Project detail: Design the layout of users, domains, trusted domains, anonymous users, etc for a start-up open source software company ABC. They should have an internal CVS server, which only internal developers can access, an anonymous CVS server for outsiders to download source code, WWW servers (one for internal and one for external), and a mail server. Outsiders should not be able to access either internal CVS or internal WWW servers.. You should finish the following parts: a) The topology diagram for the different servers and locations and trust domains. For example, where are the firewalls, and where are the users located in the topology. b) The assumptions that you make for your design and the security policy to achieve this assumption. Project Part 2 Your final document should include the following parts: 1. Network topology diagram and the domains of trust. 2. Security related assumptions in your design, and security policy to make this assumption valid. 3. Trust assumptions about users (e.g., who could be root, what a root could do). You do not need to create specific users, but you need to give a classification about users according to their trust domain. For example, developers, system administrators, software testers, etc. You need to define the capabilities for each class of users. If possible, embed this into your firewall management. You do not need to
Project detail:
Design the layout of users, domains, trusted domains, anonymous
users, etc for a start-up open source software company ABC. They
should have an internal CVS server, which only internal developers
can access, an anonymous CVS server for outsiders to download
source code, WWW servers (one for internal and one for external),
and a mail server. Outsiders should not be able to access either
internal CVS or internal WWW servers..
You should finish the following parts:
a) The topology diagram for the different servers and locations and
trust domains. For example, where are the firewalls, and where
are the users located in the topology.
b) The assumptions that you make for your design and the security
policy to achieve this assumption.
Project Part 2
Your final document should include the following parts:
1. Network topology diagram and the domains of trust.
2. Security related assumptions in your design, and security policy to
make this assumption valid.
3. Trust assumptions about users (e.g., who could be root, what a
root could do). You do not need to create specific users, but you need
to give a classification about users according to their trust domain. For
example, developers, system administrators, software testers, etc.
You need to define the capabilities for each class of users. If possible,
embed this into your firewall management. You do not need to
address the password management policies.
4. Potential security issues for each server and how to manage them,
also who can configure them and manage them.
Step by step
Solved in 2 steps with 2 images
