Chapter Scenario: Fabrikam Inc.

Fabrikam Inc. is a defense contractor that develops weapon solutions for the U.S. military. The head office is in Washington, D.C., and research offices are in New York and San Francisco. Manufacturing plants are in Detroit and Albuquerque, and warehouses are in Houston and Miami. The company's various locations are illustrated in Figure 11.1.

click to view at full size.

Figure 11.1 Fabrikam locations

Fabrikam has implemented a single domain model for their Microsoft Windows 2000 domain and is using corp.fabrikam.tld as their forest root domain. Each location is defined as a separate site and is connected to the head office in Washington with a 1.544 megabit-per-second (Mbps) link.

Client Operating Systems

The Fabrikam network is in the process of migrating all computers to Windows 2000. Currently only the Washington and San Francisco sites have completed the migration. Table 11.1 shows the progress of the upgrade at the other Fabrikam sites.

Table 11.1 Fabrikam's Client Operating Systems

Location Client Operating Systems
Albuquerque 200 Windows 98–based clients

300 Windows NT 4.0–based clients

500 Windows 2000–based clients

Houston 35 Windows 95–based clients

250 Windows NT 4.0–based clients

100 Windows 2000–based clients

Miami 50 Windows 98–based clients

500 Windows 2000–based clients

Detroit 400 Windows 98–based clients

100 Windows NT 4.0–based clients

500 Windows 2000–based clients

New York 350 Windows NT 4.0–based clients

300 Windows 2000–based clients

At each location the operating systems have been well maintained. The latest service packs and critical updates are applied to all client computers within one month of their release.

The Department of Defense

The Department of Defense requires all contracting organizations to submit their bids for contracts using a Web–based system. To access the bidding system, the bidding agent for Fabrikam connects to the Department of Defense Web site and submits all proposals.

To ensure security, the Defense Department requires the bidding agent for each company to log on to its Web site by providing a user name and password. The Web site is configured to support any browser that supports Secure Sockets Layer (SSL) v3. Due to the nature of these projects, the Defense Department requires that the maximum level of security be applied.

Once a bid is submitted, the Defense Department requires that a price quote be e-mailed from the winning contractor. The e-mail must be protected to ensure that the pricing information hasn't been modified and that the contents aren't viewable during transmission over the Internet.

Ongoing Projects

Fabrikam is currently working on two unrelated projects with the Defense Department. The first project, involving an advanced radar system, is a joint project among the Washington, Albuquerque, Miami, and New York offices. The second project, involving a new sonar system for submarines, is a joint project among the Washington, San Francisco, Houston, and Detroit offices and another company named A. Datum Corporation.

The Radar System Project

The Radar System project stores all data for the project on a server located at the New York office. Fabrikam wants to ensure that only members of the project team can connect to the project server (named HELIOS) and that the client and server are mutually authenticated.

This project requires that detailed specifications be e-mailed among project members. Recently an e-mail was sent to the Defense Department by a former staff member masquerading as another staff member still on the project team. To prevent forged e-mails, Fabrikam wants to ensure that e-mails originate from the indicated source address.

The Sonar System Project

Due to the nature of the Sonar System project, the highest level of security is required. The following components are part of the required security design:

  • All hours performed by A. Datum Corporation must be recorded to a Web–based time recording system located in the Fabrikam extranet.
  • E-mail containing design specifications is considered sensitive and should be protected during the transmission between Fabrikam and A. Datum Corporation. In recent weeks an attacker falsified a message from an employee at A. Datum Corporation that resulted in classified documents being published to a public location on the Fabrikam network.
  • A project server at the San Francisco office stores all data required for the project. All clients at the Washington, Houston, and Detroit offices must access the data securely and ensure that the data can't be intercepted as it's transferred across the network.

Microsoft Corporation - MCSE Training Kit (Exam 70-220. Designing Microsoft Windows 2000 Network Security)
MCSE Training Kit (Exam 70-220): Designing Microsoft Windows 2000 Network Security: Designing Microsoft(r) Windows(r) 2000 Network Security (IT-Training Kits)
ISBN: 0735611343
EAN: 2147483647
Year: 2001
Pages: 172 © 2008-2017.
If you may any questions please contact us: