CASE STUDY

Case Study

Abstract

The paper is divided in to two sections. The first section build and analyse the network for two more branches of Murphy's across UK, based on VOIP over IPSEC-VPN implementation. We control two Call Manager Express gateways, CME1 which is in London office and connects to a traditional POTS analogue phone and VOIP phone and CME2 which is in Manchester and controls a VOIP phone. While second section build a lab which simulates the above scenario with following steps of implementation mentioned in the first section and configure IPSec VPN between CME1 and CME2 and place a call then critically analyse and discuss the performance.

Case Study

Introduction

Murphy's is a department store group with 20 branches across UK. The store also has an online transactional website for online shopping. The website embeds many interactive features for promoting products including informative videos and a live chat option with customer representatives. This paper is divided in to two sections. First section describes the security guidelines and policies for the organisation and overseeing their implementation both online and offline across different store branches and Maintaining an up to date knowledge of the effect of security mechanisms on Quality of

Service related performance issues in applications and devices in the enterprise network. While second section adopt a holistic approach in analysing the enterprise network's vulnerabilities at different levels and investigate feasible and effective solutions to resolve them. The detailed on both sections in illustrated in discussion section (Block, 2003, pp.49).

Discussion

Section 1

The lack of security policies and procedures is one of the most serious problems facing companies today specially Murphy's Departmental store in regard to protecting their information assets against internal and external dangers. The security policies are essentially guidelines and instructions indicating how to handle security issues and form the basis of a master plan for effective implementation of protective measures such as identification and access control, data backup, contingency plans and intrusion detection (Allington, 2001, pp.15).

While policies vary considerably depending on the type of organization involved, typically include general statements about goals, goals, behavior and responsibilities of employees regarding safety violations. Often policies are accompanied by rules, instructions and procedures. Policies are mandatory, while recommendations or guidelines are rather optional (Allington, 2001, pp.15).

On the other hand, the higher-level policies are the rules, standards and procedures also need to be followed. The policies consist of general statements, while regulations specifically refer to technologies, methodologies, implementation procedures and other aspects in detail. In addition policies should last for many years, while the rules and procedures take less time (Applebee, 1996, pp.11).

DES (Data Encryption Standard). For example, a safety standard would specify use encryption standard DES (Data Encryption Standard). This rule should probably be revised or replaced in the coming years (Applebee, 1996, pp.11).

Policies are different and higher level procedures, which are specific operational steps to be carried out to achieve a certain goal. As an example, there are specific procedures for backup of the information contained on hard drives from ...