Company XYZ has over 400 employees in four different offices across the globe. T

Question

Company XYZ has over 400 employees in four different offices across the globe. The company has branches in Paris, Tokyo, and New York and its headquarters are in Los Angeles.
Design a network that connects the four offices of XYZ by wide area links. The company has users in three different departments, each of which has different security and resource requirements. However, each of the physical offices has some users from each department.
The financial department maintains personal and financial information that only authorized financial department employees may access. Other users should not be able to access this information. The human resources (HR) department maintains records of the employees in the company. Each employee should be able to view his or her personal information but not the information of any other employee. Those who work in the HR department should be able to access the relevant employee data necessary for them to do their job. The marketing department maintains a database of products and marketing campaign information. All employees of the company should have access to this information, but no one outside of the company should have this right.
Submit a written report that includes responses to the following questions:
•What type of network design would be the most appropriate for XYZ? Why?
•How can you organize users for security purposes?

Explanation / Answer

ANSWER:

For the organization as listed in the problem a hybrid network will be considered the best. Consider setting up the hybridized network using a directory control structure with centralized application via client/server setup.You can combine Citrix with Microsoft's Active directory for managing one and all from a central location.

This will allow all the employees in the organization to access the application library from any of the location, this wont restrict them to their own system. Also, this will help in implementing access control by defining different security zones and restricting access only to authorized individuals.

We will need to define organizational units, which will act as a virtual block built inside the directory structure, which will define what users can access on to the network. Here different policies can be defined for applications and OS to function.

For Example, If we consider the whole organization as one Organizational unit, each employee within the organization will be able to check his/her details but not for others. Similary within the organization their will be various sub-organizational units like HR, Finance, Marketing, etc. Hence, the access and security will be separately defined for sub-organizational units and also they will inherit the properties of the parent Organizational unit.
Hence, managing various applications within such a vast geography will be time and cost consuming. Providing a cost and time effetive solution - a hybrid network will be the most optimal for the given situation.

The setup can use Multiprotocol Label Switching Services which will be encryption enabled and use Quality of Service(QoS) to meet your traffic.
Use IPv6 Gigabit connection between firewall and MPLS.
Create a Backup/Mirrored Site for Business Continuity and Disaster Recovery in case of Disaster.
Restrict the access to critical data/sharepoints as per business needs.

Related Questions

Navigate

• Browse (All)
• Browse C
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.