Security Wan Lan Memo

TO: BARBARA STOOP, RIORDAN INC. CIO

FROM: ROBERT GUERRERO III

SUBJECT: INTERNET SECURITY DOCUMENTATION IN WAN

DATE: 8/16/2007

cc: Bill Gates

The Riordan Manufacturing WAN has become a sponsorship issue within the executive boardroom. After presenting the initial memorandum that addressed the importance of migrating the WAN to products that increase the functionality, throughput, and security of the WAN. The purpose of this memorandum is to thoroughly and succinctly outline the security benefits of the hardware and software migration within all the local area networks.

The changes adapted to the enterprise streamline the administrative functions of the CIO since the software and hardware infrastructures have been replaced at each office to mirror each other. Since the graphical interface is the most relevant to the employees, the software migration is the first item to discuss within the context of this memorandum.

The migration to Windows Server 2003 and Exchange 2003 from Windows Server 2000 and Exchange 2000 offers a variety of security and administrative features. The migration to Windows 2003 domain controller offers the following security features out of the box compared to Windows 2000, which required configuration.

* Administration tools now require LDAP signing which requires kerberos authentication.

* Anonymous SID translation is turned off on the default domain controller policy preventing down level (NT4 and W2K) trusting domains from browsing security principals such as user and machine accounts.

* "Everyone" group no longer includes "Anonymous Logon."

* Pre-Windows 2000 compatible group membership list additions may be required for legacy application compatibility.

As for Exchange 2003, the migration from Exchange 2000 only assists in the compliance of enacted legislation, such as the American Health Insurance Portability and Accountability Act of 1996 (HIPPA), Sarbanes-Oxley, and the Patriot Act, resounding the rule of law. The cornerstones for a secure environment are the omission of added features and outlines email security compliance through the following points.

* How and where e-mail is stored (online, offline, backups, archives)

* Client-to-Server Communication.

* Internet Communications.

* Retention Limits.

* Supported Client Configurations.

* Supported server configurations.

* Logging, tracking, and auditing.

* Disabled services like NNTP, POP3, and IMAP4

* Secure Email through configuring IPSEC, SSL, TLS, VPN.

All these advantages provided by Exchange 2003 grant the safety net required for a CIO to enable/disable the appropriate policies to maintain the integrity of the software infrastructure. Coupled with Windows Server 2003 and XP professional on the workstations, the software migration complements the hardware migration by strengthening the implementation of Cisco Catatyst 4500 Series Supervisor Engine.

The Cisco Catalyst 4500 Series switch is ideal for enterprises and medium-sized businesses that require secure, high performance with maximum uptime in the LAN access layer. The engine includes