Chapter Scenario: Market Florist
Market Florist is an Internet-based floral delivery company that allows customers to purchase floral arrangements over the Internet and have them delivered anywhere in North America. You have been called in as a security consultant to design an authentication strategy for the Market Florist internal network that will ensure that user credentials are protected during the authentication process.
The Existing Network
Market Florist's head office is in Seattle, the Canadian office is in Winnipeg, and the Mexican office is in Monterrey. Market Florist's marketing department is in San Francisco.
Figure 3.1 shows the network links among Market Florist's four offices.
Figure 3.1 The Market Florist Wide Area Network
Market Florist Active Directory Design
Market Florist's Active Directory directory service design is comprised of three separate domains: marketflorist.tld, ca.marketflorist.tld, and mx.marketflorist.tld. The Seattle and San Francisco sites authenticate in the marketflorist.tld domain and the Winnipeg and Monterrey sites authenticate with their country's subdomain, as shown in Figure 3.2.
Figure 3.2 The Market Florist Active Directory structure
Market Florist Server Configuration
Market Florist has Windows 2000 servers distributed across its network as shown in Table 3.1.
Table 3.1 Windows 2000 Servers in the Market Florist Network
| Location | Windows 2000 Servers |
|---|---|
| Seattle | Three Windows 2000 DCs for the marketflorist.tld domain. Two of the DCs are configured as Active Directory–integrated Windows 2000 DNS servers hosting the marketflorist.tld DNS zone. Two of the Windows 2000 DCs are configured as global catalog servers. One Windows 2000 member server configured as a WINS server. |
| San Francisco | Two Windows 2000 DCs for marketflorist.tld. One of the Windows 2000 DCs is configured as a global catalog server. |
| Winnipeg | Three Windows 2000 DCs for the ca.marketflorist.tld domain. One of the DCS is configured as an Active Directory–integrated Windows 2000 DNS servers hosting the ca.marketflorist.tld zone. |
| Monterrey | Two Windows 2000 DCs for the mx.marketflorist.tld domain. One of the DCS is configured as an Active Directory–integrated Windows 2000 DNS server hosting the mx.marketflorist.tld zone. |
Market Florist Client Computers
The Market Florist network uses a mix of Microsoft Windows 95, Windows NT 4.0 workstation, and Windows 2000 Professional client computers. All client computers were updated to the latest service pack version before January 1, 2000, to ensure that the Market Florist network was Year 2000 compliant.
Table 3.2 shows how the client computers are distributed across the network.
Table 3.2 Market Florist Client Computer Distribution
| Location | Client Computers |
|---|---|
| Seattle | 700 Windows 2000 Professional clients |
| San Francisco | 200 Windows 95 clients 300 Windows NT 4.0 workstations 100 Windows 2000 Professional clients |
| Winnipeg | 200 Windows NT 4.0 clients 300 Windows 2000 Professional clients |
| Monterrey | 300 Windows 95 clients 100 Windows 2000 Professional clients |
EAN: 2147483647
Pages: 172