Hello Guys,
I was asked this question when I attended an Internship interview. Hope this will be of some help and donot forget to discuss the prob and the solution. Try it out yourself.
They handed me their company's existing infrastructure diagram and asked me to design a “secure” infrastructure.
Below is a company's infraStructure. (You can find it either by clicking on the link below or typing,)
http://www.geocities.com/pvkkishorereddy/infra.JPG directly into your browser.
Company's InfraStructure
They asked me to assume that they have recently had a break-in and suffered a defacement attack of their main web-site and the destruction of their production FTP distribution server. Assuming that I am hired, what changes would I propose to their infrastructure to ensure that this doesn’t happen again.
All you need to do is find any problems with the diagram and recommend changes to the existing system & hardware to meet their needs
Because the company is leaving their currently “open” environment, they have some requirements which will need to be addressed.
Here are some more close insights on the infrastructure
The company is broken down into 8 different groups. The groups and the # of machines alloted to each group is as follows,
1. Software Development (existing software lines) – 26 Solaris, 1 PCs, 1 Mac, 1 Linux
2. Research and Development (new software and hardware ventures) – 31 Linux
3. Quality Assurance – 12 PCs
4. Network Administration – 5 Linux
5. System Administration – 8 Solaris
6. Product Sales – 15 PCs
7. Customer Support – 15 PCs
8. Financial – 8 PCs
These groups are separate entities, however they utilize a core set of resources which are common to all. The following systems are used by all groups to accomplish their tasks, some are internal only, others are publicly accessible:
1. File Services (clustered NFS file servers providing home directories, development directories and redundant storage)
2. Backup Services (2 tape backup systems)
3. E-mail Services (2 clustered Exchange servers providing redundancy)
4. Web Services (allows for registration and access to downloadable products, also hosts internal web sites for documentation, announcements, etc.)
5. FTP Services (allows for downloads of licensed and evaluation copies of software products as well as move software from development to the QA group)
6. Database services (clustered, allows storage of development and testing data as well as customer data and other important information)
------------------------------------->>>
Business Requirements:
In order for company to continue to work, they need to support the following:
1. Core services need to be available to all groups in one form or another
2. Users need to be able to reach the internal resources from the road (while visiting customers) and from home
3. Customers need to be able to communicate with the company via e-mail
4. Customers need to be able to access information on both the web server and the FTP server
5. Development groups need to be able to move software to the QA group for analysis
6. Customer support and sales needs to be able to interact with customers outside the infrastructure
7. Network and Systems Administration needs access to computers and network equipment for management
8. Financial systems are to be isolated from everyone
------------------------------------->>>
My recommendations were,
Have the FTP & database servers on a https and put a firewall and the Intrusion detection system. I know this is not enough, if anyone can think of something pls recommend.
Any help is very much appreciated.
Thanx in advance.
Kishore
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
