Group Policies have an added advantage of defining which option is required to log into the systems and monitoring irregular activities in the network. UAC can be set up in the workstations that my harden them and remove any malicious software which may be required to run the computers with wrong.credentials (Stefanek, 2002).

Domain Name Services

This is a service with help in resolving the hostnames to an IP Address. For Crete LLC, public DNS system will be deployed, and crete.com will be sufficient for the company. For internal access, there will be inter.crete.com. This will create secure transmission of DNS data and the AD DS so that the client can control the domain controllers.

Files Services

Due to the nature of the network requirement by Crete LLC, the data security is very significant to an organization. The drives will need encryption to ensure that should any data get lost, the that remains with the computer. NTFS provides the security permissions which will be used in the network and have limited access to the files and folders based on who is accessing basis.  The quotas will be adjusted in aligning the space that can be utilized on the server to allow one user group who is not using so much space will use the files for which will be accessible to everyone else. The business is put in three different locations which are assumed that the locations should gain access to the data from other locations. Distributed File System will be used to speak about folders that may be within several parts of the company with folders and subfolder access. Each namespace which appears on the folders and subfolders can be confined to many targets for the different servers and subfolders.

All the folders need synchronization by replication throughout the network. Enumerations will be used by the users to see the files and folders on to which the files have permissions. DFS has many benefits which can improve the file access through multiple disk drives. For quota management, Server Resource Manager will be implemented, and it has storage server which helps administrators to manage and classify stored data. FSRM will, therefore, provide the needed control over the file quotas and provide options for file blocking and screening and reports depending on the type of access reported.  Using FSRM, the administrator would apply actions and policies depend on the classifications of the files. File screening is done the type of users of the network and can store data in their file system.  The storage calculation is done through calculation of the disk space which gives the nearest approximate of the disk space used. If the usage were not allotted to the current user, the notifications could be done through the use of email. Custom even logs can be kept by and access with the least effort possible.

Remote Services

A secure remote connection is one of the requirements of the network and creating a secure location to Houston location for the sales personnel was one of the priorities of the company. To manage this, a Virtual Private Network would need configuration on the Windows Server 2012 which will provide the required remote access to the location via an encrypted pathways. Windows VPN has had four protocols which help in securing a connection. The protocol to be deployed in this area is the Internet Key Exchange. It is a secure and fast and has the advanced connection to help in establishing connections in case any connection is lost. IKEA uses smart card authentication and boasts of high-security features not limited to integrity, confidentiality and finding the origin of the authentication required. The software increases the robustness of the DOS attacks which improves the reliability through sequence numbers and error correction.  However, any VPN implementation which is secure, there is always a risk of human error which can cause a security breach.  Therefore, employees on remote connections must be educated on the likelihood of having an error which can result in a security breach.

WSUS

Windows Server Update is used by administrators who need to manage the critical updates to their windows.  WSUS is used on the network so that the updates from the company can be downloaded for future reference. In this way, there is no critical update that will be missed before they are rolled into the network.  WSUS servers will be used for installing any critical update which is required by the Windows Server. The bandwidth usage has been created to accommodate the requirements of the network, the client’s machines are configured to handle patches download and Microsoft updates.

Types of database threats

While offline presents the insider attack as the most probable, online attacks take the following forms.

1. Privilege abuse: when the database users have access-level that exceeds their job requirements, these privileges may be abused unintentionally or intentionally. For instance, an administrator who decides to create a bogus account in a college for collecting money.

2. Operating System vulnerabilities: there are vulnerabilities in the operating systems such as Windows and Linux. The services offered by these operating systems might lead to vulnerabilities that could lead to unauthorized access (Shimp, 2013). The access can lead to denial of service damage. This can be prevented by having operating  systems updated and having both internet and physical security established

Database rootkits: a databases rootkit can be a request that is protected inside the info source and the admin level privileges to get used to the databases. This can be dangerous when sensitive information is accessed.

Ways of using the customer database.

Create repeat customers by having the best services delivery.

Better understand your customers and identify their needs

Upsell your customers: use the existing customers and provide them with a wide range of goods and services.

Ask for customer referral: using the existing customer base, you can ask for more referral and have more customers trooping

Have a great customer focus: Focusing on the customers allows the business to maintain the customer base.

Company Current Plan

The company provides healthcare services to patients and manages the patient information. The company is worried about the disasters that have been happening of late. Almost all companies have experienced a disaster in the last 12 months, and all disasters have had a big budget averaging $2.2 million. The company manager decides to call for a meeting for disaster preparedness. The company has a call center, which has to be considered in case of a disaster. The company has an offshore storage strategy, and there is a communication department. The company has 24 person call center with customer warehouse which runs on HP servers and has a back up installed. The company has a failover strategy that includes offshore facilities and hardware equipment.

From the digital forensic department, there is a backup strategy where data is locked and fireproof cabinet (Cook, 2015). The forensic section has incremental backups and weekly backup plan that backs up data once every month. The company currently does not have a high tolerant strategy. The company has noted a weak recovery strategy, and the company wants to have an offsite backup strategy and needs to invest in an alternate site for data recovery (Lewis, 2015). The company needs a parallel call center and needs an emergency recovery site, network configuration equipment and developing a new call center operations although all these will come at extra costs.

BC/DRP strategy recommendation report.

The company needs to have a backup plan for the company. The back-up plan will include an offshore facility. The company needs an emergency operation center and no alternative site procedures, which will require daily updating of data.  In the current set up, the backup facility has a capacity of 30% with a very limited testing plan. The communication strategy also needs to be redefined. From the recovery deficit plan, the backup costs are too high. Therefore, some items in the recovery plan will have to minimize while focusing on the best practices of data recovery. The following primary requirement though is required in the backup plan. One is a backup generator, without this massive data can be lost. The company also need to provide both hardware and software for big data storage.

An external company is required to help with data backup. The company should manage backup, provision of ups power banks, configuring equipment should a disaster occur, and the company should be entrusted with securing most sensitive data. The management should also be trained on data recovery steps that will be outlined in the data recovery plan. The training manual will be distributed to people who need it. The following shows the steps to be followed by employees should such a disaster occur. Once a disaster occurs the recovery measures must be taken the members of the recovery team will respond in the following steps;

The task of tasks for medium criticality systems

Program for the restoration of medium criticality systems

Recovery measures necessary for low criticality systems

Persistence of facilities jobs excellent/required at Most crucial Facility

Both Firewall and IPS have been used in controlling the devices. The two are placed between the networks and used in monitoring the traffic the could pass through them. IPS is used in configuring the rules of the internet access. IPS is used in blocking attacks when there is time to respond to the attacks, the time to exploit and IPS gives the time to patch the system. IPS is now the most deployed method of dealing with the internet known attacks. IDS is, on the other hand, used in inspection of both outbound and inbound traffic to and from the network. Through the monitoring, IDS is used to prevent the threats to the internet (Roessing, 2010). IDS is classified into two: there is IDS for anomaly detection and IDS for normal detection. IN the anomaly detection, IDS compares large data with a signature attack, when this attack happens, the software is used to identify attacks with the known characteristics. There are some limits to intrusion detection system.

Host-based systems vs. Network-based: In through a system are examined. NIDS can distinguish a noxious bundle that is neglected by basic separating of the malignant parcels.

Reactive system vs. Passive system: When used in the mode perceived to be passive, IDS is used in identifying the potential access to the system and possible,  IDS could be used to respond to any logs to the system and block any new signature.

The crucial difference between IDS and IPS is that scans for interferences and blocks them from the computer network, while IDS surveys the potential attacks hence keeping the attacks at bay. IPS keeps the attacks while IPS confines the impact of the attacks when it has happened.  The network can be secured in the following ways:

Network traffic analysis

. This infers there is a likelihood of brute-force attack on the SSH network. The attacks rely on the program for executing one ambush after another to get to the computer network. Various blends of models are used including the used passwords, possible messages, emails, and various distinctive strategies of attacks. The framework can have a framework system, for instance, using skilled passwords, use of RSA confirmation and using the tables to ruin the moving toward attacks.

Backup and Recovery Requirements

The recovery, backup/availability, operational and performance automation requirements are:

o Very large web directories (VLDBs) must be are powered by Glass home windows systems and housed running a business managed environments

o Business and critical target applications must be are powered by Windows systems and housed in corporation managed environments (At DPW, these are Oracle and Microsoft SQL)

o Mobile or remote desktop systems: the system need to have remote access to different interfaces including mobile

o The backup product must provide adequate diagnostic instrumentation in the form of trace facilities, and the detailed, comprehensible error messaging to provide clear detail

Client-backup/recovery Functionality  

Basic client-backup/recovery functions include end-user and administrator-initiated requests of operational staff for:

Backup and recovery

Point-in-time recovery, recovery to alternative directories, systems, and inclusion and exclusion filtering

Advanced functions include product support for automated “bare metal” recovery and direct client-read access to the server backstory

Backup/Recovery-process Monitoring, Reporting, and Supplemental Automation 

Many organizations need supporting comprehensive reporting and analysis functions, including:

Service-level reporting

Service-level management (external backup-process monitoring and recovery)

Proactive service-level analysis (backup window trending and component analysis)

Basic reporting and a command-level interface for external management

Database Backup and Recovery Considerations

Traditional backup methods are regular, full, physical repository backups in combo with the archival of intervening offer log. Please refer to the Data Base Backup Strategies Guideline documentation for a more detailed explanation of the current processes (Hintzbergen, Hintzbergen  & Smulders,2010).

Types of Backup/Recovery for Database

Schema/User level

Incremental

Point in Time

Full Cold Backup

Logical Backups

Ad hoc backups when requested or deemed necessary by DBA

Operational Backup Standards

Weekly Backups

Full backup of server operation system, file systems, and database to tape (as application dependent)

Backup of selected files or software to tape.

Daily Backups

Backup of selected files or software to tape:

Back-up of data and software that has transformed since the recent backup

Granular incremental back up of sites and record system reproductions that are pre-staged for restoration and versioned to tape 

Operational Recovery Standards

Operational Recovery Standards follow:

Operational staff must have the approval of the appropriate section of Division of Technology &  Engineering before using any runs to recover server system software

Operational staff can recover selected files, when requested, with scripts/runs

Database administrator (DBA) will assist in running database recovery scripts/runs to recover the database

Disaster Recovery and Contingency Plans

Business continuity plans do not cover a loss of access to DPW. Loss of services from a disaster is not covered.

The cost of backup

The cost of backup is not always considered while doing the backup because the data required is more important than the cost required. Apart from observing the data backup policies shown above, the most likely back up for this is a computer server with 400*500 G disk space. This is 20TB of data. These can be five servers each with space of 5TB. Although this will be expensive for the company, this choice is inevitable. Therefore, costs become irrelevant in this case for the type of data being backed up. Since cost is constant, the following options could be used;

Network attached storage: A system attached storage machine is a limit that partners clearly to the framework. It highlights the predetermined limits of a record server and recognizes various limit drives. Overabundance is offered as RAID limits, as NAS support unique record traditions to work mainly desktops and compact workstations. A couple of network attached machine models offer the ability to synchronize picked envelopes or volumes with a moment, remote NAS that help the point of confinement.

Disaster Protected Storage: As its name proposes, failure guaranteed limit — which can come as DAS or NAS — is established against the kind of calamities that would have demolished efficiently unprotected information. For instance, ioSafe says its catastrophe secured restrict machines can withstand fire for up to 30 minutes and aggregate submersion in water for a hugely long time (Lewis, 2010).

Online Storage: While it may seem, by all accounts, to be natural to bulge all internet stockpiling into a comparable arrangement, there are genuinely two specific sorts of offerings. A couple, for instance, Amazon Simple Storage Service (S3), fill in as the cloud kind of breaking point gadgets for the Amazon Elastic Cloud Compute compose. By then there’s the electronic accumulating anticipated that would enable customers and relationship to store or move down information in the cloud. For this firm, the cost is not very important therefore the company can put all the efforts in data security (Mell & France, 2011). The most secure data backups can be made in servers whose access is restricted, and precaution needed to ensure that the data couldn’t be altered on-site or off-site. The server could be connected to other three servers with the same disk space. The servers aces could be restricted to designated users only to access it at given time. Another manual backup using disks and external hard drive can complement the servers. This will make the data available for usage.

Conclusion

The network security is very important to an organization. Data and network need to be secured in order to have data that is not altered neither altered. Every network must be protected from the man in the middle attack and other associated attacks using network systems such as IPS and IDS. When these software are applied (Krogh, 2009) the network remains safe from external attacks.

References

Krogh, Peter. (2009). The DAM Book: Digital Asset Management for Photographers, 2nd edition. O’Reilly Media.

Lewis, Grace. (2010). Basics Of Cloud Computing. Software Engineering Institute, Carnegie Mellon University. http://www.sei.cmu.edu/library/abstracts/whitepapers/cloudcomputingbasics.cfm

Hintzbergen, J., Hintzbergen, K., & Smulders, A. (2010). Foundations of Information Security. Zaltbommel: Van Haren Pub.

Roessing, R. (2010). The business model for information security. Rolling Meadows, IL: ISACA.

Stefanek, G. (2002). Information security best practices. Boston [Mass.]: Butterworth-Heinemann.

Tipton, H. (2008). Information Security Management Handbook. Hoboken: Taylor & Francis Ltd.

Mell, Peter, and France, Timothy. (2011) The NIST Definition of Cloud Computing (NIST SP 800-145).