(Sample)
Home Office Review: ScheduleMaker
Etaoin Shrdlu
Oct. 1, 2000
The ScheduleMaker home office network is an excellent example of a business that is operated out of a home. It is comprised of a broadband network connection, a filtering switch/router, and various computers that provide service and support to the ScheduleMaker enterprise. There are approximately eight computers, and four printers on this network. The enterprise exists to support the ScheduleMaker product and consulting services of Ann Maybury, and her employees.
The network is currently at the correct level of security awareness for the ScheduleMaker enterprise. It makes use of a filtering router, which provides network access from the DSL connection to the rest of the network. It may need to be replaced in the future with a firewall such as Sonicwall, but is currently sufficient for the security profile presented by ScheduleMaker.
The review for the home office network was requested to evaluate the security of the current network setup. The network now in place had already been upgraded to match previous suggestions of the evaluator. This review is meant to determine whether the network should be upgraded to a higher level of security, or if the network changes now in place are sufficient.
The audit was comprised of a physical inspection of the network, and a brief examination of the network from an external source, using a well-known scanning tool.
ScheduleMaker is a small business whose purpose is to sell and support the software package ScheduleMaker. It is used to assist in project management, and unifies cost and schedule while providing real time management alerts. The impact of a compromised or damaged network would seriously harm the long-term propects of the current business.
The network is comprised of a DSL connection provided by Earthlink, which connects to a Netgear Rt311 Gateway/Router. This provides network connections to the local DHCP server, which then private network addresses to the machines that comprise the home office network. This network is composed entirely of IBM Compatible computers using various Microsoft operating systems. At least two of these systems are laptops which also are used for travel and presentation purposes.
The inner network is not of concern for this evaluation. Ann Maybury's concern was to ensure that her network was reasonably safe from external compromise, while providing the speed and comfort that broadband communications are expected to offer.
A physical inspection of the network matches quite closely with the modified network map provided by Ann Maybury, above. The current hardware provides excellent filtering from external connections, and internal addresses are all private, non-routable addresses provided by the DHCP server using Network Address Translation (NAT), such that they appear to the outside world as a valid address, and yet are not truly reachable due to the non-routing nature of the address range being used.
The only concerns with the internal network are as follows:
An external scan of the network was performed, which demonstrated that the Netgear gateway was performing its functions correctly. All ports that are visible to the outside world are still filtered, and there are no ports offering ingress to the ScheduleMaker network.
This would contain the scan of the ScheduleMaker network.
Last modified: Sat Oct 30 22:57:47 PDT 2004