POLICE HEADQUARTERS IT
PROPOSAL Topics covered in proposal: Server Personal Computers Network Personal training
The Outline of the Headquarters
IT devices in the police headquarters: 65 IP telephones 29 IP printers 78 computers 2 servers
Server Hardware
It is a matter of note that the Server may be among the most important element of any computer network.
Our Server has to:
Data Storage (15TB Raid Supported)• Mostly for digital Evidence & Virtual machine backup.
• Also hosting sensitive files & logs from the workstations.
Software Hosting • In addition to raw data storage capacity our server must be able to reliably host and run a few key Software applications.
Software Hosting
Connectivity Software
Mobility XE“Mobility XE® is mobile VPN software that boosts the productivity of your workers in the field and gives your business the security and management you need for all of your mobile field mobile devices.” www.netmotionwireless.com/mobility-xe.aspx
Dispatch Software
DispatchNow Mobile“Tiburon’s DispatchNow Mobile is a robust solution for sharing immediate and accurate information between the dispatch center and the field. DispatchNow Mobile utilizes an innovative map-driven user interface to deliver essential information quickly and efficiently.”www.tiburoninc.com/Products/DispatchNow/DispatchNowMobile.aspx
Software hosting
Physical Virtualized
Support legacy
software
More fault tolerances
Live migrate
Simpler Setup
Run faster
We believe that these systems can be made to run most reliably in a virtualized environment on the Server.
Server HardwareTo fulfill theses needs we have selected Dell the dell owing to Dell's history of solid hardware & support.
Hardware Specifications of Dell PowerEdge R520:
Server price: $15,392.00
http://web.nmsu.edu/~kennya/ICT435/Server_preposal.html
Chassis Configuration 3.5" Chassis with up to 8 Hard Drives
ProcessorIntel Xeon E5-2450 2.10GHz, 20M Cache, 8.0GT/s QPI, Turbo, 8C, 95W, Max Mem 1600MHz
Additional Processor No Additional Processor
Memory Configuration Type
Performance Optimized
Memory DIMM Type and Speed
1600 MHz RDIMMS
Memory Capacity 2GB RDIMM, 1600 MT/s, Standard Volt, Single Rank, x8 Data Width
Operating SystemRed Hat Enterprise Linux 6.2,Factory Install,x64,Req Lic&Sub Selection
LicensesRed Hat Enterprise Linux,1-2SKT,3yr Subscription&License,1 virtual guest
OS Media kits No Media Required
RAID Configuration RAID 5 for H710P/H710/H310 (3-8 HDDs)
RAID Controller PERC H710 Integrated RAID Controller, 512MB NV Cache
Hard Drives 3TB 7.2K RPM Near-Line SAS 6Gbps 3.5in Hot-plug Hard Drive
Embedded Systems Management
Basic Management
PCIe Riser Risers with up to 4, 3x8 PCIe Slots + 1x16 PCIe Slots
Add-in Network Adapter Broadcom 5720 DP 1Gb Network Interface Card
Add-in Network Adapter On-Board Dual Gigabit Network Adapter
Power Supply Single, Hot-plug DC Power Supply (1+0), 1100W
Power CordsNEMA 5-15P to C13 Wall Plug, 125 Volt, 15 AMP, 10 Feet (3m), Power Cord
System Documentation Electronic System Documentation and OpenManage DVD Kit for R520
Virtualization Software Citrix XenServer 6.x (DIB)
Virtualization Licenses and Subscriptions
Citrix XenServer Enterprise Edition 3Yr Subscription Advantage
Hardware Support Services
3 Year ProSupport and NBD On-site Service
Proposed Workstations
While the Server may be the most important element of this computer network, the workstations are where the real day-to-day work takes place.
We have identified a few basic needs for the workstations
INTERCHANGEABILITY UPGRADABILITY
Owing to the logistical and technical issues that result from managing a mishmash of different hardware & software. We have decided that if we are to start ‘cold turkey’ that it would be best if all our systems were as identical to each other as possible. Such homogeneity would facilitate a quick and cheap recovery in the event of a serious problem either in software or in hardware (Due to recovery & reuse of interchangeable parts).
In order to meet a diversity of needs both now and in the next handful of years it is necessary that any generic system selected have the capacity to be upgraded.
Proposed Hardware
To fulfill theses needs we have selected the Dell Precision T1650 as our base system.
Dell Precision T1650:
Proposed Workstations Hardware specifications:
To the right are the base System Hardware specificationsWe expect the base system to cost around:
$708.00
For more advanced user system requirement we intend to simply upgrade theses machines in order to maintain the level of uniformity necessary to meet our goal of interchangeability.
Processor3rd Gen Intel Core i3-3220 Processor (Dual Core, 3.30GHz 3MB, w/HD2500 Graphics)
Operating System
Windows 7 Professional, No Media, 64-bit, English
Dell Precision T1650
Dell Precision T1650, Standard Base
Power Supplies 275W Power Supply, 65 Percent
Memory2GB, DDR3 UDIMM Memory, 1600MHz, Non-ECC (1DIMM)
Graphics Intel Integrated HD GraphicsHard Drive Configuration
C1 SATA 3.5 Inch, 1 Hard Drive
Boot Hard Drive
250GB, 7200 RPM 3.5" SATA 6Gb/s Hard Drive
DVD and Read-Write Devices
16X DVD-ROM, SATA
Network Adapter
Integrated PCIE 10/100/1000
Monitor Dell E2011H 20 Inch Flat Panel DisplaySpeakers No Speaker optionChassis Intrusion Switch
None
Port Adapter None
KeyboardDell USB Entry Business Keyboard, English
Mouse Dell MS111 USB Optical MouseProductivity Software
Microsoft Office 2010 Pro
Security Software
None
Proposed Workstations Software:
No computer does anyone any good without software, as such no statement on workstations can be said to be compete without discussing some of the Standard software that each station will come equipped with.
Java
Oracle’s Java platform has become a standard for modern software applications both on the web(Java Script) and on system applications. It is therefore logical to include Java on all systems as Standard.
Adobe Reader
Adobe PDF is an extremely popular document format and while there are other applications capable of displaying Adobe’s PDF format more securely and quickly Adobe’s own reader is still the standard. We have therefore decided to stick to the standard.
Adobe Flash Player
While much of the web post IPhone boom has been moving away from flash based applications the number of Flash based websites is still quite significant and therefore Adobe Flash player is still a requirement. We have opted to include this application despite its security issues due to the need for functionality and compatibility.
Firefox web browser
Firefox is one of the most popular web browsers in uses today and is much more frequently updated (and therefore secure) than the default Window’s web browser Internet explorer. Given the number of web based application that the Sheriff’s office must employ on a regular basis we feel Firefox is a good pick as safe standard browser to meet their needs.
Microsoft Office 2010 Professional
It is difficult to find an office environments without an office productivity software suite. (Be it Microsoft Office, or Apache OpenOffice.) The sheriff’s department is no exception to this rule. So to fulfill the sheriff’s department's productivity software needs we have selected the popular Microsoft Office 2010 professional.
Proposed Workstations Software:
The standard software needed on the workstations are comparable with most business computers:
Java
Adobe Reader
Adobe Flash Player
Firefox web browser
Microsoft Office 2010 Professional
Specialized Applications
Specialized applications individual Officers may require will have to be installed on each users workstation by the Information Technology staff on a case by case basis.
IP Addresses
Setting up a private address scheme:
Decided on a Class B address scheme: 172.16.0.1-172.31.255.254 /12
This will provide IP addresses needed for all the subnets, and leave room for additional addresses.
VLSM will be used to preserve IP addresses
Subnetting
Groups are separated by function. The groups are:
Printers: 172.16.1.0-172.16.1.63 /26 62 hosts
Phones: 172.16.0.0-172.16.0.127 /35 126 hosts
Administrative: 172.16.128-172.16.159 /27 30 hosts
Non-administrative (general): 172.16.0.128-172.16.0.255 /25 126 hosts
Server/video camera:172.16.1.64-172.16.1.127 /26 62 hosts
Network Hardware
Requirements of hardware:
ACL capability Subnet configuration Trunking capability for multiple switches DMZ capability to protect servers
Router
Cisco 3925E Integrated Service Router :
Capable of handling all subnetting and VLSM required.
Can make virtual DMZ for servers.
Switches
Cisco SGE2010 48-port gigabyte switch:
Six would be used with VTP POE capable for IP phones Fast enough to handle load, and VLAN
capable
Sensitive Digital Storage
All sensitive, classified, case, personnel, and administrative files will be stored on the server in a system of encrypted directory shared individually to only select password protected personnel user accounts. Access to these files will be granted on an individual & group (such as rank, division, ect.) basis by department management on a need to know basis.
Active Directory
We can set permissions on a user basis or a computer basis. We can control what server drives computers are mapped to base on the OU they’re in. However file permissions may be our biggest use for this technology.
Administrator Accounts
• No administrator accounts for non-IT users. This will prevent employees from installing any non approved software.• Where necessary we could modify minor account rights.• The primary focus here is to prohibit the instillation of non-work related software on work systems.• Possibly prevent viruses or Trojans from getting into the network.
System Log Forwarding
All Workstations will be configured to forward a copy of their logs to the server for archiving.
We believe this measure will provide us with a far more secure record of what was done on each workstation for review in the event of an incident.
Network Firewall Logging
Firewall will be implemented at the network edge to help protect the internal network from external threats.
All incoming network traffic will logged for review of an incident.
As with the workstation logs, these logs will be stored on the server
Employee Training
It can be said without reservation that people are the most important part of any operation. That policy’s regarding the utilization of people is as such the cornerstone of any organized operation be it a fortune 500 company or a simple sheriffs department.
Trojan Detection
Show them what screens should look like if Windows or the Anti-virus detects something. Grayed-out secure desktop, pop-up from the
legitimate anti-virus. Everything else should be determined as a
trojan. Nothing should be clicked on until IT support
looks at it.
Email Safety
If you receive an email from an unknown address: Do not open any attachment or click any links. Do not send any information back. Verify the address with your supervisor or with
IT before doing anything.
Flash Drive Safety
Scan flash drives for viruses before opening anything on the flash drive.
It does not take that much time. By doing so you can root out some basic
viruses. Autoruns will be disabled be default.
Social Media Safety
Do not use social media sites while at work. Be careful what information you share while at home.
The information you share can used to attack you and the office
Even if you share with those that are friends or family. Accounts can be hacked and personal details shared can
be used to aid hackers in compromising other systems.
File Securty
Get approval from your supervisor before taking copies of any work files home.
Files deemed as evidence are monitored and all activity is logged.
All file transfers from computers are also monitored and all activity is logged.
Password Security Strong passwords will be required
It is recommended that you follow Microsoft’s guide lines in creating your password.
http://www.microsoft.com/security/online-privacy/passwords-create.aspx
Keep your password safe and secure at all times. Do not share your password. Anything done under your name on the network
is your responsibly and you will be held liable if anything occurs under your login.