Aircraft Solutions Project

Only available on StudyMode
  • Download(s) : 320
  • Published : February 23, 2013
Open Document
Text Preview
Table of Contents

Executive Summary 3
Company Overview 3
Vulnerabilities 3
Hardware Vulnerabilities 3
Policy Vulnerabilities 6
Recommended Solution - Hardware 7
Impact on Business Processes 10
Recommended Solution – Policy 10
Impact on Business Processes 11
Budget 11
Summary 11
References 13

Executive Summary
The purpose of the report is to assist Aircraft Solutions (AS) in indentifying the most significant Information Technology (IT) security vulnerabilities. AS products and services are at the forefront of the industry and the protection of such is very important as they are an industry leader. The vulnerabilities that will be discussed are the firewall configuration, virtualization of their hardware assets and defining security policy regarding the timeliness of firewall configuration and updates. Company Overview

Aircraft Solutions, headquarters located in San Diego, California develop and fabricate products and services for companies in the electronic, commercial, defense and aerospace industries. AS is made up of two (2) different divisions, the Commercial Division and the Defense Division. The Commercial Division is located in Chula Vista, CA and the Defense Division is located in Santa Ana, CA. AS company strategy is to offer low cost design and computer aided modeling packages to companies and assists them through the lifecycle of their product in an effort to save money for the consumer while profiting from their business. Vulnerabilities

Hardware Vulnerabilities
The hardware infrastructure of the AS Headquarters in San Diego, California had been identified during our recent security assessment as being a potential security weakness to the company's overall information systems security infrastructure. The system hardware infrastructure comprises of

Five (5) Individual Servers
One (1) Switch
Two (2) Routers
One (1) Firewall

The hardware area of concern was the lack of Firewalls being used to protect the company's network against intrusion and the networks hardware design and architecture. The firewall configuration at AS San Diego is improperly configured to meet the security needs of the company. The main area of concern was that of the firewall located between AS Main Router and the Router to DD. The security assessment revealed that DD Santa Ana has direct access without firewall authentication to AS San Diego's network. "Misconfigured network gear represents a major security threat. It's estimated that 65% of cyber attacks exploit misconfigured systems" (Marsan, 2009). There are many different threats associated with not having properly configured Firewalls and the statistics show that 6.5 companies out of 10 are being attacked because of the vulnerabilities associated to not configuring their systems correctly. There are many threats associated with not having a properly configured Firewall, due to the misconfiguration; our security assessment revealed that the main threat to AS Headquarters would be an infiltration via the exploitation of the firewalls back door. Attackers can install listening devices that will detect which ports are open on AS's perimeter firewall. Once it's determined which ports are open, the Attacker can take advantage of the misconfiguration and deposit or execute backdoor code, or simply access the system without authorization. The consequences associated with not having a properly configured firewall could be the annoyance of adware or as severe as bringing AS operations to a standstill. A majority of AS business operations are controlled through AS San Diego via their headquarters network. The likely hood of a threat is significant, but the risk associated with it is Severe. "Network performance and reliability also are affected by misconfigured gear, it's estimated that 62% of IP network downtime is due to configuration issues" (Marsan, 2009). AS San Diego IT network could be down for assessment and...
tracking img