Security Architecture
Essay by 24 • January 4, 2011 • 1,677 Words (7 Pages) • 1,378 Views
MessyZebra.com
Security Architecture
Overview
MessyZebra is an new on line store that sells quality clothing apparel embroidered with the MessyZebra logo sold at low prices. MessyZebra is a small start up company that currently employs 20 employees but are looking to expand our operations in the next couple of years. Our office and warehouse is located in Glenview, Illinois. The team consists of Rick the owner, Steve the web master/network administrator, 5 customer relation specialists, and 13 order specialists. There will be a total of 20 desktops located inside the office as well as 2 laptops, 1 server, and 1 firewall. VOIP connected to a PBX will be used to answer phone calls.
A offsite server for the website and shop powered with OSCommerce will be hosted by Netfirms.com. At any time any employees can access the sites transactions, inventory, and files via Netfirms.com. Employees are restricted from accessing the other areas. Off site hosting will allow 24-7 monitoring, processing of credit cards, E-commerce software, all necessary bandwidth, e-mail server, and file server while saving the company time, money, and resources. In the future as MessyZebra grows, we will be able to expand our server and host our own files. The server will currently be used for backup of files and to hold records of orders processed but can be upgraded when needed.
The company laptops will be configured to use VPN or use Logmein.com as the remote connection depending on the need. Logmein.com allows the company to total control of whom and when another computer should use our network and ensures encryption. Due to MessyZebra size and current resources most of the operations will be done off site and outsourced. All computers will be locked down and double layered to fully enforce security. We will host training no less than 3 times a year on security and e-commerce.
Fig. 1
Office Security Layout
At our main office we have 20 Dell desktops. All desktops are installed with anti-virus, firewall, and IDS security software that are set to update automatically and will be checked weekly. All desktops are connected by a hardwire connection that is routed to the Watchguard Firebox router. Also connected on the same network is the PowerEdge 840 server, PBX, printer, and VOIP phone setup. All products will be connected to a Belkin UPS. 2 laptops will be kept in office and can be connected to the WAP encrypted network.
Fig.2
Off site Security
All main files will be hosted off site with Netfirms.com who will secure our site 24-7 as well as ensure minimal downtime. Webpages and files will be available via password protected FTP. Each directory has a separate password. For temporary employees who need access a one time password can be enabled. A unlimited mail server will allow all employees to have own e-mail address that can be connected via POP3 and monitored via administration rights. E-commerce will be custom set up for MessyZebra's design. All credit card transactions will be check by Authorize.net to prevent fraud.
Remote Security
We will have the option of VPN or logmein.com VPN will be used for trusted employees one the network only allowing tracking and rules. MessyZebra has a lot of temporary,freelanced, and outsourced employees. Logmein allows temporary entrance into the network yet having control of what comes in and when from anywhere. It will allow remote printing, file sharing, and file sync if necessary over a 256-bit SSL encryption. Employees will also have the option of using this service if given permission.
Security Products Used
Company Firewall/Router:
WatchGuard Firebox X55e
http://www.watchguard.com/products/x55e-w.asp
Price: $980 including a year of LiveSecurity Service
About: Watchguard features the Unified Threat Management. Everything MessyZebra needs for robust, multi-layered security, including expert guidance and support, and bundled in one convenient package for streamlined setup and ongoing maintenance. Includes Firewall/VPN, Zero Day attack protection, Anti-virus, Anti-spyware, Intrusion prevention, URL filtering, and more.
Fit: Watchguard is a great investment for MessyZebra. The Firebox will help secure the network from unwanted attacks by adding a second layer of security. It adds virus, spy ware, and intruder protection on the network level with LiveSecurity. By configuring it to work with the software protection should help defer intruders from breaking in. This product allows no need to handle multiple POs, multiple policies, multiple configurations, or work with multiple vendors.
Company server:
PowerEdge 840
Price: $600
About: allows you to share files and resources, work remotely and secure data. You can focus your valuable time and energy on your business' goals and objectives, rather than the technology that sustains it.
Fit: A centralized server for keeping back up of all files. It will be used for keeping internal orders to be tracked and analyzed. All files will be encrypted and unnecessary files will be kept on tape disks. We will be able to track employees network use.
External Host
Netfirms server
Price: $460/yr
About: With revolutionary technology available only at Netfirms, you can run both Linux and Windows applications at the same time, on the same websites. .NET applications are executed natively on a Windows (Server 2003 R2) clustered server grid. Open Source applications (coded in PHP, Ruby, Python, etc.) are executed on a Linux server grid. You manage both platforms through a single control panel, FTP or SSH account. Say goodbye to downtime from an overloaded server. All traffic is load-balanced over multiple clustered servers. Separate server grids are tasked to HTML processing, database processing and file storage. Networks are built with integrated triple redundancy. In other words, the websites are always up, always fast. Allows unlimited databases with remote connection support. Even has trending reports created based on items and reviews sold at MessyZebra.
Fit: With
...
...