Syed Ali Abbas
1. Scope Statement:
Solai & Cameron is a small technology company of about 30 employees, which
specializes in providing Information Technology solutions to corporate, government,
education and healthcare organizations. Their core competencies lie in consulting,
wired and wireless networking, video/voice/data communication application
development, and technical support. Currently their network has very minimum, or
no security to protect against external threats, unauthorized access and intrusions.
There is no set standard consistency of hardware/software and standard operating
system in the user workstations throughout the network
In order to provide a secure and efficient network environment for Solai & Cameron,
ePros will provide services to significantly improve the network performance, thus
saving the company thousands of dollars lost during downtimes and loss of data. We
will effectively secure the network with the appropriate parameters and configurations
to protect against external threats such as unauthorized access, and intrusion; thus
preventing significant downtimes which the company currently experiences. This will
allow the employees to stay productive with up to speed and provide the business
with maximum performance.
Solai & Cameron have allotted us a budget of $10,000 to cover the cost of
software/hardware material needed for network security & performance upgrade.
Solai & Cameron have given us a project deadline of May 31st, 2004. With the
budget of $10,000; we estimate that the tools needed to perform network
diagnostics, hardware/software inventory; implementation of firewall and antivirus
software will all cost $8,100. The remaining budget may be used in other
hardware/software purchases to meet the requirements.
c. Project Description
ePros will conduct a full assessment and analysis of the current network architecture
of Solai & Cameron through the means of inventory software and diagnostic tools.
This will provide a detailed software and hardware report, security audit along with
software license compliance reports. ePros will be installing a firewall behind the
router configured thoroughly to filter out all data traffic and effectively protect against
intrusions and unauthorized access, and provide the Network Administrator with an
easy interface to allow him to monitor all network traffic going in and out of the
network. We will set security parameters to alert the admin in the event of intrusion
detection so immediate action can be taken to safeguard data. Secondly, we will also
be standardizing the user workstations across the network with a standard operating
system, minimum hardware/software requirements and security policy consistent
throughout the workstations in the network to provide consistency and eliminate
conflicts. In addition we will deploy antivirus software throughout the workstations in
the network to protect against malicious programs such as viruses, worms from
getting into the network infecting other workstations, corrupting
files, and degrading network performance.
d. Project Deliverables & Exclusions
Conduct analysis/assessment and plan solutions.
Secure network servers and workstations.
Service web server and exchange server for optimum performance.
Standardize all workstation across the network.
Suggest equipment to purchase.
Test environment before standardizing.
Write security policy and maintenance manual.
Phase 1 – Assessment & Analysis
In this phase, we will be conducting a full assessment & analysis of the network to
determine the current configurations of the software/hardware components, network
security analysis and vulnerabilities. We will also analyze router traffic, server
performance, and take full inventory report of the software & hardware components
as well the software licenses throughout the network. All this will be done through the
means of diagnostic tools and asset tracking tools.
Phase 2 – Planning & Addressing Issues
In the planning phase, we will take what we learned from phase one, and devise the
plan of action to address the issues identified. We will develop a full project schedule
in this phase to be followed throughout the project. We will plan out the security
layout to be deployed throughout the network. In addition, we will plan out a
standardized workstation rollout for all the workstations in the network. We will also
plan on developing security policies as well as maintenance documentations.
Phase 3 – Testing
In this phase, we will conduct a complete network backup to save valuable data.
After which we will set up a test environment and test out what we planned in phase
two, using a test box. We will test the security settings of the Firewall and the
Antivirus software. We will test the network environment and recognize any issues
that need to be resolved. Finally we will update the client with the progress.
Phase 4 – Implementation
In this phase we will finally install and configure the firewall to the router as well as
install and configure the anti-virus software throughout the network. In addition we
will deploy a standardized workstation setting in all the workstation throughout the
network. In addition we will write security policies and maintenance manual. Finally
we will update the client with the progress.
Phase 5 – Service Deliver / Project Completion
In our final phase, we will finally go live with the new, enhanced, and secured
network. At this time we will have the client evaluate all of the services provided to
them. Any final troubleshooting and addressing of issues will be done in this phase.
Security policy and maintenance guide will also be explained and handed over the
client at this time.
ePros will not be responsible for any system failure, critical upgrades, or any
type of maintenance requirements to the network after the project completion
date. Support will be handed over to the Solai & Cameron IT staff.
ePros will not be responsible for any delays or damages done to the intelligent
or physical property of Solai & Cameron because of natural disasters during
ePros will not support any hardware or software issues after the completion &
troubleshooting phase of this project.
Incase Solai & Cameron would like to add additional tasks to this project,
ePros does not guarantee approval of such tasks. However by using change
management, those tasks may be considered as an addition to the project.
ePros will suggest solutions to Solai & Cameron based on the first phase of
the project; however, ePros will not be liable for the outcomes of actions Solai
& Cameron takes or changes that Solai & Cameron makes based on these
Project Deliverables & Exclusions (Cont.)
Name/ Last name
City, State, Zip code
e. Project Objectives
The objective of the project undertaken is to successfully secure and
significantly improve the network performance of Solai & Cameron with maximum
uptime which will directly increase employee productivity and business efficiency thus
saving Solai & Cameron thousands of dollars. These objectives are to be completed
with the budget allotted to us of $10,000 within the time frame of March 28th, 2004 to
June 10th, 2004. Details of the objectives are as follow:
1. To conduct a clean sweep of the entire network components to get rid of a
malicious virus that has infected a device on the network which has repeatedly
infected the other workstations connected to the network.
2. To install Firewall behind the router configured thoroughly to filter out all data traffic
and effectively protect against intrusions and unauthorized access.
3. To standardize the workstations across the network specifically in regards to the
essential software to keep all the workstation at its optimum performance free of spy
ware, ad ware which slows down the system and interferes with employees work. In
addition; to standardize security policies consistent on all workstations throughout the
network to eliminate conflicts.
4. To deploy antivirus software throughout the workstations in the network to protect
against malicious programs such as viruses, worms from getting into the network
infecting other workstations, corrupting files, and degrading network performance.
5. To service web server and exchange server for optimum performance
6. Write security policy and maintenance manual.
f. Success Factors
A. Malicious Program Remediation
a. Servers and Workstations will be 100% clean.
b. Norton Antivirus Corporate Edition will be fully updated, patched,
and running on all servers and workstations
c. Policy and procedures will be in place to maintain clean network
B. Implementation of Network Security and Domain Policies
a. Domain policies will be implemented to keep malicious programs
from intruding onto the network
b. Potential hostile downloads will be blocked by file extension
C. Network Efficiency / Function Improvement
a. All Servers will run Windows 2000 in Native Mode to implement
domain security feature
b. Main server will provides DNS and acts as Domain Controller
c. DNS will be handled by selected ISP
d. Improved Web server uptime (90%) and Antivirus server will self-
D. Establish relationship and lines of communication
a. Open friendly meetings and conversations through exchange of
information and suggestions between ePros and the client
b. Requests and changes in plans will be easily made and timely
c. Service will be delivered on agreed time.
The purpose of the Scope Verification is to be signed by the client in agreement with
the scope statement.
Please find attached the Scope Statement for our project. Before we proceed onwards
with this project, it is necessary for you to sign below stating that you agree to the contents in
the Scope Statement. By signing below, you agree to grant us permission to proceed with the
project as outlined.
ePros consulting has created this verification statement to provide an independent verification
of the completeness and accuracy of this Project. The client is expected to have read &
agreed the Project Deliverable before reading this document.
Please check each one of the verification and sign the bottom of this page.
Upon the completion of the project, any disaster that damages the network equipment
or brings the network down will not be the responsibility of ePros Consulting.
Any additional support/upgrades that will be provided after the completion of the
project will be charged on change basis.
Once the project is approved and signed by the Client and the project leader,
additional changes will be charged accordingly depending on their acceptance.
ePros Consulting is not responsible for changes in vendor prices for
software/hardware equipment and will charge client for any spending over the budget.
ePros Consulting is not responsible for any changes of those the client may desire to
the measurements and diameters of the project deliverables.
ePros Consulting will follow software licensing and ISP regulatory standards
accordingly and will not be responsible for any changes that maybe disapproved by
Any extra services, such as maintenance, extra hardware/software upgrades requested,
that are not included in the scope will need approval for change by ePros Consulting .
Project Leader: Date:
Change Control Process
Identify need for
Issues register Not a good idea Review request
Evaluate impact Yes Does it impact Plan?
Yes Make the change
Amend the plan
4. Change Control:
CHANGE ORDER FORM
Change Order Form
Date identified Date last reviewed Approved
Description of the change
Reason for the change
Impact on Budget or contract value
Impact on Schedule
Additional resources needed
Change Order Review
The change is approved
The change is accepted subject to the
conditions noted below
The change is rejected
Additional requirements / notes