Ronald A. Weist

Network Engineer Candidate



 Network Experience   Hardware Experience   Software Experience   Resume Home   Network Diagrams   Scopes of Work   Internal Proposals 



Customer Scopes of Work

 Intrusion Detection System   Packeteer Packetshaper   Network Sniffer 
 Dial Backup Scope   Line Upgrade   Site-to-site PIX VPN Scope 



Intrusion Detection Scope of Work


Logo Removed

Address Removed

City, State and Zip Removed

Phone Number Removed

Fax Number Removed

 

 

Date

Company Name

Intrusion Detection System

 Scope Of Work

 

PROJECT OUTLINE

 

I.         Gather network information from the client

II.       Configure the Cisco IDS for operation

III.      Ship the Cisco IDS and install it

IV.   Fine tune IDS once daily for 15 days

V.     Analyze the data trends

VI.   Additional IDS monitoring

 

DETAILED SCOPE OF WORK

 

I.                     (At Enveloptech) Gather network information from the client

A.     Accurate network diagram

                                                      1.      Show both LAN and WAN

                                                      2.      Show addresses and gateways

                                                      3.      Determine network to be watched

                                                      4.      Watching multiple networks will demand a different IDS

B.     Accurate listing of protocols and applications used on the network

                                                      1.      Mission critical applications

                                                      2.      Acceptable applications

                                                      3.      Prohibited applications

C.     IP addresses for the Cisco IDS and log server operation

D.     VPN/TS/VNC connection information for temporary monitoring

E.      Blocking/Shunning capable equipment

                                                      1.      PIX Firewall

                                                      2.      Cisco Router

 

II.                   (At Enveloptech) Configure the Cisco IDS for operation

A.     Put in recommended and discussed IDS settings

B.     Set shunning if desired and possible

C.     Set it to record UDP logs to a client owned log server IP address

 


III.                  Bring the Cisco IDS to the client location for installation

A.     Follow agreed upon Visio diagram

B.     Aid in the installation of a log server on client owned computer

C.     Train client IT personnel on the basics of IDS operation and alerts

                                                      1.      Demonstrate imbedded management utility

                                                      2.      Demonstrate email and pager alerts

 

IV.               (At Enveloptech) Fine tune IDS once daily for 15 days

A.     Verify proper triggers and alerting

B.     Reset the IDS to allow false negatives to be ignored

C.     Ease or enhance blocking as desired and required

 

V.                 (At Enveloptech) Analyze the data trends

A.     Discuss the current setting with the client

B.     Make changes to fine tune the system

C.     Disconnect the temporary network access

 

VI.               Additional IDS monitoring

A.     Billed against an Enveloptech Help Desk Agreement

B.     Requires temporary network access to be re-implemented as long as monitoring is desired

 

CLIENT RESPONSIBILTIES:

 

1.      Configuration Information

 

a.               The client must provide detailed network information to insure proper placement of the Cisco IDS.  This includes network addressing, protocol information, a diagram and a list of applications that should be running on the network.  This must be completed prior to equipment configuration and installation.

b.               The client must ensure that the WAN and LAN circuits are up and operational during the time of the initial installation and monitoring period, and that traffic patterns will be as normal as possible during that time as well; i.e.: no major topology or computer changes occurring during that time.

c.                The client must provide IP address and Gateway information to Enveloptech for the Cisco IDS configuration and installation.

d.               The client must provide a temporary VPN/Dialup connection to their network for secure connection to the IDS and log server for reconfiguration.

e.               The client should attend, or be available for comments, during the initial discovery phase of the project to ensure accurate and timely information is shared to aid the performance of the Cisco IDS.

 


2.      Environmental Factors

 

a.               Customer must supply a computer with a third party log server for capturing data generated by the IDS.

b.               The client is responsible for providing a sufficient space for the installation of the Cisco IDS equipment.

c.                The client is responsible for providing a sufficient number of power outlets to run the equipment. These outlets should be isolated from an electrical circuit that may create electronic interference with data communications equipment.

d.               The client is also responsible for providing the appropriate operating environment for the Cisco IDS as described by the manufacturer of the equipment.

 

EXCLUSIONS:

 

1.      Hours of Work

 

All work to be done within normal business hours (Monday to Friday, 8:00am to 5:00pm). Projects requiring labor outside of these hours will be charged at a premium overtime rate.

 

 

 

 

SIGNATURES:

 

This Scope of Work has been agreed to and accepted by:

 

 

 

                                                                                        (Client Signature)

 

                                                                                        (Print here)

 

 

 

                                                                                        (Enveloptech Signature)

 

                                                                                        (Print here)