Submitted by: Submitted by afchief
Views: 230
Words: 1775
Pages: 8
Category: Science and Technology
Date Submitted: 10/24/2013 06:00 PM
Course Project Week 7
Principles of Information Security and Privacy, SEC571
Clarke Cummings
Keller Graduate School of Management
John (Jack) Michalek, Professor
Summary
The purpose of this course project is to support Aircraft Solutions in identifying the most significant Information Technology (IT) security vulnerabilities they may have overlooked while not only setting up their network, but also in its design and policy enforcement procedures. Aircraft Solutions products and services are at the forefront of the industry and the protection of their intellectual property and process are very important to their continued leadership within the industry. The vulnerabilities to be discussed are the firewall configuration, the virtual environment of their hardware, and defining security policies.
Company Overview
Aircraft Solutions, located in San Diego, California, and their Defense Division located in Orange County in the city of Santa Ana, California, develop and fabricate products and services for companies in the electronic, commercial, defense and aerospace industries. Aircraft Solutions’ company strategy is to offer low cost design and computer-aided modeling packages to companies and assist them through the lifecycle of their product in an effort to save money for the consumer with the end result of increased profits for their business. (Michalek, 2013)
Vulnerabilities
Hardware Vulnerabilities
Aircraft Solutions’ main corporate offices in San Diego, California, have been identified as being potentially insecure. A security assessment was run against their network design (see Figure 1 below), software and written policies which disclosed security weakness to the company's overall information systems. The system hardware infrastructure is comprised of five servers, one switch, two routers, and one firewall which are duplicated at the Orange County facility.
Figure 1. Current Network Design (Michalek, 2013)
The firewall at...