Fabrikam Inc. is a defense contractor that develops weapon solutions for the U.S. military. The head office is in Washington, D.C., and research offices are in New York and San Francisco. Manufacturing plants are in Detroit and Albuquerque, and warehouses are in Houston and Miami. The company's various locations are illustrated in Figure 11.1.
Figure 11.1 Fabrikam locations
Fabrikam has implemented a single domain model for their Microsoft Windows 2000 domain and is using corp.fabrikam.tld as their forest root domain. Each location is defined as a separate site and is connected to the head office in Washington with a 1.544 megabit-per-second (Mbps) link.
The Fabrikam network is in the process of migrating all computers to Windows 2000. Currently only the Washington and San Francisco sites have completed the migration. Table 11.1 shows the progress of the upgrade at the other Fabrikam sites.
Table 11.1 Fabrikam's Client Operating Systems
Location | Client Operating Systems |
---|---|
Albuquerque | 200 Windows 98–based clients 300 Windows NT 4.0–based clients 500 Windows 2000–based clients |
Houston | 35 Windows 95–based clients 250 Windows NT 4.0–based clients 100 Windows 2000–based clients |
Miami | 50 Windows 98–based clients 500 Windows 2000–based clients |
Detroit | 400 Windows 98–based clients 100 Windows NT 4.0–based clients 500 Windows 2000–based clients |
New York | 350 Windows NT 4.0–based clients 300 Windows 2000–based clients |
At each location the operating systems have been well maintained. The latest service packs and critical updates are applied to all client computers within one month of their release.
The Department of Defense requires all contracting organizations to submit their bids for contracts using a Web–based system. To access the bidding system, the bidding agent for Fabrikam connects to the Department of Defense Web site and submits all proposals.
To ensure security, the Defense Department requires the bidding agent for each company to log on to its Web site by providing a user name and password. The Web site is configured to support any browser that supports Secure Sockets Layer (SSL) v3. Due to the nature of these projects, the Defense Department requires that the maximum level of security be applied.
Once a bid is submitted, the Defense Department requires that a price quote be e-mailed from the winning contractor. The e-mail must be protected to ensure that the pricing information hasn't been modified and that the contents aren't viewable during transmission over the Internet.
Fabrikam is currently working on two unrelated projects with the Defense Department. The first project, involving an advanced radar system, is a joint project among the Washington, Albuquerque, Miami, and New York offices. The second project, involving a new sonar system for submarines, is a joint project among the Washington, San Francisco, Houston, and Detroit offices and another company named A. Datum Corporation.
The Radar System project stores all data for the project on a server located at the New York office. Fabrikam wants to ensure that only members of the project team can connect to the project server (named HELIOS) and that the client and server are mutually authenticated.
This project requires that detailed specifications be e-mailed among project members. Recently an e-mail was sent to the Defense Department by a former staff member masquerading as another staff member still on the project team. To prevent forged e-mails, Fabrikam wants to ensure that e-mails originate from the indicated source address.
The Sonar System Project
Due to the nature of the Sonar System project, the highest level of security is required. The following components are part of the required security design: