We help IT Professionals succeed at work.

Help with Scenario Question

You have hired as a consultant for Mia Casa Foods. They make a variety of Mexican delicacies.
They have three offices: Los Angeles, NYC, and Mexico City. Their main office is Los Angeles.
In Los Angeles, they have 1500 employees, and this is the office that has had the most problems,
New York City has 200 users, and Mexico City has 350 users. Lately they have had security
and glitches in their active directory structure. The New York and Mexico City branches are
connected via a T1, because they do not need to communicate with each other only
occasionally. The Los Angeles is connected using a T3 connection, because this connection
supports an ecommerce webpage, for facilitating product ordering for clients. In Los Angeles,
they have trouble getting on the intranet website. In addition, they have intermittent success
with updating the anti-virus software. The Los Angeles office has had hackers in their systems,
and the IT people they have few ideas on how to stop them. They are concerned the anti-virus
software maybe too dated to cope with all the problems, and they would like your
recommendation on purchasing a new software. In addition, they would like to have your
recommendation on purchasing a hardware firewall. The one they have is also dated, bought
when the company was smaller, and was not as spread out as they are now. It maybe that
they need to revise the ACL (Access Control List) to accommodate the larger user base.

Desired Outcomes:
• Fix security issues
• Allow user to have access to the intranet webpage.
• Make recommendations for firewall upgrade, and ACL.
• Make recommendations for Anti-Virus software.
• Make recommendations on how to secure individual machines.
• Make recommendations on how to add more security to the webpage.
• Fix the problems with the intranet webpage.
• Fix the issue with updating their software.
• A Visio diagram of the company the way it is now, and how you are going to fix the problems.
• Explanation of how it works.
• Estimate of time needed to complete the needed upgrades.
Watch Question

Les MooreSr. Systems Engineer
Top Expert 2008

what is your specific question? This type posting is not what this site is all about. It sounds like a homework question.
If you have specific questions, we'll be happy to help clarify,  but you have to do your own work.
Most Valuable Expert 2011
Just for kicks I'd like to comment on a couple points.  They won't be valid "homework answers".  Too often homework answers that are correct for the class don't fit the real world.

• Fix security  issues

     Fine,...once you know what they really are,...that is where the skill is and where the most time is taken up.  Too many "security measures" are born out of Voodoo, superstition, and watching too many movies.

• Allow user to have access to the intranet webpage.

     Proper Split-DNS setup

• Make  recommendations for firewall upgrade, and ACL.

     Hackers only come through the firewall in Hollywood movies and CSI & "24" style TV Shows.  In real life it almost never happens.  So the firewall would probably continue to do fine if you just clean up the sloppy config on it.   But if they want a new one I recommend MS TMG.  The term hardware firewall means nothing,...they all run on hardware and software at the same time (even firmware is still software).  There is the PC/Server format,...and there is the Appliance format,...and TMG comes in both PC and Appliance formats, pick your favorite.

• Make  recommendations for Anti-Virus software.

     Barring "my brand is better than your brand" spitting matches,...they all pretty much do the same thing,...just keep it updated.

• Make recommendations on  how to secure individual machines.

     Individual machines? You mean workstations? Clean them up,...uninstall crap that should not be on them.  The hugest security step and the most effective step is to make sure that users are never local Administrators on the machines and that they do not know the local Administrator's credentials.

     Individual machines?  Servers?   Same answer as the very first comment at the top.  Skip the VooDoo, superstition, and the over-the-top "hardening measures" that  get in the way of the business functionality more than the hackers.  No exact answer here,...that's where the skill and experience come in to play.

• Make recommendations on how to  add more security to the webpage.
• Fix the problems with the  intranet webpage.

     Requires a specialist in Web Site design,...a good web developer,...not a "general purpose" consultant. But the consultant firm may have a specialist   working for them in that area  that can be used in that.

• Fix the issue with updating their software.

     For MS products,.....WSUS
     For 3rd party packages,...that's the job of whoever they were purchased from
     Custom in-house developed packages,....that's the job of the in-house developers.
     Not the job of a general purpose consultant, but the consultant firm may have a specialist in developement working for them that can be used in that area.


Thanks for all of your assistance.  I was able to do the Visio diagram and the information that was provided I did use it as well.  Thanks again


I was able to complete the assignment including using some of the information that was provide to me