Justification by xiangpeng

VIEWS: 16 PAGES: 11

									 ePros Consulting.




Scope Statement
   Project Team
      Shanti Solai
     Praveen Nath
    Syed Ali Abbas
    Paul Kornkasem
Mohammed Fazaluddin
Aleemuddin Mohammed
                                   ePros Consulting.




1. Scope Statement:

Overview

Solai & Cameron is a small technology company of about 30 employees, which
specializes in providing Information Technology solutions to corporate, government,
education and healthcare organizations. Their core competencies lie in consulting,
wired and wireless networking, video/voice/data communication application
development, and technical support. Currently their network has very minimum, or
no security to protect against external threats, unauthorized access and intrusions.
There is no set standard consistency of hardware/software and standard operating
system in the user workstations throughout the network



a.      Justification

In order to provide a secure and efficient network environment for Solai & Cameron,
ePros will provide services to significantly improve the network performance, thus
saving the company thousands of dollars lost during downtimes and loss of data. We
will effectively secure the network with the appropriate parameters and configurations
to protect against external threats such as unauthorized access, and intrusion; thus
preventing significant downtimes which the company currently experiences. This will
allow the employees to stay productive with up to speed and provide the business
with maximum performance.

b.      Constraints

     Solai & Cameron have allotted us a budget of $10,000 to cover the cost of
     software/hardware material needed for network security & performance upgrade.
     Solai & Cameron have given us a project deadline of May 31st, 2004. With the
     budget of $10,000; we estimate that the tools needed to perform network
     diagnostics, hardware/software inventory; implementation of firewall and antivirus
     software will all cost $8,100. The remaining budget may be used in other
     hardware/software purchases to meet the requirements.
                                    ePros Consulting.


c.       Project Description

ePros will conduct a full assessment and analysis of the current network architecture
of Solai & Cameron through the means of inventory software and diagnostic tools.
This will provide a detailed software and hardware report, security audit along with
software license compliance reports. ePros will be installing a firewall behind the
router configured thoroughly to filter out all data traffic and effectively protect against
intrusions and unauthorized access, and provide the Network Administrator with an
easy interface to allow him to monitor all network traffic going in and out of the
network. We will set security parameters to alert the admin in the event of intrusion
detection so immediate action can be taken to safeguard data. Secondly, we will also
be standardizing the user workstations across the network with a standard operating
system, minimum hardware/software requirements and security policy consistent
throughout the workstations in the network to provide consistency and eliminate
conflicts. In addition we will deploy antivirus software throughout the workstations in
the network to protect against malicious programs such as viruses, worms from
getting into the network infecting other workstations, corrupting
files, and degrading network performance.


d.       Project Deliverables & Exclusions

        Conduct analysis/assessment and plan solutions.
        Secure network servers and workstations.
        Service web server and exchange server for optimum performance.
        Standardize all workstation across the network.
        Suggest equipment to purchase.
        Test environment before standardizing.
        Write security policy and maintenance manual.

Phase 1 – Assessment & Analysis
In this phase, we will be conducting a full assessment & analysis of the network to
determine the current configurations of the software/hardware components, network
security analysis and vulnerabilities. We will also analyze router traffic, server
performance, and take full inventory report of the software & hardware components
as well the software licenses throughout the network. All this will be done through the
means of diagnostic tools and asset tracking tools.

Phase 2 – Planning & Addressing Issues
In the planning phase, we will take what we learned from phase one, and devise the
plan of action to address the issues identified. We will develop a full project schedule
in this phase to be followed throughout the project. We will plan out the security
layout to be deployed throughout the network. In addition, we will plan out a
standardized workstation rollout for all the workstations in the network. We will also
plan on developing security policies as well as maintenance documentations.

Phase 3 – Testing
                                     ePros Consulting.


In this phase, we will conduct a complete network backup to save valuable data.
After which we will set up a test environment and test out what we planned in phase
two, using a test box. We will test the security settings of the Firewall and the
Antivirus software. We will test the network environment and recognize any issues
that need to be resolved. Finally we will update the client with the progress.




Phase 4 – Implementation
In this phase we will finally install and configure the firewall to the router as well as
install and configure the anti-virus software throughout the network. In addition we
will deploy a standardized workstation setting in all the workstation throughout the
network. In addition we will write security policies and maintenance manual. Finally
we will update the client with the progress.

Phase 5 – Service Deliver / Project Completion
In our final phase, we will finally go live with the new, enhanced, and secured
network. At this time we will have the client evaluate all of the services provided to
them. Any final troubleshooting and addressing of issues will be done in this phase.
Security policy and maintenance guide will also be explained and handed over the
client at this time.

Exclusions:

         ePros will not be responsible for any system failure, critical upgrades, or any
          type of maintenance requirements to the network after the project completion
          date. Support will be handed over to the Solai & Cameron IT staff.
         ePros will not be responsible for any delays or damages done to the intelligent
          or physical property of Solai & Cameron because of natural disasters during
          this project.
         ePros will not support any hardware or software issues after the completion &
          troubleshooting phase of this project.
         Incase Solai & Cameron would like to add additional tasks to this project,
          ePros does not guarantee approval of such tasks. However by using change
          management, those tasks may be considered as an addition to the project.
         ePros will suggest solutions to Solai & Cameron based on the first phase of
          the project; however, ePros will not be liable for the outcomes of actions Solai
          & Cameron takes or changes that Solai & Cameron makes based on these
          suggestions.

Project Deliverables & Exclusions (Cont.)
Client:

___________________________

Name/ Last name

_________________________________
                                    ePros Consulting.


Signature

____________________________

Address

____________________________

City, State, Zip code

e.        Project Objectives

        The objective of the project undertaken is to successfully secure and
significantly improve the network performance of Solai & Cameron with maximum
uptime which will directly increase employee productivity and business efficiency thus
saving Solai & Cameron thousands of dollars. These objectives are to be completed
with the budget allotted to us of $10,000 within the time frame of March 28th, 2004 to
June 10th, 2004. Details of the objectives are as follow:

1. To conduct a clean sweep of the entire network components to get rid of a
malicious virus that has infected a device on the network which has repeatedly
infected the other workstations connected to the network.

2. To install Firewall behind the router configured thoroughly to filter out all data traffic
and effectively protect against intrusions and unauthorized access.


3. To standardize the workstations across the network specifically in regards to the
essential software to keep all the workstation at its optimum performance free of spy
ware, ad ware which slows down the system and interferes with employees work. In
addition; to standardize security policies consistent on all workstations throughout the
network to eliminate conflicts.

4. To deploy antivirus software throughout the workstations in the network to protect
against malicious programs such as viruses, worms from getting into the network
infecting other workstations, corrupting files, and degrading network performance.


5. To service web server and exchange server for optimum performance


6. Write security policy and maintenance manual.


f.        Success Factors

          A. Malicious Program Remediation
               a. Servers and Workstations will be 100% clean.
                                       ePros Consulting.


                b. Norton Antivirus Corporate Edition will be fully updated, patched,
                   and running on all servers and workstations
                c. Policy and procedures will be in place to maintain clean network
                   environment

          B. Implementation of Network Security and Domain Policies
                a. Domain policies will be implemented to keep malicious programs
                   from intruding onto the network
                b. Potential hostile downloads will be blocked by file extension
                   screening
          C. Network Efficiency / Function Improvement
                a. All Servers will run Windows 2000 in Native Mode to implement
                   domain security feature
                b. Main server will provides DNS and acts as Domain Controller
                c. DNS will be handled by selected ISP
                d. Improved Web server uptime (90%) and Antivirus server will self-
                   regulating

          D. Establish relationship and lines of communication
                a. Open friendly meetings and conversations through exchange of
                   information and suggestions between ePros and the client
                b. Requests and changes in plans will be easily made and timely
                c. Service will be delivered on agreed time.



3. Verification:

Scope Verification

       The purpose of the Scope Verification is to be signed by the client in agreement with
the scope statement.

        Please find attached the Scope Statement for our project. Before we proceed onwards
with this project, it is necessary for you to sign below stating that you agree to the contents in
the Scope Statement. By signing below, you agree to grant us permission to proceed with the
project as outlined.

Signature:

Client:

                                                                       Date

Project Leader:

                                                                      Date
                                     ePros Consulting.




                                Verification Checklist
ePros consulting has created this verification statement to provide an independent verification
of the completeness and accuracy of this Project. The client is expected to have read &
agreed the Project Deliverable before reading this document.

        Please check each one of the verification and sign the bottom of this page.

      Upon the completion of the project, any disaster that damages the network equipment

       or brings the network down will not be the responsibility of ePros Consulting.

      Any additional support/upgrades that will be provided after the completion of the

       project will be charged on change basis.

      Once the project is approved and signed by the Client and the project leader,

       additional changes will be charged accordingly depending on their acceptance.

      ePros Consulting is not responsible for changes in vendor prices for

       software/hardware equipment and will charge client for any spending over the budget.

      ePros Consulting is not responsible for any changes of those the client may desire to

       the measurements and diameters of the project deliverables.

      ePros Consulting will follow software licensing and ISP regulatory standards

       accordingly and will not be responsible for any changes that maybe disapproved by

       these regulations.

      Any extra services, such as maintenance, extra hardware/software upgrades requested,

       that are not included in the scope will need approval for change by ePros Consulting .
                                                    ePros Consulting.




         Client:                                                       Date:

Project Leader:                                                        Date:




                                          Change Control Process


                                                         Identify need for
                                                             change




  Issues register           Not a good idea              Review request




                                                            Good idea




                    Evaluate impact       Yes          Does it impact Plan?


        No

                    Prepare change
                         order                                  No




                     Change order
                                              Yes       Make the change
                      approved?




                                                         Amend the plan
                     ePros Consulting.




4. Change Control:




               CHANGE ORDER FORM




                     Document Number:


                       Project Manager:


                                 Client:
                                ePros Consulting


Change Order Form

     Date identified        Date last reviewed     Approved
                                                    Yes/No


Description of the change




Reason for the change




Quantifiable benefits




Impact on Budget or contract value




Impact on Schedule




Additional resources needed




                                                              10
                                   ePros Consulting




Additional risk




Change Order Review

The change is approved

                                              Signature:   Date:

The change is accepted subject to the
conditions noted below
                                              Signature:   Date:

The change is rejected
                                              Signature:   Date:

Additional requirements / notes




                                                                   11

								
To top