BACKGROUND
Omega Research is a rapidly growing research and consulting firm. They have a single mainoffice located in Reston, VA and three small branch offices located in San Diego, CA, Salem,OR, and Kansas City, MO. Omega is not currently involved in e-commerce or business-tobusiness relationships.
Two weeks ago, Omega experienced a significant loss of proprietary data (estimated value$550,000.00) that was stored electronically in an Oracle database in their main office inReston. The data was unrecoverable and backups were not being routinely maintained, so norestoration was possible. Although he has no hard evidence, Omegas CTO believes that theloss resulted from deliberate deletion of files by a systems administrator from the Kansas City office that had been let go several weeks prior to the loss. Needless to say, theCTO has been tasked to get things under control.
You have been hired as a consultant to develop a comprehensive plan for improving thecompanys recovery posture in order to prevent future outage of Omegas critical systems and network resources. Your guidance and observations willeventually be used to develop a long-term procedural and policy solution for Omega Research.The CTO has stepped up to the plate and made the commitment to do whatever it takes toaddress these issues.
.0/msohtmlclip1/01/clip_image002.gif”>
Baseline Network Infrastructure
· Omega leverages AT&T Managed Internet Services for each of its office locations.
· Omega owns and manages the border routers for each of their office sites.
· Offices in Reston, San Diego, and Kansas City receive full T-1 service.
· Offices in Salem receive 256k F-T1 circuit service.
Systems
Business processes provided by AIX Environment
Financial
Reporting
Data Warehouse
LAN
Vendor
Services
Address
Phone
Contacts
IBM
Tape Library
TSM Server
522 South Rd
Poughkeepsie, NY 12601
214 451-7747
Steve Barretta
SunGard
Recovery services for server environment
401 N Broad St.
Philadelphia, PA
877 456-3966
215 351-1300
q Don Meltin (Test Coord.)
q Jack Fabrianni (Acct. Rep)
q Lincoln Balducci (Resource Coord.)
BASELINE ARCHITECTURE
Local Area Architecture (Reston Office)
.0/msohtmlclip1/01/clip_image004.jpg”>
AIX Environment
.0/msohtmlclip1/01/clip_image006.gif”>
· Perimeter protection provided by screening router. Configured for dynamic packetfiltering using reflexive Access Control Lists (ACLs).
· Remote access is provided to employees while at home or on travel through PPTP VPN,and, dial-up RAS offered by a Microsoft Windows NT 4.0 Server ®.
· All servers in the Reston office have been centrally located to a data center.
o The Reston data center supports a 5-keypunch combination lock that isrequired to have access to the room. That combination is shared with all ITpersonnel and is infrequently rotated.
o The data center is controlled for humidity through HVAC purification.
o The data center is controlled for temperature with isolated HVAC services.
o The data center is not on a raised floor to control static electricity.
o The data center does not have a site-wide UPS. Each server and networkequipment supports their own mini-UPS.
· Internal Omega E-mail is supported by a Microsoft Exchange ® 2000 mail server runningon a Microsoft Windows ® 2000 Server. Omega has installed an SMTP mail gateway tosupport Internet mail exchange.
· Omega is the registered owner of.com/”>omegaresearch.com and maintains a DNS Server atthe Reston facility for name resolution supporting Omega users and to allow Internetaccess to publicly accessible information (web and e-mail).
· Web hosting services are provided on a Microsoft Windows ® 2000 Server runningInternet Information Services (IIS).
· X.500 directory services are available through Active Directory although theirimplementation is relatively immature they are operating in a mixed environment.
· Server and client o/s environments have not been routinely patched.
· Reston office printers are all network connected.
· The IT Department is responsible for management of the networks and networkedresources at the Reston facility. They manage more than 170 workstations and 6servers performing the functions previously described.
· Client machines consist of Microsoft Windows ® 95, 98, NT Workstation 4.0, 2000, andXP. Mac operating systems include OS/8 and OS-X, Panther.
· Productivity applications have not been standardized. Some user communities enjoy Corel OfficeSuite ® while others appreciate Microsoft Office ®. There are variouseditions of these packages installed on client machines.
BASELINE ARCHITECTURE
Local Area Architecture (San Diego Office)
.0/msohtmlclip1/01/clip_image008.jpg”>
· The San Diego is essentially a mirror of the network architecture provided at theReston facility.
· Differences:
o San Diego does not host a web server.
o San Diego does not support VPN or RAS connections.
o There are fewer employees working out of the west coast office. The local IT staff consists of one engineer who manages all networks and networkedresources within the San Diego office.
o There are less than 50 client machines in San Diego with similar configurationsas the main office.
o All servers have been located in a spare office in San Diego.
· There is not a controlled access restriction like in the main center.
· The office is not controlled for temperature, humidity, or static.
· There are no redundant power supplies.
BASELINE ARCHITECTURE
Local Area Architecture (Salem Office)
.0/msohtmlclip1/01/clip_image010.jpg”>
· Salem is a small site with only 30 workstations configured in much the same way as therest of the company.
· Sale supports a single combined shared file and print server hosted on a Microsoft Windows ® NT 4.0 Server.
· Mail services are obtained through the San Diego office, using mailboxes set up on theSan Diego Exchange Server.
· There are no publicly available networked resources at the Salem office.
· Remote access to Salems infrastructure is provided to mobile and home employeesusing VPN client to gateway connectivity.
· Salem has an IT staff of one engineer that manages all networks and networkedresources at this site.
· All servers have been located in a spare office in San Diego.
· There is not a controlled access restriction like in the main center.
· The office is not controlled for temperature, humidity, or static.
· There are no redundant power supplies.