ITIE533/ITWE433/CPL313 - Network SecurityNetwork Security Infrastructure and Policy for First Fix AsiaSubmitted by:Fernandez, Izza A.Figeuroa, Raed A.Maniquiz, Robert Anthony P.Morales, Ronnel Renz D.Ong, Pierre Anthony M.Date of Submitted:April 12, 2014TABLE OF CONTENTSPurpose of Plan 3Background of the Problem 3Project Team 3Existing Infrastructure 4Technical DetailsServer Specification 5Network Devices 5Workstation Specification 6Firewall Configuration 6Network Policy 7Proposed DesignNetwork Infrastructure 1.0 8Technical DetailsBill of Materials 2.1 8Server Specification 2.1.1 9Network Devices 2.1.2 9Workstation Specification 2.1.3 9Summary of Network Equipment 9Network Configuration Setup 2.2 10Proposed Policies 3.0 11Acceptance Use Policy 3.1 11Incident Management 3.2 14Email Policy 3.3 16Internet Using Policy 3.4 17Remote Access Tools Usage Policy 3.5 18A. INTRODUCTIONPurpose of PlanFirst Fix Asia - a BPO company - provides managed services and solutions. FFA services arevaluable in establishing high level client relationship, fostering process improvement, and addingorganizational value which is pertinent to enhancing worldwide business performance.Background of the ProjectFirst Fix Asia are experiencing problem with their firewall due to the expiration which they are using. This Proposal tends to improve the security of their network coming from the outside of the network.Project Team
SERVICE PROVIDER REGISTER
Figueroa, Raed A.
Fernandez, Izza A.
Project Team Member - Pre-Sales Engineer
Maniquiz, Robert Anthony P.
Project Team Member - Product Specialist
Ong, Pierre Anthony M.
Project Team Member -
Network Security Engineer
Morales, Ronnel Renz D.
Project Team Member - Process Analyst
B. EXISTING INFRASTRUCTUREFigure 1: Existing Network InfrastructureThis is the network diagram of First Fix Asia (FFA) Incorporated. The company has two offices: the main office, which is located at Makati and a remote office which is located at Calamba Laguna.Their connection to the internet is a Metro E Line local loop, with PLDT iGate as their internet gateway.Astaro ASG425 is the firewall used by the company. It should be responsible on blocking intrusion attacks and filtering or limiting internet access. Unfortunately their license was expired 6 months ago and currently user can access any sites and no assurance that the network is protected against outside attacks.The company has 3 servers on the DMZ: A web IIS server that publishes their official website; Zimbra mail server that serves as the official email communication system ofthe organization and Trixbox IP PBX server that function as the telephone system of the company.Since they are using an IP Based telephone system, IP Phones...