Ronald A. Weist
Network Engineer Candidate
Network Experience | Hardware Experience | Software Experience | Resume Home | Network Diagrams | Scopes of Work | Internal Proposals |
Customer Scopes of Work
Intrusion Detection System | Packeteer Packetshaper | Network Sniffer |
Dial Backup Scope | Line Upgrade | Site-to-site PIX VPN Scope |
Intrusion Detection Scope of Work
Logo Removed
|
Address Removed
City, State and Zip Removed Phone Number Removed Fax Number Removed |
|
Date
|
Company Name
Intrusion Detection
System
Scope Of Work
I.
Gather network
information from the client
II. Configure the Cisco IDS for operation
III. Ship the Cisco IDS and install it
IV. Fine tune IDS once daily for 15 days
V. Analyze the data trends
VI. Additional IDS monitoring
I.
(At Enveloptech)
Gather network information from the client
A. Accurate network diagram
1.
Show both LAN and WAN
2.
Show addresses and
gateways
3.
Determine network to be
watched
4.
Watching multiple
networks will demand a different IDS
B. Accurate listing of protocols and applications used
on the network
1.
2.
Acceptable applications
3.
Prohibited applications
C. IP addresses for the Cisco IDS and log server
operation
D. VPN/TS/VNC connection information for temporary
monitoring
E. Blocking/Shunning capable equipment
1.
PIX Firewall
2.
Cisco Router
II.
(At Enveloptech)
Configure the Cisco IDS for operation
A. Put in recommended and discussed IDS settings
B. Set shunning if desired and possible
C. Set it to record UDP logs to a client owned log
server IP address
III.
Bring the Cisco
IDS to the client location for installation
A. Follow agreed upon Visio diagram
B. Aid in the installation of a log server on client
owned computer
C. Train client IT personnel on the basics of IDS
operation and alerts
1.
Demonstrate imbedded
management utility
2.
Demonstrate email and
pager alerts
IV.
(At Enveloptech)
Fine tune IDS once daily for 15 days
A. Verify proper triggers and alerting
B. Reset the IDS to allow false negatives to be ignored
C. Ease or enhance blocking as desired and required
V.
(At Enveloptech)
Analyze the data trends
A. Discuss the current setting with the client
B. Make changes to fine tune the system
C. Disconnect the temporary network access
VI.
Additional IDS
monitoring
A. Billed against an Enveloptech Help Desk Agreement
B. Requires temporary network access to be
re-implemented as long as monitoring is desired
a.
The client must provide
detailed network information to insure proper placement of the Cisco IDS. This includes network addressing, protocol
information, a diagram and a list of applications that should be running on the
network. This must be completed prior to
equipment configuration and installation.
b.
The client must
ensure that the WAN and LAN circuits are up and operational during the time of
the initial installation and monitoring period, and that traffic patterns will
be as normal as possible during that time as well; i.e.: no major topology or
computer changes occurring during that time.
c.
The client must
provide IP address and Gateway information to Enveloptech for the
Cisco IDS configuration and installation.
d.
The client must
provide a temporary VPN/Dialup connection to their network for secure
connection to the IDS and log server for reconfiguration.
e.
The client
should attend, or be available for comments, during the initial discovery phase
of the project to ensure accurate and timely information is shared to aid the
performance of the Cisco IDS.
a.
Customer must
supply a computer with a third party log server for capturing data generated by
the IDS.
b.
The client is
responsible for providing a sufficient space for the installation of the Cisco
IDS equipment.
c.
The client is
responsible for providing a sufficient number of power outlets to run the
equipment. These outlets should be isolated from an electrical circuit that may
create electronic interference with data communications equipment.
d.
The client is
also responsible for providing the appropriate operating environment for the
Cisco IDS as described by the manufacturer of the equipment.
All
work to be done within normal business hours (Monday to Friday,
SIGNATURES:
This Scope of Work has been agreed to and accepted by:
(Client
Signature)
(Print here)
(Enveloptech
Signature)
(Print here)