Group 4 Rough Draft
How to prevent malicious attacks while using airport wi-fi
The project requirement of the course can be satisfied with doing a group real-world project. The purpose of the project is to let students apply their cybersecurity (CYB) knowledge in a real-world situation for gaining practical experience.
Give detailed explanation of your own theory including a checklist and was for preventative/recovery measures, in case of a malicious attack while using airport Wi-Fi. Provide in-depth explanation and procedure. Also be sure to include a test of your theory and results. Use the attacks provided above for reference. Computer Science homework help
- Denial-of-Service (DoS) Attack
- SSL Stripping
- NAT Slipstreaming
Running Head: NETWORK AND SECURITY SOLUTION
Network and Security Solution for TheDebneyHouse
ITM for Small Business
Daniel Mora, Ashley Samuels, Josh Hopkins, Edward Cook and Devon Blakely
Capstone
February 2018
National University
NETWORK AND SECURITY SOLUTION 1
Executive Summary
TheDebneyHouse is expanding its technological backbone, security, and customer experience
throughout their website and brick and mortar boutique. These milestones require the
implementation of a new networking backbone throughout the building and also require the
upgrade of the security infrastructure. Team Rho and the stakeholder have discussed the network
and security technology project while sparking focus on other processes that need to be
addressed in the project. The areas of focus are a sustainable and reliable networking
infrastructure, a dependable and secure database for passwords, data, and customer details, as
well as future proofing the network for expansion, which could include security cameras and
updated technology. Team Rho’s published solutions in this paper mirror the proposals that have
been presented and accepted by the sponsor, TheDebneyHouse. Our proof of concept that is
being delivered to our sponsor stems from numerous pilot tests with the technical team and
analytics, the soft-demo on a test network, and the overall conceptual steps the team took to
analyze flaws in the process. With previous experience with Ubiquiti on the team, we were able
to reference old projects and errors to increase the success rate and network models for when we
performed our live implementation. Computer Science homework help. If approval of the proposed solution is verified by the
sponsor, stakeholders, and all needed committees, Team Rho, will implement the agreed upon
solution for TheDebney House. Our next steps in the process are to successfully hand-over the
project to the sponsor and professional remove us from the network infrastructure. Unless agreed
upon by the sponsor, an additional step would be to conduct and organize a project to implement
security cameras for the location.
NETWORK AND SECURITY SOLUTION 2
Acknowledgements
This process, both throughout the program, as well as this opportunity to bring all the aspects of
the program into application with the Capstone project, has given Team Rho a lot to be
appreciative of. First, we would like to thank National University and program lead, Dr. Bowen,
for developing a robust, informative and motivating curriculum that we can implement into our
daily lives and careers. TheDebneyHouse sponsors, Mr. and Mrs. Miranda and their staff for
allowing us to help in the expansion of their business with the latest technologies to meet their
needs, not only for the present, but future growth. Professor Juarez, for making this a wonderful
experience and keeping us motivated throughout the entire process. Lastly, we would like to
thank all the students in the Capstone class for providing excellent support and feedback
throughout this endeavor. Computer Science homework help
NETWORK AND SECURITY SOLUTION 3
Table of Contents
Executive Summary 1
Acknowledgements 2
Table of Contents 3
Project Name 6
Client Name 6
Decision-Makers 6
Project Description 7
Business Case 7
Current Situation and Problem/Opportunity Statement 8
Critical Assumption and Constraints 8
Budget Estimate and Financial Analysis 9
Target Audience 11
The Problem 12
Project Scope 14
Prerequisites 16
Assumptions 17
Project Constraints 18
Project Schedule, Deliverables, and Budget 19
Project Schedule 19
Project Deliverables 23
Budget 24
Project Organizational Chart 25
Systems Analysis and Review of Literature 40
Existing Procedures and Systems 27
The Physical Description 27
The Conceptual Description 28
Information Design: Data Structures, Databases, and Communication 29
NETWORK AND SECURITY SOLUTION 4
Problems Identified – An Analysis 41
Project Goals and Objectives 41
Full Project Goals and Objectives 41
Class Project Goals and Objectives 43
Application Requirements 44
Business Requirements 44
Functional Requirements 44
Technical Requirements 45
The Solution 46
Solution Description 46
Cost and Benefit Analysis 47
Other Alternatives 49
Justification for Recommended Solution 50
Benefits 51
Full Project Benefits 51
Class Project Benefits 52
Project Risks 53
Operational Risks 53
Development Risks 54
Risk Management 55
The Risk Log 56
Solution Design 56
Conceptual Design 56
Data Models 57
Detailed Application Design 59
Project Processes and Results 61
Communication Process 61
Change Control Process 63
Escalation Procedures 64
NETWORK AND SECURITY SOLUTION 5
Planned Schedule vs. Actual Performance 65
Budget vs. Actual Expenses 65
Prototype Implementation 66
Scope of Prototype 66
Development Environment 66
Prototype Quality Assurance and Defect Tracking 68
Prototype Deployment 69
Prototype User Guide & Release Notes 69
Future Action Plan 70
Lessons Learned 71
Client Acceptance Criteria 74
Client Full Project Acceptance Criteria 74
Client Class Project Acceptance Criteria 75
References 78
NETWORK AND SECURITY SOLUTION 6
Project Name
Network and Security Solution for TheDebneyHouse: Information Technology Management
for Small Business
Client Name
Jennifer & Marc Miranda
Decision-Makers
The role of a decision maker is defined as a person who makes important decisions,
especially when it comes to high-level endeavors in an organization (“Definition of ‘decisionmaker’”, n.d.). The decision makers for the Network and Security Solution for TheDebneyHouse
included the owners and our sponsors, Mr. and Mrs. Miranda and Team Rho’s project manager,
Daniel Mora. The project manager was tasked with listening to and interpreting the needs of the
owners, which enabled a solution to be reached to achieve these goals.
The Request for Counseling was articulated and signed on November 5, 2017, which
included the background of TheDebneyHouse, when the sponsors would be available to meet
throughout the life cycle of the project, as well as the items of improvement they were looking to
implement. This allowed Daniel to provide them with options and alternatives to their current
operations. He utilized the top-down decision making approach, which is defined as “identifying
the desired outcome or results of a project before determining the process to achieve those
results” (Zeiger, n.d.). This enabled Daniel to begin formulating the deliverables needed to
accomplish the overall goal of providing TheDebneyHouse owners with a solid network and
security solution for their business. Computer Science homework help
NETWORK AND SECURITY SOLUTION 7
Project Description
The sponsor’s company, TheDebneyHouse, LLC, is a new public boutique store that
operates in a populated city of Texas. They experience a lot of traffic to their store, website, and
POS systems. Originally, the iPad POS system devices for retail transactions were in need of an
efficient and secure wireless solution, as they proved unreliable for optimal workflow.
They currently operate in a 3,000 Sq. /Ft historic home with one (1) wireless connection
being their provided modem. They experienced dropped connections in parts of the building,
which impeded their ability to use iPad POS systems to checkout customers or to pull up account
details while the customers shopped. They were also concerned about wireless security, since
they utilize POS systems and banking on a daily basis, making the preservation of their
information assets a concern, considering all of the roaming customers and bystanders. The
sponsors expressed that the solution should provide stable wireless connectivity throughout the
entire building; a reliable and secure connection; the ability for an IT professional to manage /
access their systems remotely, in case of issues during peaks shopping times; as well as being
affordable for a small business, and scalable for future growth.
Business Case
The sponsor’s company is a new public boutique store that operates in Jasper, Texas.
They experience a lot of foot traffic to their store and operate POS systems, iPad devices, and
other devices for retail transactions that need an efficient and secure wireless solution. They
currently operate in a 3,000 Sq. /Ft historic home with one (1) wireless connection being their
provided modem.
There are three main objectives the team will fulfill. The first is to provide enhanced
wireless performance by adding the AP-PRO access point to provide coverage to the entire
NETWORK AND SECURITY SOLUTION 8
facility. The second objective is to implement quality security updates including adding a
firewall, white/blacklists, port blocking, VLAN, etc. Finally, the goal is to enable and support
remote management, and ensure guest security is available. Computer Science homework help
Current Situation and Problem/Opportunity Statement
One of the main issues they experienced were dropped connections in parts of the
building, which impeded their ability to use iPad POS systems to checkout customers and view
account details while the customer shopped. They were also concerned about wireless security,
being that they operate store POS systems and banking on a daily basis, with a lot of roaming
customers and bystanders. They would like a solution that provides stable wireless for the entire
building, a reliable and secure connection for their daily transactions, and the ability for an IT
professional to manage / access their systems remotely, in case issues arise during peaks
shopping times, as well as being affordable and scalable.
Critical Assumption and Constraints
One of the critical constraints would be the cloud services, and how we would ensure we
could make it secure. We had to assume that Google and Microsoft provided, and would
continue to provide, the same level of security and SLA (service level agreement) they have
based on historical data. Our critical assumption was that the building infrastructure had no
hidden obstacles, such as layers of metal, wood barriers, etc, that could interfere with wireless
network coverage.
Analysis of Option and Recommendation. Our analysis and recommendation was to
implement a full network topology that provides enhanced wireless coverage and security. We
recommended Ubiquiti products, which included a Security Gateway, Remote Access Key,
Access Point, and lastly, educated and well-managed IT staff. The only piece of hardware that is
NETWORK AND SECURITY SOLUTION 9
not part of the Ubiquiti family is the unmanaged TP-Link 5-Port Gigabit Switch. These
recommendations provided all remediation’s to the sponsor’s issues, as well as provided the
requested security and remote management tools the sponsor was curious about, as additions to
the network redesign.
Preliminary Project Requirements. Our preliminary requirements included detailed
research of our solutions, to provide demonstration capability of the different implementations,
ensure the hardware was available by the deadline, verify compatibility and scalability, and
lastly, that the sponsors stated issues were properly resolved. Computer Science homework help
Budget Estimate and Financial Analysis
Financial agreement was based on the solution proposed to the sponsor. After details of
the solutions and demonstrations were provided, the sponsor then made the decision to provide
us with a budget for the implementation and purchase of the hardware. The budget that was
allocated for the project was $1,000 that was used to procure equipment in two separate phases.
The first phase included the TP-Link 5-Port Gigabit network switch and AP-PRO Wi-Fi access
point, and the second phase included the USG firewall and Ubiquiti Cloud Key. There was no
need to include software in the budget because it was bundled with the Ubiquiti hardware, and
no need to account for labor because Team Rho was working for free. When all items in the
budget were accounted for, the team only utilized around 35% of the total.
NETWORK AND SECURITY SOLUTION 10
Item Cost Subscription
Ubiquiti Networks Unifi 802.11ac Dual-Radio PRO
Access Point (UAP-AC-PRO-US)
$130.51 One time fee
Ubiquiti Unifi Cloud Key – Remote Control Device
(UC-CK)
$76.02 One time fee
Ubiquiti USG – Unifi Security Gateway $119.53 One time fee
TP-Link 5-Port Gigabit Switch $19.99 One time fee
LastPass Subscription $2.42 per user Monthly
Ubiquiti Software Suite Included NA
Shopify POS E-Commerce $30 Monthly
Table 1. Financial Analysis.
Schedule Estimate. The schedule estimates were based on the approval of the
implementation of multiple hardware products, software management tools, and documentation.
After approval from the sponsor to implement the solution, we estimated it would take 15 days to
complete the purchasing, installation, testing, and reporting. This is estimated to change based on
the agreement for physical implementation that is agreed on.
Potential Risks. Our primary risk was not being able to provide the coverage and
security that is needed for the sponsor. However, after our detailed research and collaboration,
we did not foresee this risk surfacing. Another potential risk was that some of our hardware may
fail or be defective. After setting up a small prototype network, we were able to test the hardware
and ensure it was free of defects. One last possible risk was that the sponsor might pull out of the
project. Not only did Team Rho secure a sponsor early enough that it would be possible to find
NETWORK AND SECURITY SOLUTION 11
another should the sponsor back out, we kept our sponsor fully informed of the progress of the
project to make sure they were satisfied and remained on board with the project. Computer Science homework help
Target Audience
Demographics. Demographics are characterized by the shared traits of the audience for
marketing purposes. This includes such categories as age, race, gender, income and occupation
(“The Difference Between”, n.d.). For TheDebneyHouse, we can conclude that the demographic
includes an age range of 18-40, mainly female, with moderate to high income. The town that
TheDebneyHouse is located is in Jasper, TX. The demographics for this region of Texas include
43% Caucasian descent, the median age is 32, and with a male to female ratio of 0.9/1 (“Jasper,
TX”, n.d.). The town demographic aligns extremely well with the clientele that
TheDebneyHouse is tailoring to.
Psychographics. Psychographics are defined as the needs, attitudes and aspirations of the
audience. (“Psychographics”, n.d.). TheDebneyHouse tailors their clothing and accessories
towards those who fancy a bohemian, chic style. With the collection of accessories, individuals
are able to add their own personal touch to any outfit, giving them the individuality they seek.
Personas. Personas are defined by what the business envisions are the end-users likes,
dislikes and what they needs as a whole. These personas enable the business to fine-tune their
marketing efforts to draw in business that meets their end-users demands (“Persona”, n.d.). By
tailoring a persona for the ideal clientele, businesses are better equipped to meet these demands
and provide the best product and service possible.
The persona that TheDebneyHouse is facilitating is the trendy, chic individual who likes
to stand out. This includes the bright colors, prints and accessories that make a statement of their
cool, calm and collected personalities. Their bohemian flare corresponds with the demographics
and psychographics, enabling the personas envisioned for their clientele to be met.
NETWORK AND SECURITY SOLUTION 12
The Problem
Problems, Opportunities, and Directives. TheDebneyHouse is a relatively new
boutique, working to create more exposure to the demographics they tailor to, as well as increase
their social media presence. Consideration should be made in creating a campaign to boost
public awareness, and with the creation of a social media presence, their exposure would likely
increase. This not only provides opportunity to boost sales, but also will facilitate increased foot
traffic, customer, and purchase data. All of this is limited by their current exposure, but is evident
as being an advantageous approach to promote growth and increased opportunities. The
directives, which are defined as “strong requests or orders given by a decision maker in a
business” (McQuerrey, n.d.), are evident. TheDebneyHouse needed to increase their exposure
and foot traffic, while providing a stable and effective customer experience, which in turn will
ultimately increase public awareness.
Interviews, Observation, Benchmarking. After interviewing the sponsor, it was
determined they needed greater network security, as well as increased network coverage.
Customers were also questioned regarding how they prefer to shop, and what would enable a
more efficient experience while shopping. This provided an increased incentive for the business
to effectively implement the new wireless shopping through remote POS systems with the use of
iPads.
After completing a walkthrough of the building, it was observed that their present
wireless technology was lacking, and inhibited their remote POS systems from being as effective
as was originally intended. The interviews and observations made allowed for informative
benchmarks to be created facilitating these implementations. Team Rho was then able to come
NETWORK AND SECURITY SOLUTION 13
up with a plan to broaden network coverage and increase network security to further their remote
POS system and increase their customers’ experience. Computer Science homework help
Figure 1. SWOT Analysis.
Strength, Weaknesses, Opportunities, and Threats. The SWOT Analysis for
TheDebneyHouse is illustrated above. Regarding their strengths, TheDebneyHouse have a solid,
clean and inviting website, which provides the aesthetic that the company is trying to convey.
Not only are the customers of the utmost importance to them, but their employees are given just
as much consideration. By having a fine-tuned hiring process, and means of selecting candidates
that will facilitate their attitudes and culture, they are able to effectively create an atmosphere
that promotes better customer service and an overall better experience for the customers.
The weaknesses that TheDebneyHouse faces are that of their lack of advertising and
social media presence. These days, the need to be mobile accessible is imperative in order to stay
viable in the market, especially when it comes to being a niche market. Another aspect that needs
NETWORK AND SECURITY SOLUTION 14
re-work is the security of their network. They experience dropped connections, and dead-zones
that can inhibit transactions from going through, as well as the vulnerability of unauthorized
individuals accessing and potentially corrupting their network. Another aspect that needs to be
considered is the effectiveness of their database, and the need to ensure that the proper data is
being collected, and efficiently providing information to propel the business forward.
Opportunities that TheDebneyHouse can take advantage of are setting up booths at
farmers markets or bazaars to increase their marketing efforts. This allows them to be seen by
individuals that wouldn’t have found them otherwise. Another opportunity TheDebneyHouse can
capitalize on is the guest Wi-Fi network that Team Rho has put in place. Free guest Wi-Fi
provides an excellent way to attract customers to the sponsor’s business.
Some of the threats that TheDebneyHouse faces are that of similar style boutiques with
established clientele. This can pose a threat, as TheDebneyHouse needs to find a way to stand
out from the others. Another threat is in their ability to compete within their market in
technological terms, such as the need to create greater reaching tentacles across the web to
promote more traffic, both online and in their store.
Project Scope
The justification for this project is to strengthen and broaden the wireless coverage to
eliminate dropped connections at TheDebneyHouse. Due to the size of the building and currently
only having one wireless connection, speeds can be spotty, interrupted and dropped. The project
will consist of upgrading their existing technologies with new software and hardware, which will
be provided by Ubiquiti Networks. The networks have to also provide top of the line security,
since protecting the company’s information assets is the top priority. TheDebneyHouse had
NETWORK AND SECURITY SOLUTION 15
discrepancies in their Internet security protocol, so that was one asset that needed updated. There
are major advantages to supplying security to a company and their business module.
These are sometimes undervalued. “It’s not about risk avoidance. It’s about what risks a
business can take to allow them to be agile, reactive and move fast to market. We need
businesses to find that right tipping point between the risk and reward that is right for the
company” (Atlantic, 2017, para. 5). Vulnerabilities can never be 100% secure, however,
minimizing the attack is well worth the cost. This technology also allows the IT team to manage
and access systems their remotely. The expectation and goal is to have minimal dropped
connections, dependable connection and secure networks for the consumers and the company
itself, as well as provide alternative means of performing transactions should issues arise with
the ISP (Internet Service Provider). This can assist in a more efficient company, increased foot
traffic, as well as successful business management.
The wireless local area network design should provide a scalable network, capable of
supporting current and future data communication requirements. The project will include a plan
to reuse existing network hardware and software, while staying around or under the $1000
budget. The proposal will also consider the use of a Wi-Fi Analyzer, to assist in analyzing which
channels are in use, and to identify the best channel the router should be set on. Finally, the
project proposal will recommend methods to secure the network infrastructure.
Product related deliverables that could be used are surveys for the current consumers. These
surveys can assist in improving slow points or holes that are encountered. By mapping the whole
project out, Team Rho has a better understanding of the structural layout, which includes the
square footage, obstacles and points of interference, as well as the needs and expectations of the
NETWORK AND SECURITY SOLUTION 16
sponsor. It is much easier to illustrate the needs and potential risks or constraints when a visual
representation of the facility is utilized, much like the use of a blueprint is for an architect.
The criteria used to measure the success of this project will be based on the survey results:
Was the project completed within the planned time? Was it able to be completed under the $1000
budget? The other criteria are the output from the project. The project completion date is
expected to be January 31, 2018. If the project generates the expected terms, then it was
considered a success.
Prerequisites
Prerequisites are defined as being something that is required prior to another task
beginning (“Prerequisite”, n.d.). The project had one major prerequisite to address before the
remaining objectives could be considered. This was the issue of wireless coverage. The wireless
network need to be stable, secure and able to span the entire building. In order to accomplish
this, a physical walkthrough was needed to ascertain the trouble areas and potential obstacles that
could be impeding the wireless transmissions.
The second prerequisite for the project was securing the network transmissions. Being
that they operate wirelessly, they require secure transmissions of their information assets and
daily transactions. The need to segregate the employee and customer wireless traffic is
imperative. By creating VLANs (virtual local area networks) for the company’s employees and
customers, there is increased control of resources. This provides more piece of mind when
information assets are transmitted wirelessly. This also provides easier monitoring of guest
access and the ability to shut down the guest portal when the business is closed.
NETWORK AND SECURITY SOLUTION 17
Assumptions
Project assumptions are considered events that are “expected to occur during a project’s life
cycle, often without any proof” (Tran, 2016). It is the understanding of Team Rho that the
infrastructure is suitable for setting up an additional access point, to enable a wider range of
service within the building. As mentioned previously, the building is a 3000-square foot home
that has been converted into a sales facility. Their initial wireless network was weak or nonexistent in certain areas, so the implementation of an access point would eliminate these dead
zones. Team Rho assumes that there are no reasons not be able to connect a wired access point
via an Ethernet, as the structure is made of wood. Though it is an old building, it is not a
historical landmark and the owners desire a fully functional WLAN.
The budget for this project is $1,000, leading Team Rho to assume that the owners do not
want to go over. We believe that our team will be able to provide the desired product to the
owners under budget and be delivered within the timeframe quoted. We have priced out the
hardware and understand the requirements. Team Rho is not charging for labor, so that will also
contribute in keeping the costs to a minimum. The support we will receive from them, assuming
that they are happy with the proposed implementations and trust us, will be full compliance. We
will need them to purchase the UniFi Cloud Key so that our team will have the capability to
remotely access their WLAN for troubleshooting purposes, when necessary.
When complete with the project, the hardware and software required will be estimated to be
under budget. The remainder of the budget can be used for additional upgrades, if so desired.
One option for TheDebneyHouse could be a wireless and remotely monitored security camera
system. Another option could be a wirelessly networked set of monitors displaying their products
on runway models playing on a loop.
NETWORK AND SECURITY SOLUTION 18
Project Constraints
There are six major aspects when it comes to project constraints; time, cost, scope,
quality, benefits and risks. When considering the efficacy of a project, these constraints should
be weighed and considered, as they enable greater control over the project (Siegelaub, 2007).
The following section of the paper will go into more detail regarding all areas tied to project
constraints.
The time constraint did not appear to be a concern, as in the proposal, Team Rho allotted
more than enough time to complete the deliverables. The cost constraint was also a non-issue, as
the budget more than covered the purchase of the equipment needed. The scope constraint was
controlled as the sponsor articulated a thorough outcome for what they were looking to do, which
significantly decreased the chances of scope creep. The quality constraints for the project were
also controlled by way of sticking to the scope of the project during each iteration and
deployment. This approach ensured that each element to be delivered was completed without
deviation. Regarding the benefit constraint, Team Rho provided weekly updates to the sponsor to
ensure that the project was continuing to prove itself as a worthwhile endeavor and investment of
their money. By involving the sponsor during each iteration Team Rho was able to move forward
confidently and remain diligent in providing the best product for them.
The only foreseeable risk constraint we faced is that Team Rho is geographically
dispersed. We have team members in Maryland, Nevada and California, while our sponsor is in
Texas. Daniel, the Project Manager, is in Texas and has the ability to perform the hands-on
portion and implementation of the project. However, with the use of collaborative technologies,
he is able provide training and updates to the team utilizing Google Hangouts, Drive and Zoom
NETWORK AND SECURITY SOLUTION 19
video conferencing. This enables all members of the team to be involved when conducting
maintenance and troubleshooting procedures.
Project Schedule, Deliverables, and Budget
Project Schedule
Team Rho utilized collaborate sessions each week to ensure that the agreed upon
schedule for each task was met. The major contributor to having a successful project was that we
stayed on schedule, or ahead of schedule. It also allowed us to collaborate on issues we had
encountered during that week, so that way we could work on preventing it the following week.
Below is one visual into how Team Rho’s weeks were broken down into both the Gantt chart and
project schedule.
NETWORK AND SECURITY SOLUTION 20
Figure 2. Gantt chart.
NETWORK AND SECURITY SOLUTION 21
Table 2. Project Schedule.
Along the way, to assist with time management, Team Rho utilized the Gantt chart to
make sure each task was addressed and completed. By utilizing the Gantt chart, we were able to
estimate the hours needed to complete the tasks at hand. We found it important to list all tasks
prior to getting started and to determine how long it may take to complete them. The Gantt chart
also allowed the Project Manager and the rest of the team to view the progress and see if the
team was on track. “The advantages of using a Gantt chart are that it helps you monitor the
progress of your project and to set priorities” (Tran, 2015, para. 5). Unfortunately, Gantt charts
are more like guidelines; therefore, creating a burndown chart enabled Team Rho to compare the
proposed schedule of the Gantt to the actual progress being made.
The Burndown Chart is a visual representation of the progression throughout the project
life cycle, and enabled Team Rho to discern actual versus ideal progression of tasks. This
assisted us in staying on track, and gave us the ability to re-evaluate project duration when there
were deviations from the ideal estimates for the tasks.
NETWORK AND SECURITY SOLUTION 22
Figure 3. Burndown Chart.
NETWORK AND SECURITY SOLUTION 23
Project Deliverables
Figure 4. Network Topology (proposed network backbone).
(Additional information on hardware deliverables can be found on pages 30-32.)
The proposed network topology consists of using the current router/modem combo that
was provided to TheDebneyHouse by their ISP and inserting other hardware and software
components to bolster security and network coverage. The Unifi Security Gateway firewall, TPLink 5-Port Gigabit Switch, and Ubiquiti AP-PRO access point are the hardware components
that will be installed. In addition to those pieces of hardware, the Ubiquiti Cloud Key will be
connected to the switch on a dedicated port to provide remote access to the network for Team
Rho.
NETWORK AND SECURITY SOLUTION 24
Software and service will include the bundled Ubiquiti UniFi software that will facilitate
network security administration, as well as the LastPass password database service for
heightened security. The Shopify purchasing system that is already in place will continue to be
used. The proposed topology will deliver the needed network coverage and security for the
sponsor. TheDebneyHouse will continue to use existing iPads for their mobile PoS system, as
well as their current desktop PC.
Figure 5. Example of the Ubiquiti hardware and software.
Budget
The sponsor set a budget cap of $1000, which was to include all of the hardware,
software, and configurations.
The items we needed the sponsor to purchase totaled $346.05 of the budget, which
includes:
NETWORK AND SECURITY SOLUTION 25
Item Cost
Ubiquiti Networks Unifi 802.11ac Dual-Radio PRO
Access Point (UAP-AC-PRO-US)
$130.51
Ubiquiti Unifi Cloud Key – Remote Control Device
(UC-CK)
$76.02
Ubiquiti USG – Unifi Security Gateway $119.53
TP-Link 5-Port Gigabit Switch $19.99
Table 3. Hardware Costs.
The sponsor agreed to the purchase of the Access Point and Cloud Key, and expected
delivery of these items by Monday, December 18, 2017. This allowed the team to start the
implementation process and provide a visual, hands-on demonstration to the sponsor as we began
to develop the foundation. The USG was purchased after the configurations were completed on
the Access Point and Cloud Key, which was towards the end of December 2017.
We utilized only a third of the budget, which will allow for network expansion in the future.
While the solution Team Rho has designed more than addresses the issues TheDebneyHouse was
having, the sponsor may want to expand their network in the future; they may expand their
facilities and require additional access points, or may need to connect more devices to the
network which may require a larger switch with more ports in the future. Also, the remaining
budget could be used to replace equipment that may fail in the future.
Project Organizational Chart
When multiple people are involved in a successful project, you can be safe in assuming that
they all have strengths that complement each other, and that effective communication among
these persons are maintained. When creating an organizational chart, you are doing just that,
NETWORK AND SECURITY SOLUTION 26
building the ultimate hierarchical structure that articulates each individuals roles and to whom
they report.
The authority over this entire project was the Sponsor, who provided the details of the issues
they were having, set the budget and project deadline. The Project Manager was in direct contact
with the Sponsor to communicate effective ways of implementing their needs within their scope,
time and cost constraints. The business developer provided support to the project manager, such
as ensuring deliverables and documentation were completed on schedule. The technical analysts
reported to the project manager in regards to action items and solutions to each sprint of the
project. The analyst’s also corresponded with the business developer to stay on schedule and
provide revisions where needed.
Communication was entirely remote between the project manager, business developer and
technical analysts, with the use of video conferencing, shared documents and constant updates
communicated through Google Hangouts. The Project Manager communicated with the Sponsor
in person, as well as through phone calls and emails, to keep them apprised of the project status.
This structure allowed the project scope to be controlled and minimized potential problems of
scope creep.
Team Rho was able to develop a methodical approach to remote collaboration that enhanced
our understanding and ability of achieving projects while being in different states. We also
understand that this is still an opportunity to be efficient and productive from around the world
so as long as there is sufficient internet service. The planning and administrative portions of the
project are able to be completed remotely however, when the implementation process begins,
there must be at least one member of the team available for the install. In this case, it was our
project manager who was on site at TheDebneyHouse in Texas.
NETWORK AND SECURITY SOLUTION 27
Figure 6. Organizational Chart.
Systems Analysis and Review of Literature
Existing Procedures and Systems
TheDebneyHouse is a new public boutique store that operates in the populated city of
Jasper, Texas. However, they experience a lot of traffic to their store, website, and POS systems.
iPad devices for retail and other devices need an efficient and secure wireless solution that is
currently unreliable for optimal workflow. They operate in a 3,000 Sq/Ft historic home with one
(1) wireless connection being their provided modem. They experience dropped connections in
parts of the building and this impedes the ability to use iPad POS systems to checkout customers
and view account details while the customers shop. They also are concerned about wireless
security, since they operate store POS systems and banking on a daily basis, with a lot of
roaming customers and bystanders. There are no standard operating procedures, schedule for
operating hours on the network, security processes, or fallback procedures.
The Physical Description
TheDebneyHouse uses iPads that are wirelessly linked to the current router/modem
combo. The current wireless signal is not capable of providing coverage over all areas of the
NETWORK AND SECURITY SOLUTION 28
facility. The database is maintained on a desktop computer, with one set of login credentials
maintained by Mr. & Mrs. Miranda. They are not sure of what security features are currently
maintained, other than the default settings for the router/modem combo and the operating
system. In other words, they have not been modified from the initial installation. The current
topology is pictured below:
Figure 7. Current Topology.
The Conceptual Description
For the wireless network that is being implemented for TheDebneyHouse, Team Rho
planned to utilize various pieces of hardware and software provided by Ubiquiti Networks. These
components will provide the wireless network coverage, security, and a management solution the
Sponsor was looking for. Below is a visual the proposed topology for the network and security
implementation. Each of the network components will be discussed in the following section.
NETWORK AND SECURITY SOLUTION 29
Figure 8. Proposed Conceptual Design.
Information Design: Data Structures, Databases, and Communication
Software. The software that will be used to manage the network is Ubiquiti’s UniFi
Network Management Controller. The UniFi application is an intuitive and user friendly
software, that allows for complete network configuration, control, and monitoring of the
network, both on-site and remotely (Ubiquiti Networks, 2017). Remote access will allow
technicians to troubleshoot, and even correct network issues, without the need to visit a physical
location. Nearly everything except for hardware replacement can be handled through the UniFi
Controller, and the software comes bundled with the hardware components at no extra charge.
NETWORK AND SECURITY SOLUTION 30
Hardware. TheDebneyHouse project will feature 4 pieces of Ubiquiti hardware: Ubiquiti
802.11ac AP-PRO, Ubiquiti UniFi Security Gateway, TP-Link 5-Port Gigabit Switch, and
Ubiquiti UniFi Cloud Key.
Figure 9. Ubiquiti AP-Pro Access Point.
The Ubiquiti 802.11ac AP-PRO (AP-PRO) is the access point that will provide
TheDebneyHouse with its wireless connectivity for the mobile workstations. The AP-PRO is a
simultaneous dual band access point that features speeds of up to 450 Mbps on the 2.4 GHz band
and speeds of up to 1300 Mbps on the 5 GHz. This access point also has 3×3 multiple input and
multiple output (MIMO). MIMO is a radio technology that uses multiple antennas to receive and
transmit, and allows for multiple signal paths to be used (Poole, n.d.). This allows access points
to increase the amount of traffic on each channel. The AP-PRO can be powered with Power over
Ethernet (PoE) technology and comes with a PoE adapter, as well as an independent power
supply. The unit also comes with wall and ceiling mounts, and can be used indoors and outdoors.
The Wi-Fi coverage area of the AP-PRO is 400 feet, which is more than enough to meet the
current needs of TheDebneyHouse.
Figure 10. UniFi Security Gateway Firewall.
NETWORK AND SECURITY SOLUTION 31
The next piece of hardware that will be discussed is the UniFi Security Gateway (USG).
The USG grants TheDebneyHouse the ability to set advanced firewall policies, setup virtual
network segments, and manage network traffic for security purposes. The USG is also capable of
providing site-to-site virtual private network (VPN) to encrypt private data travelling over the
Internet. The device is wall mountable and comes with a 12VDC power supply; it features one
RJ45 Serial Port with an additional three 10/100/10000 RJ45 data ports. The unit has a dual-core
500 MHz processor for packet processing, 512 MB of DDR2 RAM, and 2 GB of flash storage on
board (Ubiquiti, UniFi Security Gateway Datasheet, 2017).
Figure 11. TP-Link 5-Port Gigabit Switch.
TP-Link 5-Port Gigabit switch will be used for connecting devices and monitoring traffic
on TheDebneyHouse’s network. A switch is a device that connects devices on a network, and
directs traffic to avoid collisions that could slow down the network. Switches also increase the
number of devices that can be hardwired on a network. This is in contrast to a hub, which does
not monitor network traffic to prevent collisions, and simply allows for more devices to be
connected (Fitzpatrick, 2016). This switch has 5 gigabit RJ45 ports and is compatible with 10,
100, and 1000 Mbps devices. The device is also plug-and-play with no required configuration
(“5-Port Gigabit Desktop Switch”, 2018).
NETWORK AND SECURITY SOLUTION 32
Figure 12. Ubiquiti Cloud Key Remote Management.
Lastly, the network will use the UniFi Cloud Key to enable remote access to everything
on the network. UniFi Cloud Key functions as a computer and a software controller. In addition
to being able to manage and configure every device on the network, it essentially replaces a
dedicated server. The Cloud Key features a quad core processor, 2GB of RAM, and 16GB of
internal storage. As the datasheet states, the Cloud key enables users to “add, provision,
configure, monitor, and manage all of your UniFi devices, whether in one or thousands of private
networks, all from a central control plane” (Ubiquiti, UniFi Cloud Key UniFi Controller Hybrid
Cloud, 2017).
Network. Team Rho has been tasked with setting up a wireless network to provide
complete Wi-Fi coverage for TheDebneyHouse’s wireless workstations. These workstations are
how they conduct transactions, and they must be available at all times throughout their entire
facility. When setting up the wireless network for TheDebneyHouse to encompass their 3000
square foot facility, Team Rho will utilize one Ubiquiti Networks UAP-AC-PRO access point
(AP). The range for the access point is 400 feet, so it will provide the coverage needed for the
mobile workstations (Networks, 2017).
The UAP-AC-PRO provides simultaneous Dual-Band 2.4GHz and 5GHz support with
speeds up to 450Mbps and 1300Mbps respectively. The AP also features 2-10/100/1000 Ethernet
NETWORK AND SECURITY SOLUTION 33
ports and one USB 2.0 port, and it features PoE capability with an included adapter. Other
technical specifications of the UAP-AC-PRO include support for 802.11 a/b/g/n/ac Wi-Fi
standards, three dual-band antennas, and WEP, WPA-PSK, WPA-Enterprise (WPA/WPA2,
TKIP/AES) wireless security features (“Networks U.” , 2017).
The detection of rogue APs, such as evil twin and man-in-the-middle-attacks on the
network is also a concern. The author of the CWNA Guide to Wireless LANs, Mark Ciampa,
writes, “An evil twin is an AP that is set up by an attacker. This AP is designed to mimic an
authorized AP, so a user’s mobile device like a laptop or tablet will unknowingly connect to this
evil twin instead” (2013). Ciampa also explains the issue regarding man-in-the-middle attacks.
“This type of attack makes it appear that the wireless device and the network computers are
communicating with each other, when in fact they are sending and receiving data through an evil
twin AP…” (Ciampa, 2013). Since TheDebneyHouse uses mobile devices to complete sales and
process transactions, as well as collect customer information, rogue APs on the network could
pose a serious threat.
While there is still a risk of rogue AP attacks, utilizing only one AP for the network helps
to minimize the risk. With constant monitoring through the UniFi network software utilized by
Ubiquiti, any suspicious devices would easily be detected. MAC address filtering and port
blocking will be used as well to mitigate rogue APs.
Every piece of hardware is coded with a MAC address that is unique to that device. The
article Security safeguards over wireless networks states “Media-access control (MAC) address
filtering can be used to limit access to only identifiable network cards with approved MAC
addresses” (Siegel, Levine, & Siegel, 2004). Port blocking is another security technique that will
NETWORK AND SECURITY SOLUTION 34
be utilized. Port blocking prevents network traffic on a designated port, increasing control and
minimizing unauthorized access into the network.
The UAP-AC-PRO currently supports wireless standard 802.11ac, but the HighEfficiency WLAN task group is working on a higher standard known as 802.11ax. 802.11ax
offers higher throughput speeds and a host of other improvements over 802.11ac that will
facilitate the use of high definition sound and video (Bellalta, 2016). 802.11ax is expected to
replace the 802.11ac standard in the next few years. While the UAP-AC-PRO access points
should be sufficient for the foreseeable future, TheDebneyHouse should consider upgrading their
equipment when 802.11ax becomes commonplace.
Another area that TheDebneyHouse should prepare for in the future is expanding their
technology as the business continues to grow. The beauty of the Ubiquiti Network tools is that
they make expansion and remote configuration intuitive and simple. If TheDebneyHouse intends
to open another location or expand on the location they are currently occupying, all they would
need to do is purchase additional equipment and connect it to the UniFi software, and they can
manage the entire network. The hardware and software outlined above will combine to provide
TheDebneyHouse with a full featured wireless network for employees and customers.
Security. The original term “firewall” originated thousands of years ago. The term
“firewall” was in use by Lightoler as early as [1764], to describe walls which separated the parts
of a building most likely to have a fire (e.g., a kitchen) from the rest of a structure (Ingham &
Forrest, 2017). The concept of a firewall is similar when applied to network hardware, as it is a
means of keeping network traffic secure. The idea of the “perfect” firewall would be to block
every packet coming from the Internet into the internal network. However, the purpose of the
NETWORK AND SECURITY SOLUTION 35
security hardware/software is to provide different strategies to organizations to continue normal
workflow while decreasing internal and external threats.
While networks were dependent on routers before the firewall, the concept of routing to
the proper location, isolating threatening packets, and setting isolation points was not enough for
security threats such as malware, MITM attacks, and much more. The firewall device established
security for environments that would act as a “filter” to assist in the prevention of threats.
Covering the background of firewalls is just the beginning, as we will now describe the problems
faced without the security feature.
The problem of not having a firewall, as lightly touched upon in the previous paragraph,
is the threat to internal and external exploits. The initial issue of networking was when only
routers handled the security. The concept of a router is to allow Internet traffic to flow over the
network and be routed to the correct device destination. This started to become dangerous when
technology advanced and networking became vulnerable with threats. These threats included IP
spoofing, malicious packets, MITM attacks, and ARP attacks, to name a few. The main target for
these attacks start at the router/security gateway.
If there are threats, they would be able to circumvent the leasing of addresses within the
router giving them free game to the internal network. Based on a study from the National
Computer Security Association, “61 companies with an average of 2,500 PCs, 300 IP servers and
10 Web servers, 44 percent of the users interviewed reported their systems had been probed by
unauthorized users–even with protection from a firewall” (Tippett, 2017) That statistic is not
only proving the importance of well implemented firewalls but also to show that if firewalls were
irrelevant in networking today, the 44% would be closer to 100%. As we continue the research,
NETWORK AND SECURITY SOLUTION 36
we will provide the solution firewalls that can be used to alleviate the issues that have been
previously been mentioned.
Firewalls are an important factor to consider when securing a network. Firewalls are
powerful because they provide tools like Access Control Lists, Firewall Rules, MAC Address
Filtering, Server Authentication, work with IDS/IPS, as well as many other features. Firewalls
are considered a policy standard in network audits and security plans these days, and as stated by
Northcutt and Novak, “The point of a network is to provide access. Access pertains to
accessibility, providing service, performance, and ease of use” (Northcutt & Novak, 2000). The
points made by Northcutt and Novak are the meaning of a firewall, as the features, such as
ACL’s, allow the engineers the ability to define what is allowed, denied, and IF statements for
potential, unforeseen events. This is critical, as it does not cut down any access to the end user,
but it does cut down major threats. MAC address filters allow engineers to only permit packets to
go to registered and authorized devices. Server Authentication provides another source of
validation to access the network. The Server Authentication also provides the ability to work
with tools that can prevent disaster and increase the reliability for a firewall that is provided to a
network and that particular organization.
Lastly, whether physical hardware or software, firewalls are advancing daily and will
continue to improve upon best practices when allowing access to network resources, while
combating unauthorized user access. Today’s firewalls focus on the network traffic based on
TCP/IP packet filtering. In the near future, TCP/IP based firewalls will be the main go-to.
However, with more applications being web-based, or streamed through the Internet, we are
now, more than ever, in need of Layer 7 firewalls. As Business Communications Review
NETWORK AND SECURITY SOLUTION 37
explains, “all correspondents agree that the next generation of firewalls should move up to and
include Layer 7” (“5 Benefits of Next-Generation”, 2017).
As technology advances, we begin to see more email applications using port 443/80 to
send emails rather than SMTP. There are RDP applications using the web rather than port 3389.
As technology and the Internet continue to advance, so is the need for advancements in firewalls.
In order to provide the same level security present day firewalls provide, next generation
firewalls will have to advance with the new way of technology. Security for the network will be
provided by the USG, which serves as a VPN to encrypt private data, as well as providing port
blocking to prevent potentially malicious network traffic.
Management. Before the Industrial Revolution, there was very little division between
work and home. In the 18th century, “workhouses” were commonplace, in that people worked
and lived in the same building. With the advancements of technology during the Industrial
Revolution, the dynamic shifted to enable the separation of work and home, due to the need for
more space to house the massive machines being developed. With the influx of the workforce,
the how, when and where people worked shifted (Howington, 2016).
In the 1970s, the concept of remote work was coming to fruition. This was the first step
in including individuals in geographically different areas to work together, with little need for
travel. As this became more common, technological advances enabled a more streamlined
approach to collaboration, and more seamless application of ideas (Howington, 2016).
The eventual development of platforms businesses could use to connect remotely propelled the
need for better integration of applications across any number of devices. However, this process
has had its pitfalls, but overall has increased the effectiveness of remote work and management.
NETWORK AND SECURITY SOLUTION 38
Some advantages that have enabled the forward movement of remote management
include increased efficiency, more frequent communication and exchange of ideas, and greater
interaction with key stakeholders. The ability to share a document on a common platform for all
authorized individuals to access, review and edit, makes for a much more proficient exchange of
thoughts in real-time. This method enables greater productivity and promotes better decision
making (“Working Remotely”, 2012).
With the explosive advancements in technology over the past decade alone, the instances
of remote work have become much more prevalent. However, so have the issues that surround it.
Technology has reshaped the way businesses operate and collaborate, and with this shift new
obstacles have come to light. This includes such problems as technological glitches,
impersonality, and difficulty in training (“Working Remotely”, 2012). Technological glitches
can include interruptions in on-line conferences, telephone calls or transmission of documents
and files, as well as the potential susceptibility to data breaches and eavesdropping by
unauthorized users (“Working Remotely”, 2012).
Another problem that can arise is the remote training of staff. Almost all businesses are
utilizing technology daily. This paradigm shift has left a lot of old-timey workers in the dust, as
they are unable to keep up with the changes. Training is a huge part of ensuring the technologies
in place will benefit the company, and that they are being optimally utilized. This in turn could
create a higher turnover rate of employees, and more time spent training (“Working Remotely”,
2012).
Technology, in general, can be viewed as being impersonal; since tone, affect and body
language are how we generally assess personal and professional situations. Remote work and
management is not much different. Misunderstandings, cultural differences and communication
NETWORK AND SECURITY SOLUTION 39
deficits can promote confusion and loss of productivity. This challenge, however, should
motivate individuals to learn new ways of building rapport and trust in remote communications
(“Working Remotely”, 2012).
In order to be effective in terms of remote work and management, one must always
consider the issues that could creep into any project. By discussing and formulating ways to
combat these issues, a more robust system and information exchange can be developed.
Communication in business is of the utmost importance, and addressing the needs and
idiosyncrasies of those you are working with helps promote more practical and useful business
practices. This can be applied to both working with individuals in person or over the internet.
Communication differences due to culture or education are possible in both, and taking care to
address these issues is advantageous.
Technological glitches put businesses at the mercy of their ISP and networking
equipment. Though there are ways in which to protect data, we can never be certain problems
will not occur. The best way to prevent loss of information due to technological glitches would
be to ensure proper backup methods for both power and data.
In order to address these potential concerns, we are proposing the implementation of a
line of Ubiquiti applications that enable more seamless remote management. The applications
include the UniFi Cloud Key and the Netgear TP-Link 5-Port Gigabit Ethernet Network Switch.
The UniFi Cloud Key provides management with a platform that is able to be accessed remotely,
enabling total control of all aspects of the organization. From handling security and reliability, to
connecting remotely through the cloud interface, Team Rho is able to fix, update, and reset
devices connected to the network (“Ubiquiti Network – Unifi cloud key”, n.d.).
NETWORK AND SECURITY SOLUTION 40
Another aspect of resolving the issues of remote management include the implementation
of video conferencing and document sharing over the cloud. When it comes to the impersonality
aspect of telecommunicating, the use of video conferencing can help combat detachment, and
promote clearer understanding and more effective exchanges. The advantages of cloud
computing add a more real-time dynamic into business practices. Being able to communicate
face-to-face with the client and resolve issues with expediency save both time and money, which
are the ultimate goal of any organization.
The future appears to be a bright one in terms of the growth in working and managing
remotely. Video-conferencing, document sharing through the cloud, flexibility and increased
productivity, to name a few benefits, have increased the dissemination and collaboration of ideas
all over the world. Working and managing remotely has also decreased the cost of brick and
mortar businesses, freeing up more capital to invest in the latest technologies and create a more
malleable, cost-efficient business model. The future holds many possibilities for remote
management, and the sky’s the limit.
In regards to TheDebneyHouse, Team Rho proposes to implement a better network,
which will improve the wireless coverage and security of their business data and information.
Through the use of cloud computing, wireless LANs, firewalls, APs and remote management,
Team Rho is able to propose a robust, secure and functional network for the client. Through the
examination of each aspects background, problems, solutions and future research, Team Rho
feels confident that the technologies to be implemented will help propel their business forward.
Thanks to the UniFi Cloud Key and Ubiquiti’s UniFi Network Management Controller, the
entire network can be monitored and managed remotely at any time by anyone with
administrator privileges.
NETWORK AND SECURITY SOLUTION 41
Problems Identified – An Analysis
After interviewing the sponsor, it was determined they needed greater network security,
as well as increased network coverage. Customers were also questioned regarding how they
prefer to shop, and what would enable a more efficient experience while shopping. This provided
an increased incentive for the business to effectively implement the new wireless shopping
through remote POS systems with the use of iPads.
After completing a walkthrough of the building, it was observed that their present
wireless technology was lacking, and inhibited their remote POS systems from being as effective
as they were intended. The interviews and observations allowed for informative benchmarks in
order to facilitate these implementations. Team Rho was thus able to come up with a plan to
broaden network coverage, increase network security, and promote their remote POS system to
increase their customer’s experience.
Project Goals and Objectives
Full Project Goals and Objectives
The project that team Rho is undertaking for TheDebneyHouse is a complete redesign of
their small business network, including enhanced network coverage, increased security
measures, and remote network management. Team Rho is also assisting the sponsor with
employee training and troubleshooting. Aside from the tablets and personal computer that
TheDebneyHouse is currently using, all the hardware on the network is being replaced with new
hardware from Ubiquiti Networks.
TheDebneyHouse utilizes a mobile point of sale (PoS) system that uses iPads to make
sales while salespeople are moving around the store with the customers. In its current state, the
NETWORK AND SECURITY SOLUTION 42
lack of network coverage interrupts employees servicing customers because the salespeople have
to move back inside the coverage area of the network to access the PoS system. By adding a
centrally located access point (AP), Team Rho will ensure that the entire store will receive an
excellent level of coverage.
Utilizing the Ubiquiti suite of software and hardware, which includes the AP, Unified
Security Gateway firewall, network switch, cloud controller, and UniFi software, Team Rho will
also address security concerns. Techniques such as port blocking, virtual local area networks,
whitelisting/blacklisting, user grouping, and updates/rollbacks to firmware, are all easily
available and implemented using the UniFi software. The cloud controller also allows for Team
Rho to access the network and all its features remotely at any time to assist in configuration and
troubleshooting.
Another security measure that Team Rho is using for TheDebneyHouse is LastPass
password manager. LastPass is a free service that generates and stores passwords for multiple
sites and locates them in a secure place. In addition to being a password database,
TheDebneyHouse will be able to store digital records using LastPass as well. Michael Ansaldo
of PCWorld writes, “Coming up with unique, complex passwords is one of the biggest obstacles
to practicing good security. LastPass dramatically eases this burden with a powerful password
generator that auto-creates up to 12-character passwords using upper and lower-case letters,
numerals, and special characters” (Ansaldo, 2017). LastPass makes secure passwords, stores
them, stores digital files, and keeps them all secure.
The budget for TheDebneyHouse project is $1,000. The total for all of the Ubiquiti
hardware comes to a total of around $600 and the UniFi software is bundled in with the hardware
NETWORK AND SECURITY SOLUTION 43
for free. LastPass is a free service, but also offers a paid service as well for $2 a month per user
(LastPass, 2017). When the project is complete it should come in at $300-$400 under budget
which should be very pleasing to the sponsor.
The time frame for completing the project was initially 4 weeks from start to finish.
There was unfortunately a delay in procurement of some of the hardware, so completion of the
project has been delayed until the first week of 2018. The finished written report will be
completed and ready for presentation by the last week of January 2018.
Class Project Goals and Objectives
Team Rho’s goals and objectives for this project were to implement all of the expertise
and information acquired over the course of the ITM program, and apply the knowledge in a
real-world scenario. We were lucky to find a sponsor that needed assistance in developing a
more functional and secure network for their business. By dissecting the program learning
outcomes, we feel strongly that we will be able to provide a sound solution for our sponsor.
There were four major objectives that Team Rho used as criteria to judge the success of
the project. First, the sponsor needed a network that supplied complete Wi-Fi coverage to their
entire facility with no dead zones. Second, the entire network needed to be secure, not just to
protect the sponsor, but to also protect sensitive customer information. Next, the team needed to
do our best to remain within the $1,000 budget that was allocated for the project. Lastly, and
maybe most importantly, Team Rho needed to satisfy the sponsor’s expectations for the project.
Most of the members of Team Rho had little or no hands on IT experience. The project
for TheDebneyHouse is giving us the opportunity to put the knowledge they have gained during
the National University Information Technology Management (ITM) program to use in a real
NETWORK AND SECURITY SOLUTION 44
world environment. Getting real world experience is one of the most important objectives, not
only for the project, but for the entire ITM program.
Application Requirements
Business Requirements
Since TheDebneyHouse is still a relatively new business, they are continually finding
aspects of their business model that need to be fine-tuned. They have come to realize, that in
order to be viable in the market of niche boutique sales, they need to stand out from the rest of
the pack. By implementing iPAD PoS systems, they are taking a step towards increasing the
customer service experience, and changing the way their customers are able to shop. Therefore,
they require a stable, and secure wireless network to facilitate the iPADs connectivity to
complete transactions and review customer account details.
Digging deeper into the needs of the wireless network is that of segregating the
availability of network resources. They would like to feel more secure when processing
transactions, and mitigate any chance that bystanders are able to tap into their information assets.
The third business requirement that came to light during Team Rho’s discussions with
TheDebneyHouse included the desire for remote management of their network. Since they do not
have an IT professional on site, they want to ensure that once the new network design is
implemented, that there will be support available for maintenance, troubleshooting and backups
performed, when needed.
Functional Requirements
One of the functional requirements for TheDebneyHouse include the staff being able to
move around the facility and still be connected to the network, in order to provide better
customer service to their patrons. With the use of the iPAD PoS system, the importance of
NETWORK AND SECURITY SOLUTION 45
maintaining a strong wireless connection that is also secure, is of the utmost importance to them.
The wireless network must also cover the entire facility with no dead zones, because dead zones
take attention away from the customers as well as inconvenience the employees.
The second functional requirement is scalability. TheDebneyhouse would like to have
technology implemented that will allow them to expand upon if and when they decide to increase
the business, or move locations. This will allow them to keep costs down by not having to
purchase all new hardware to meet the increased demand. By using Ubiquiti hardware, they can
easily expand their network by adding new plug and play devices, such as a larger network
switch or additional access points.
The third functional requirement is that of availability. The sponsor expressed the need
for consistent and reliable connectivity to perform business transactions. This means that they
want to ensure that their information is being collected and input into the proper databases, and
that they are able to pull this information to make decisions regarding the business.
Technical Requirements
The technological requirements of TheDebneyHouses’ project need to meet the minimum
requirements discussed to improve their Wi-Fi stability, remote access, and enhanced security.
However, Team Rho is expecting to not only meet minimum requirements but exceed
expectations while still maintaining the budget, time and scope. The products projected for the
project will provide enhanced features and create future-proof solutions. The infrastructure is
renovated and the existing POS system and devices are updated so no further hardware
requirements besides the networking equipment are needed. The wireless network being
implemented will be able to handle all the devices as well as all guest devices that are present
during the working hours. Our development team has the process needed to help enhance
NETWORK AND SECURITY SOLUTION 46
security and provide remote access, such as the cloud key for cloud remote access, ports, firewall
configurations, and network configuration needed to provide the necessary result. Our project
does not require any additional work from the sponsor regarding the end result to fulfil the
project requirements.
The Solution
Solution Description
Team Rho, has conducted a very detailed and in-depth analysis of TheDebneyHouse’s
initial network setup and security standards. As a team comprised of a project manager, technical
analysts, and a business developer; we carefully sculpted their proposed network topology and
security analysis implementations. The initial solution was a standard setup from AT&T that
consisted of the basic router/modem combo in an inconvenient location of the retail space.
After diagnosis of dead spots, interference and weaknesses in hardware, we concluded
the retail space would operate more effectively with the Ubiquiti Suite (Access Point, Cloud
Key, and Unified Security Gateway.) The AP covers the full square footage of the retail space
including enough over-coverage to compensate for the dense walls and metal structure in some
locations. The Cloud Key allows our technical team and support to remotely access the network
setup to troubleshoot and implement changes over distances and on last-second calls. The
implementation of the USG will provide the network infrastructure the ability to use ACL’s,
Whitelists, RDP Ports, as well as other Port security and filtering.
Lastly, the importance of an in-depth analysis of the security was imperative. Team Rho
proposed the use of LastPass, which would increase passwords strength, provide a hierarchy for
permission setting for the various platforms, as well as implementing security audits for
NETWORK AND SECURITY SOLUTION 47
customer assurance. The use of LastPass encryption for storage of passwords and information
will significantly increase their pen & paper system, as well as more efficiently enable staff to
get what they need securely.
Future opportunities for TheDebneyHouse would be to include wireless and remotely
monitored security camera system and wirelessly networked set of monitors displaying their
products on runway models playing on a loop. We found Arlo NETGEAR Security System – 4
Wire–Free HD Cameras, Indoor/Outdoor, Night Vision for less than $360 online (“100%
Wireless HD”, n.d.). This could be the solution to their wireless physical security needs. We also
discussed upgrading hardware, such as switches, to add additional AP’s if necessary. However,
as it stands, the coverage by the single AP is currently sufficient. Hardware doesn’t always last
forever, so it is be expected that at some point, it would be necessary to upgrade.
Cost and Benefit Analysis
The initial budget from TheDebneyHouse was $1,000. After agreeing on the hardware of
choice, Team Rho strived to meet, if not significantly come below, the budget to prove security
is affordable and results are dependent on implementation for the specific situation.
NETWORK AND SECURITY SOLUTION 48
Item Cost
Ubiquiti Networks Unifi 802.11ac Dual-Radio PRO
Access Point (UAP-AC-PRO-US)
$130.51
Ubiquiti Unifi Cloud Key – Remote Control Device
(UC-CK)
$76.02
Ubiquiti USG – Unifi Security Gateway $119.53
TP-Link 5-Port Gigabit Switch $19.99
Table 4. Hardware Costs.
With the purchase of the necessary hardware for the implementation, Team Rho was able
to provide a solution well under budget, and provided results that exceeded our sponsor’s
expectations. This enabled the sponsor to reallocate the remaining budget to invest in security
cameras and other features to improve their customers and personal business experience. This
achievement was priceless, as TheDebneyHouse is now much more secure and efficient in their
retail space.
Costs Benefits
Ubiquiti AP-PRO: $130.51 Provides complete network Wi-Fi coverage
for the entire facility
Ubiquiti Cloud Key: $76.02 Allows for complete remote management of
the network
Ubiquiti USG: $119.53 Encrypts data and provides VPN capabilities
TP-Link 5-Port Gigabit: $19.99
Connects devices to network and monitors
traffic to avoid collisions
Table 5. Cost-Benefit Analysis.
NETWORK AND SECURITY SOLUTION 49
Other Alternatives
Team Rho does not have an alternative solution due to our intensive analysis and
research. Numerous trials, possible failures, and obstacles have been tested and all possible
failures that could be encountered led us to believe our solution did not require an alternative.
Our solution has fallbacks and fail safes, and was analyzed extensively in case of instances
where hardware or processes were lacking. This is due to our very detailed and tedious risk
mitigation planning as a well-rounded and experienced team.
However, in case of a disaster and our fallbacks fail as well. An alternative solution
would be the use of a last minute solution/purchase of a consumer solution. This solution would
be the use of the Eero Home Wi-Fi solution (“Stream in every corner”, n.d.). This solution
allows the users to create a simple mesh network throughout the building. This is achieved by
placing the three part system in different locations so they interconnect with each other making a
stable Wi-Fi connection.
NETWORK AND SECURITY SOLUTION 50
Criteria Ubiquiti Solution Eero home wifi Solution
Stable Wi-Fi 802.11 network
with Security
Yes Yes
Below Budget of ~$400 $365 $300
Complete Mesh Coverage for
3,000 sq/ft.
Yes Yes
Remote Access on RDP Port Yes No
Data/Monitoring for Throughput Yes No
Network Security Yes, AES-PSK Yes, AES-PSK
Routine Audits Yes Yes
2x MU-MIMO Yes Yes
Dual-Band Wi-Fi Radios Yes Yes
PoE Yes No
Purchased in-store No Yes
Table 6. Ubiquiti and Eero Comparison.
Justification for Recommended Solution
Team Rho’s justification consists of four main ideas: Create affordable solutions to the
sponsor’s concerns, ensure our solutions meet or exceed sponsor expectations, provide full
network coverage, and provide optimal network security. Our team and our solutions were able
to check off each box, as we not only technologically enhanced the experience and longevity of
the infrastructure, but also enhanced efficiency and optimal performance in TheDebneyHouse’s
retail experience with their customers.
The network for TheDebneyHouse was basic at best, and not sufficient for any type of
business. Network coverage was abysmal and network security was virtually non-existent.
Creating a VLAN for a guest network bolstered security by not allowing outsiders potential
NETWORK AND SECURITY SOLUTION 51
access to the business network. The addition of the USG firewall to monitor and control network
traffic, white/blacklists, port blocking, least privilege principle implementation, and integration
of the LastPass database service all greatly increased the security as well. The addition of the
AP-PRO greatly extended the range of the network to extend beyond the borders of the facility,
and enables employees to deliver the quality of service that the sponsor desires.
Benefits
Full Project Benefits
When Team Rho initially discussed the potential project of incorporating a more robust
wireless infrastructure for TheDebneyHouse, we focused on the benefits that our sponsor would
receive. The immediate benefits consisted of the reduction or elimination of dead zones. With
the elimination of the dead zones, the sponsors and their employees would have the ability to
roam around their facility while assisting their customers with their iPads. Because they would
be able to roam anywhere within the facility, there would be a more intimate and professional
interaction with their customers. This not only creates an increase in customer satisfaction but
also takes TheDebneyHouse to the next level for local small business shopping.
TheDebneyHouse’s improved network coverage goes beyond simply providing a good
internet connection. Their business model is based around being able to give their customers
personal attention, and assist in their buying experience. That personal attention was often
interrupted by having to leave the customer unattended while finding an area of the store where
they could access their network. This was embarrassing, inconvenient, and looked bad for the
business. The new network fully addresses these issues.
NETWORK AND SECURITY SOLUTION 52
As our team delved further into the network, we realized that we needed to address more
than just the Wi-Fi strength in the building. We addressed creating a contingency plan, network
security, additional guest network, user accounts, login credentials, and troubleshooting
procedures. All of these areas are covered in Team Rho’s final network solution.
Class Project Benefits
Understanding of the online environment and collaboration challenges, we all realized
that the benefits of in-person collaboration were not an option. We quickly came to a consensus
that we would use Google Docs and Hangouts for our project. The Google tools were familiar to
all of us from previous classes, so we were able to roll right into the process of collaborating.
Beyond collaborating, we came to understand new tools that were available to us that
would enable us to talk to the project and address numerous learning outcomes. Looking at the
process of how to tackle the project methodically, we started with the most basic idea;
Information Technology Management. The management of information technology for a small
business must address software, hardware, security, network and of course, management.
Beneath all of those main categories come the stakeholders, risk, cost, time, scope,
communication, procurement, project integration, human resources, and quality.
Each of these functions of IT address the successful project outcome when addressed
appropriately. The benefit of focusing on the items listed above will enable us as IT professionals
to apply this knowledge wherever our careers may lead us. Another benefit from this class was
the burn down charts, SCRUM process and understanding how to address each of these tools so
that we, as a team, can address each issue and establish a successful project outcome. All of the
tools learned in this Capstone class, as well as in previous classes, will be tools that we can take
NETWORK AND SECURITY SOLUTION 53
with us for future projects and if retained and utilized properly, we will all be assets to our future
employers.
Project Risks
Every project endeavor comes with risks, whether known or unknown. However, with
proper planning and mitigation strategies, these risks can be circumvented. In regards to
TheDebneyHouse, the operational and developmental risks are minimal, as the project plan
incorporates a strong risk management plan to quell any unforeseen obstacles.
Operational Risks
Operational risks are defined as “the risks a company undertakes when it attempts to
operate within a given field or industry” (“Operational Risk”, 2016). In any information and
technological pursuit, the concern for hindrance in progression can cause delays in the
deliverables, which ultimately increases both cost and time. By examining the project
thoroughly, and assessing what potential risks may arise, will ultimately solidify the risk
management plan.
The previous and ongoing operational risks for TheDebneyHouse project are as follows:
● Cloud service security
● Wireless network coverage
● Integration of database across two platforms is interrupted (Shopify and LastPass)
● Employee training of new systems and hardware
● Hardware malfunctions
NETWORK AND SECURITY SOLUTION 54
These operational risks are broken down in the risk log to illustrate their chance of
occurring, the likelihood that they will occur, and the corrective actions in place should they
come to fruition. Overall, the likelihood of these operational risks occurring is relatively low,
however, Team Rho still wants to ensure that safeguards and preventative measures are in place.
Development Risks
Development risks are the aspects of a project that are uncertain as the project progresses.
This can include communication between the project team members, as well as with the
sponsor/stakeholder, and team learning-curve on new software and hardware. By successfully
defining what the developmental risks are for the project, a more thorough risk management plan
can be created.
In the beginning stages of the project proposal was the risk that once the proposal was
presented to the sponsor, that they would not accept it or would back out of the project alltogether. Another development risk was the geographic disbursement of the team members, and
the coordination of meeting and completing deliverables on schedule. After the initial walkthrough of the store, one of the concerns faced was the building structure impeding wireless
network coverage, and whether that was something that could be alleviated. Being that the store
is in an old building, there was worry that the buildings materials would deter an increased
coverage of the wireless network.
Another development risk we were concerned with was whether the sponsor was willing
to commit to the $1000 budget for the implementation of new hardware and network security.
There was also a risk that the hardware proposed would not be accepted by the sponsor, such as
NETWORK AND SECURITY SOLUTION 55
the Cloud Key. This would not impede the progression of the project, however, it would make
remote management a lot more difficult to facilitate without this piece of hardware.
Risk Management
Risk management is defined as “the technique or profession of assessing, minimizing,
and preventing accidental loss to a business” (“Risk Management”, n.d.). When it comes to any
project endeavor, risks should be considered and corrective actions in place for when they occur.
By anticipating and preparing a plan of action, the potential for risks to derail a project are
minimized.
TheDebneyHouse Network and Security Solution proposed by Team Rho delineated not
only all of the proposed hardware and software updates, but also included potential risks that
could occur during its planning and implementation phases. Some of these risks include the
wireless network being sufficient and reliable for the daily transactions on the POS systems.
Another risk that needed to be addressed was that of training the employees to operate the new
systems and hardware correctly. To help avoid confusion on how to operate the new systems,
hardware and devices, Team Rho crafted a detailed manual for the employees to reference and
familiarize themselves with the new systems. The manual also includes FAQs and
troubleshooting steps.
NETWORK AND SECURITY SOLUTION 56
The Risk Log
Risk
Number
Risk How
Likely is
it?
How Serious
is it?
Corrective Action
1 Cloud service
security breach
L H Backup all data to an external hard
drive and remove information from
cloud. Revisit SLA of cloud
service and find out how they will
rectify the breach
2 Wireless network
coverage fails
M H Create an offline backup system
for each device that will sync up
transactions once the wireless
network goes online again.
3 The integration of
databases across
the two platforms
is interrupted.
(Shopify and
LastPass)
L L The database integration is updated
routinely and each entity (Shopify
and LastPass) has their own
backup process. Therefore, if the
database integration is interrupted
then the connection will be reestablished and new data will be
synced.
4 Employee training
of new systems
and hardware
L H Create a manual detailing all the
aspects of the training material, as
well as a troubleshooting guideline
when technical problems arise.
5 Hardware
malfunctions
L M Keep warranty information
accessible and consider purchasing
backup hardware.
Table 7. Risk Log.
Solution Design
Conceptual Design
Team Rho conducted rigorous planning and incorporated agile project methods to
conclusively design solutions for our sponsor. The solution presented is efficient, budgetfriendly, secure, and most importantly, seamless. This allowed our team of developers,
NETWORK AND SECURITY SOLUTION 57
managers, and analysts to conduct the necessary work, while making the sponsor and their staff
secure and streamlined in their day-to-day processes.
The agile framework consisted of weekly scrum meetings, sprints, and prioritization of
the product backlog, in order to provide the most effective final product within the allotted time
frame, while mitigating any obstacles that may arise. The product backlog helped not only our
team, but the sponsor as well, to understand the priority of tasks and weekly execution plans to
meet and exceed the sponsor’s expectations.
Understanding the sponsor’s feedback and allowing their voice to be heard throughout
the process not only strengthened our relationship, but made our team aware and attentive to the
importance of each task. As explained by Scrum Alliance, “The cycle repeats until enough items
in the product backlog have been completed, the budget is depleted, or a deadline arrives…Scrum
ensures that the most valuable work has been completed when the project ends” (“Scrum
Alliance”, 2016). Through the act of providing demonstrations and conducting numerous
meetings, the team was able to progress and adjust in a structured manner. This was due to the
ease and flexibility of the agile framework. As mentioned, after the product backlog was
completed, new input/output would be updated, and Team Rho would start a new weekly sprint
and continue providing the best possible results weekly.
Data Models
ERM.
1. Strategic – Our main focus is to enhance and expand on the sponsor’s network infrastructure to
provide stable and efficient internet coverage. Our focus is to also future-proof the structure and
provides an increase in efficiency.
NETWORK AND SECURITY SOLUTION 58
2. Operational – We strive to provide the most advanced technological experience for the budget
and enhance the customer experience. This will help TheDebneyHouse’s workflow and
efficiency increase by also providing their customer base with a more enriching experience.
3. Financial Reporting- The increase in security and processes will in turn produce a more secure
and stable financial reporting solution. This is achieved with the new USG, LastPass security,
and other firewall details. These upgrades will provide protection for TheDebneyHouse‘s
information assets and financial reporting.
4. Compliance – Our LastPass solution will allow TheDebneyHouse to be in compliance with the
strict SOC criteria, and Shopify’s payment processing follows PCI compliance, which is in
conformity with the data storage and processes that should be protected by PII compliance
standards. This provides the customer with the most secure experience, while also keeping
TheDebneyHouse safe and secure.
Figure 13. Database/Data Collection.
NETWORK AND SECURITY SOLUTION 59
Detailed Application Design
Identify Data Fields. After several meetings as a team and with the sponsor we
concluded that the below fields are the most important for operation and storage in a database.
The data fields are collected when customers enter checkout information and select the option to
save their information for future use.
– Customer Name
– Customer Address
– Customer Contact
– Customer Orders
– Customer Total Spend
Below is the customer form they agree to complete if they want to become a customer:
Figure 14. Customer Form 1.
NETWORK AND SECURITY SOLUTION 60
Figure 15. Customer Form 2.
Excel Database CSV. We have created a process that allows us to extract the customer
information from the ecommerce platform and backup to our LastPass security storage. This
ensures the data is backed up twice and consent from all parties is in agreement.
Figure 16. Database Headings.
The database solution is a combination of already configured API’s from Shopify
meshing together with the LastPass database to store data. The database is a process of Shopify
data being entered by the end user filling out a customer information form, then during checkout
the data of the customer is automatically pulled from the Shopify Database to populate the
checkout form. Once the data is processed, the customer data is then formatted into a CSV file
and sent over to the LastPass database on a weekly basis for backing up. From there, the manual
operation of uploading the hashed and encrypted CSV file into the LastPass database where
NETWORK AND SECURITY SOLUTION 61
additional SHA-256 encryption and 2FA secures the file for future use or replacement as more
files get uploaded. This process is the most efficient, as the security of Shopify’s API does not
allow automatic download and uploads to third-party sources. The management and staff have
been educated on the processes and security steps to be taken to ensure maximum security of the
data. The PCI compliance of Shopify and SOC compliance of LastPass increase the security of
the data even more.
Project Processes and Results
Communication Process
As in any project or endeavor, the efficacy of the communication process between
members is paramount. Regardless of the platforms or mediums of communication used, the
most important aspect is that the members are comfortable and familiar with the exchange of
information and ideas amongst their team. As illustrated by Surbhi Rawat (2016), there are 5
main processes involved in communication. The processes include: 1) Sender, 2) Transmission,
3) Noise, 4) Receiver, and 5) Feedback.
The sender is the individual who initiates a message; the transmission is how the sender
disseminates the information to the receiver; the noise is what could potentially impact or
fragment the transmission, such as a poor telephone connection or an inattentive receiver; the
receiver is the individual the message is intended for/transmitted to; and lastly, the feedback is
the receivers response to the senders transmission. Facilitating a strong means of communication
can help a project move from disjointed and garbled, to being streamlined and professional.
NETWORK AND SECURITY SOLUTION 62
Figure 17. Project Communication Process.
In the beginning of the project, there was ample consideration as to how Team Rho
would communicate and collaborate, being that we are all geographically dispersed. However,
putting together our knowledge of working remotely, we were all able to settle on utilizing
Google Hangouts and Drive. In addition to our remote communication methods, we were also
able to collaborate on managing the network through the UniFi software bundled with the
Ubiquiti products.
Team Rho utilized Hangouts to have both voice/video conferences, as well as instant
messages to each other to keep everyone up-to-date throughout the week, and ask questions or
receive clarification on the sprints. This proved to be an excellent platform to remain in constant
contact, and allow for more real-time responses. It also kept everyone on track and on the same
page for each deliverable needed for the network and security solutions we proposed and
implemented for TheDebneyHouse. Also, during down time between sprints, we were able to get
to know each other on a more personal level, which enabled us to understand each other’s
Transmission
Sender
Feedback
Noise Receiver
NETWORK AND SECURITY SOLUTION 63
strengths, weaknesses and idiosyncrasies. This allowed us the chance to establish trust, and
ultimately solidified us as a strong entity, complementing each other’s abilities, and propelling us
forward with exceptional clarity and understanding.
Regarding our communication process for documents and charts, we decided to utilize
Google Drive. First and foremost, this application was familiar to all of us, which helped in
regards to not having to learn a new platform in the midst of project progression. Google Drive
has all the tools needed to enable the creation of documents, spreadsheets and slide presentations.
It provided a great place to collect everyone’s portion of the project into a single repository;
where everyone could add, view, edit and leave comments regarding the work to be done. Team
Rho is a huge proponent of documentation, and Google Drive allowed us to stay organized
through the creation of folders separating each weeks work, and allowing us to not get lost in a
plethora of “paper”.
Change Control Process
Throughout the life cycle of any project, changes can come up. However, it is how you
control these changes that can make or break the project. The change control process is defined
as a “systematic approach to managing all changes made to a product or system” (Rouse, 2011).
This process is important to ensure that unnecessary changes are not made, that there is proper
documentation provided for the changes, and that the changes will not disrupt or derail the
project. By creating a guideline for the appropriate ways to handle changes, a project is more
likely to succeed, and less likely to involve scope creep.
Team Rho’s proposal for the network and security solution for TheDebneyHouse enabled
us to spec out the bare necessities needed to complete the new implementation. With the strong
NETWORK AND SECURITY SOLUTION 64
proposal we had in place and the sponsor onboard from the beginning, we were able to eliminate
the need for potential for changes once we deployed the new hardware and software. With the
approved budget, and the purchase of the necessary equipment, Team Rho was able to provide
the solution well under budget, yet still provide all the solutions TheDebneyHouse was
expecting. However, in the beginning of the project, there was no real way to gauge if this would
be the case, so Team Rho had guidelines in place to ensure any changes that may be brought up
by the sponsor would be considered, documented, and determined whether or not they would add
or detract from the project scope. The framework was in place should there be any changes,
however, throughout the life cycle, we fortunately did not encounter any change requests.
Escalation Procedures
An escalation plan is “a set of procedures in place to deal with potential problems”
(Rouse, 2007). By creating the procedures to combat any issues that may arise, one can
ultimately halt any detrimental impacts to the project. By having a solid communication process
and change control process, escalations are few and far between. Team Rho has exceptional
communication among each other, as well as the communication between our project manager
and the sponsor. By having complete transparency, and open communication between all team
members and the sponsor, Team Rho was able to avoid any issues or problems.
The only obstacle that we were most concerned with was the weather affecting the
delivery of equipment. However, even with the delay in delivery by a couple days, we were still
in good shape and finished each hardware install within the time frame allotted. We have been
quite fortunate during this process, not only for our sponsor, but for the way everything
essentially fell into place. This was in large part due to Daniel, our project manager, mapping out
NETWORK AND SECURITY SOLUTION 65
an exceptionally detailed plan, which incorporated all aspects needed to provide the sponsor with
the optimal solution for their business needs. Kathy Schwalbe writes, “Planning is often the most
difficult and unappreciated process in project management” (Schwalbe, 2016). A successful
project begins with a solid plan.
Planned Schedule vs. Actual Performance
The planned schedule is currently on track with all hardware and software on order or
already delivered at this time. Daniel is on site and installing as the equipment gets delivered. For
this project, the scheduled time to incorporate all the hardware was ample enough to stay ahead
or at a minimum, on track. Because we scheduled our project around our class schedule, we
planned everything to be completed by the end of January. We have met or exceeded all of our
goals to this point so the planned schedule is on track with the actual performance of the project.
Budget vs. Actual Expenses
The budget was initially set at $1,000; however, we were able to stay substantially below
that budget for our sponsor. Because we are a team of students working for free essentially,
TheDebneyHouse was able to take advantage of our education process while receiving a high
quality product at the cost of only purchasing hardware. We only utilized 34.6% of our $1,000
budget, so our sponsor was delighted for the savings.
NETWORK AND SECURITY SOLUTION 66
Figure 18. Actual Expenses.
Prototype Implementation
Scope of Prototype
During the system development life cycle, Team Rho spent a considerable amount of
time in the planning stage, to ensure that a solid plan was mapped out. Only then did we feel
confident in moving on to the implementation phase. Each of our sprint tasks have been
addressed and to date, we haven’t added any additional stories to our burndown chart. The
implementation stage should be fully completed before entering the next stage of the project life
cycle (Schwalbe, 2015). As each piece of hardware was delivered during the implementation
phase, Team Rho was able to provide the sponsor with the prototypes necessary to ensure the
scope of the project was being met. After all of the hardware was implemented and demonstrated
to the sponsor, we were able to confidently close out the implementation phase.
Development Environment
Team Rho utilized an agile method of project management called The Scrum Framework
for TheDebneyHouse project. Michele Sliger of the Project Management Institute defines the
Scrum method as, “an agile method of iterative and incremental product delivery that uses
frequent feedback and collaborative decision making” (Sliger, 2011). In Scrum, tasks are
NETWORK AND SECURITY SOLUTION 67
completed weekly in what are known as sprints. The project team met in weekly sprint planning
meetings, established tasks and objectives, assigned deliverables to the team members, and
worked on completing those tasks throughout the week.
There are four major tools that facilitate the Scrum Framework and help keep the project
team on track; those tools are the task board, prioritized product backlog, burndown chart and
risk log. The task board is a table used to keep track of what needs to be accomplished, what is
being done to accomplish the task, and what is completed. The prioritized product backlog is a
table that shows the tasks that did not get accomplished during the previous week’s sprint, and
like the task board, what is being done to accomplish those tasks. The team discussed and ranked
the activities on both the task board and the product backlog based on priority. The burndown
chart is a graph that displays the optimal pace for the project to be completed, and is compared to
the actual pace of the project, to keep the team on track. The final tool that Team Rho used over
the course of the project was the risk log. The risk log identified and ranked the risks to the
project based on their severity and potential impact.
Team Rho crafted and set up an enhanced network for TheDebneyHouse. They were
having major issues with their business regarding network coverage and security. Team Rho,
which consists of a project manager, business developer, and three technical analysts, addressed
their concerns with a full suite of Ubiquiti hardware, Netgear switch, and UniFi software. The
products both greatly improved network security, and boosted network coverage to envelope the
entire building. The team made a written proposal to TheDebneyHouse, which included our
proposed budget and IT solutions that addressed all of their concerns. The sponsor was
impressed by the proposal, and authorized the project to move forward.
NETWORK AND SECURITY SOLUTION 68
The project manager lives in the vicinity of TheDebneyHouse, so he was tasked with
installing all of the network components, while the rest of the team worked on other tasks
remotely. These tasks consisted of configuring devices and network settings, establishing
whitelists/blacklists, training employees, developing troubleshooting techniques, setting up
VLANs for separate guest and business networks, and integrating the LastPass password storage
database.
Prototype Quality Assurance and Defect Tracking
We deployed a small prototype network at TheDebneyHouse before making it live to the
staff and public. We did this in order to test all of the equipment and software features. Our
project manager was already familiar with the Ubiquiti suite, and was able to guide the team
through a lot of the software navigation while we were remotely logged into the system; this was
made possible once we were able to procure the Cloud Key, which was necessary for remote log
in. Since the project manager was onsite, he enabled administrator access to the entire team.
After testing all of the hardware, it was free of defects. The software performed brilliantly,
allowing for advanced security features on the network such as the whitelisting/blacklisting of
sites, firewall configuration, VLAN configuration, and port blocking.
The purpose of quality assurance is to prevent the re-occurrence of defects. We have
quality checked all aspects of the network and have determined that everything is working as
expected. Our fall back plan is the ability to remotely access their network using the Ubiquiti
Unifi Cloud Key – Remote Control Device. If for some unforeseen reason their network takes a
turn for the worse, we are able to troubleshoot as necessary as long as they still have access to
the internet. Additional procedures will become available upon future experiences gained which
NETWORK AND SECURITY SOLUTION 69
will contribute to additional quality controls of the network. We can request access to the
network and run tests to ensure the scheduled uploading of the database is occurring and the
network is shutting down during the scheduled down times. We would need to readdress the way
we shut the network down in the future to ensure the wireless cameras are able to stay
operational 24/7. Since quality assurance is ever changing, we will provide training to
TheDebneyHouse owners and staff, to ensure they are up to speed with any changes.
Prototype Deployment
Prototype User Guide & Release Notes
Team Rho worked with the owners and operators of TheDebneyHouse to discuss their
needs. Team Rho presented the sponsor with solutions that would allow them to enhance their
business, increase the foot traffic in the boutique, all while improving their wireless security and
broadening their connectivity. Completing this project required the team to pay attention to detail
in order to meet the sponsor’s exact needs. The projects expected completion date is still on track
for the end of January 2018. The major task that is left is finalizing the documentation.
TheDebneyHouse stated that the modem/router they were using was not providing
enough signal strength, resulting in weak connectivity. This was an important issue that had to be
addressed, which Team Rho ensured would be a priority. Due to the security being low, the
transmission of their important data was at high risk and could be compromised. The way that
we ensured stability and security of their data was by incorporating a Firewall/USG, remote
access, as well as WPA2-AES.
NETWORK AND SECURITY SOLUTION 70
Future Action Plan
Team Rho has been working diligently to keep ahead of what was needed to make this
project successful and provide the best quality of service to TheDebneyHouse. Identifying what
was needed by the sponsor was the most important step to being successful in this project. By
determining which tasks were most essential, the Project Manager was then able to distribute the
workload to each of us and we hit the ground running early. The expectations of this project were
set early on, and were explained in such a way that we were all on the same page, and knew what
needed to be done to make it a success. Establishing the technology and guidelines that needed to
be put in place allowed Team Rho to collaborate and complete the tasks in a timely manner,
which resulted in us having time to complete corrective maintenance, if needed. Our main goal
was to provide TheDebneyHouse with secure and strong wireless connectivity.
Due to the nature of their connectivity, the wireless network needed to be fast,
stable and secure enough for the business operations, as well as customer access. Providing
TheDebneyHouse with information regarding accessibility and troubleshooting for future
reference is something that is expected, as well. With the estimates of the hardware and software,
the implementation of the new systems was well under budget, therefore, a little wiggle room
was provided for the boutique if something unplanned arose in the future. This information will
all be provided to TheDebneyHouse as we get closer to the completion so they can use it as a
guideline.
The future design should allow for accessibility to troubleshoot from a remote
area via software provided by Ubiquiti. This will allow technicians to troubleshoot more in depth
issues and correct network issues without having to be on site. In addition, the database that will
be created will allow the sponsor to use all of the information and data designed in the tables to
NETWORK AND SECURITY SOLUTION 71
show the relationships. With the implementation of this database, TheDebneyHouse will be more
efficient in their business module and the data collection will now be more secure moving
forward.
Lessons Learned
Planning. The planning phase of the project began with identifying the problems that
TheDebneyHouse was having with their current network, and what they wanted from the project.
Once the problems and deliverables were established, Team Rho compiled them into user stories
that were placed onto weekly sprint task boards, ranked by order of importance, and the team
would estimate the time it would take to complete the tasks. The team would then reevaluate the
user stories weekly and plan accordingly.
Team Rho stayed in constant communication throughout the entire project with our
weekly planning meetings. There were a few times when team members were not able to make
scheduled meetings, and when ideas were not communicated as well as they should have been,
but those drawbacks were early in the project, and the team was able to make constant
improvement. Overall, the team did a fantastic job planning the project initially and planning
tasks on a weekly basis.
Systems Analysis. When analyzing the previous system that TheDebneyHouse had in
place for its network, it was easy to see that it was not adequate. They lacked the necessary
network coverage required to run their operations and their network security was weak at best.
They were utilizing a standard router/modem combo that was provided by their ISP and were
still using the default settings. Bradley Mitchell of lifewire.com writes, “The default usernames
and passwords for popular models of wireless network gear are well-known to hackers and often
NETWORK AND SECURITY SOLUTION 72
posted on the internet” (Mitchell, 2017). Not changing the default password for the
router/modem was a significant security risk.
Team Rho established solutions for TheDebneyHouse that provided them with more than
enough network coverage and provided much more advanced security than before. The solutions
provided by Team Rho are also scalable and should be effective for TheDebneyHouse for years
to come. The analysis of the systems that were in place went exactly as planned and made
finding solutions for the problems in the systems easy to address.
Design, Implementation. Team Rho designed a new network topology and security
solution revolving around Ubiquiti hardware and software as well as the LastPass password
database. After designing the proposed network solution, we submitted it to the sponsor for
budget approval. Once the project received approval, we began procurement of the network
components. We purchased the components in two stages and our project manager, who was on
site, installed the components. A small prototype network was tested before full implementation
to make sure all the hardware and software were functioning properly before taking it live for the
business. When all was said and done, Team Rho designed and implemented a network that not
only met all the objectives for the project, but came in significantly under budget as well. The
only thing that could have been smoother would have been being able to procure all of the
equipment at one time, but that was unfortunately out of the team’s control.
Communication. Team Rho’s communication methods were primarily Google Hangouts
and Zoom meetings. We maintained constant communication on a daily basis to ensure that the
team was on the same page through every step of the process, and gave each other updates on the
status of our individual tasks. The level of communication was superb, and the only thing that
NETWORK AND SECURITY SOLUTION 73
could have made it better is if we were all in the same location. Given our geographical
disbursement, communication went as smooth as it possibly could.
Escalation Procedure. When there were any issues with the project, the escalation
procedure was to follow the chain of command that was laid out by the structure of the project
team. Technical analysts would first consult the business developer before escalating the issue to
the project manager. If the issue could not be dealt with, the project manager would escalate the
issue to the project sponsor. The project manager was on site with the sponsor and in constant
communication, so if there were any issues, they could be quickly rectified. By following the
chain of command, we were able to deal with any problems we encountered without having to
needlessly involve members of the team.
Risk Management. The risks involved with the project were minimal and mainly
concerned malfunctioning or defective hardware. To mitigate these risks, we tested all of the
hardware and software in a small prototype environment to make sure everything was
functioning properly. In the case that we had defective or malfunctioning products, we had
plenty of budget space to procure replacements. Another risk could have been the sponsor
backing out of the project, but we secured a sponsor very early in the life of the project, so that if
they backed out, we would have time to secure another sponsor. Lastly, the geographical
disbursement of the team posed the risk of people not staying on task or completing their
assigned deliverables. That risk was mitigated through constant and effective communication
between team members to make sure that everyone was fulfilling their objectives. Thankfully
none of the risks were realized, and even if they were, we had contingency plans for all of them.
NETWORK AND SECURITY SOLUTION 74
Resource Management. Projectinsight.net defines resources as, “…people, materials,
equipment, knowledge, and time” (“Projectinsight.net”, 2018). The bulk of resource
management was done by Team Rho’s project manager, Daniel Mora. He was responsible for
managing the team and delegating responsibility for most of the tasks on the project. Our
business developer, Ashley Samuels, was responsible for managing the final paper and making
sure that everyone was completing their assigned sections on time. This structure for managing
resources worked well for Team Rho and helped to eliminate confusion. By having Daniel
manage resources for the project and Ashley manage the resources for the paper, it allowed the
technical analysts Edward Cook, Josh Hopkins, and Devon Blakely to focus on the task of
producing deliverables for both.
Client Acceptance Criteria
Client Full Project Acceptance Criteria
The client acceptance criterion for Team Rho was to provide and complete evaluation of
the shortcomings of TheDebneyHouse’s network, and to provide solutions to all the problems.
The network evaluation revealed that the network fell short in two particular areas that Team
Rho would address: network coverage and network security. In addition to those two areas, the
team would need to stay within a strict $1,000 budget, and have the whole project completed by
January 31st, 2018.
TheDebneyHouse utilizes a mobile point of sale (PoS) system that allows them to be
attentive to customers and make sales anywhere in the store. The network they had in place
didn’t provide Wi-Fi coverage to the entire facility, so the solution that Team Rho put into place
absolutely needed to provide that to the sponsor. Network security for the sponsor consisted of
the default password for their stock AT&T modem/router, so that would need to be enhanced to
NETWORK AND SECURITY SOLUTION 75
protect the sponsor as well as their customers. iPads are used to facilitate their PoS system and
those were only secured with handwritten passwords which is not secure and needed to be
addressed as well.
The final client acceptance criterion includes installation of the following hardware: a
network switch, security gateway/firewall, cloud key remote management device, and mobile
Wi-Fi access point. Software and services required are Ubiquiti UniFi network software and the
LastPass password and file database storage service. All these elements come together to form
the network design provided by Team Rho to deliver the complete and secure network solution
that TheDebneyHouse requires.
Client Class Project Acceptance Criteria
For acceptance of the class project, Team Rho was required to fulfill the learning
outcomes that were outlined in the beginning of the class. We were required to deliver high
quality results from the project including user authentication, integrated systems, local area
network design/implementation, IT best practices, ethical challenges, communication skills, etc.
NETWORK AND SECURITY SOLUTION 76
Figure 19. ITM Capstone Project Learning Outcomes.
During the process of completing the class project, class assignments were due on a
weekly basis. These assignments were integral in the completion of the project and were not just
busy work. Every assignment was a something that could be used to add to the depth of the
project and complete required learning outcomes. In addition to the weekly assignments, the
class had weekly meetings to go over requirements of the class. Our team had weekly Scrum
meetings too, so would could schedule tasks, deliverables, what to keep doing, what to stop
doing, prioritize what needed to be done, and discuss the prior week’s sprint. At the very end of
each week, each capstone team was responsible for giving honest scholarly feedback to the other
teams. Not only did this help our team learn about alternative solutions and gain valuable
feedback, but it gave us an opportunity to assist the other teams.
Over the course of the program we have learned valuable lessons and gained real world
experience. It has been a wonderful experience to see our hard work materialize into a tangible
network over the course of the last three months. Most of all, it has been a pleasure to deliver a
NETWORK AND SECURITY SOLUTION 77
solution to Mr. and Mrs. Miranda’s problems that rectified their IT issues, but also exceeded
their expectations.
Team Rho would like to thank the entire ITM faculty and our capstone professor, Dr.
James Juarez for facilitating our success throughout the entirety of our program. We are all
grateful for the knowledge we have acquired and friends we have made along this journey. We
are confident that this program will allow us to move forward successfully in any career
endeavor we pursue, as well as enable us to be viable assets in the ever growing technological
world.
NETWORK AND SECURITY SOLUTION 78
References
100% Wireless HD Security Camera: Arlo | Arlo by NETGEAR. (n.d.). Retrieved from
https://www.arlo.com/en-us/products/arlo/default.aspx
5 Benefits of Next-Generation Firewalls. (2017, September 08). Retrieved from
https://www.networkcomputing.com/networking/5-benefits-next-generationfirewalls/57886367
5-Port Gigabit Desktop Switch. (2018) Retrieved from tp-link.com:
http://www.tp-link.com/us/products/details/cat-5581_TL-SG1005D.html
Ansaldo, M. (2017, July 21). LastPass review: This virtual vault makes password protection
effortless. Retrieved from pcworld.com:
https://www.pcworld.com/article/3205868/security/lastpass-review-this-virtual-vaultmakes-password-protection-effortless.html
Atlantic. (2017). Undervalued: The Business Benefits of Cybersecurity. Retrieved from
http://www.theatlantic.com/sponsored/kpmg-2016/undervalued-the-business-benefits-ofcybersecurity/1034/
Choose a plan that works for you. (n.d.). Retrieved February 03, 2018, from
https://www.lastpass.com/pricing
Definition of “decision-maker” – English Dictionary. (n.d.). Retrieved from
https://dictionary.cambridge.org/us/dictionary/english/decision-maker
Grochow, J. (2015). IT Infrastructure Projects: A Framework for Analysis. Retrieved from
https://er.educause.edu/articles/2015/1/it-infrastructure-projects-a-framework-for-analysis
Harrin, E. (2017, August 21). How to Create a Project Organization Chart. Retrieved from
NETWORK AND SECURITY SOLUTION 79
projectmanagement.com: https://www.projectmanagement.com/articles/401556/How-toCreate-a-Project-Organization-Chart
Indiana, U. (2017, August 15). What is the principle of least privilege? Retrieved from kb.iu.edu:
https://kb.iu.edu/d/amsv
LastPass. (2017). Simplify your life. Retrieved from lastpass.com: https://www.lastpass.com/
McQuerrey, L. (n.d.). How Problems, Opportunities & Directives Can Drive the Project
Selection Process. Retrieved from http://smallbusiness.chron.com/problemsopportunities-directives-can-drive-project-selection-process-35734.html
McQuerry, S. (2016). Cisco Press. Retrieved from
http://www.ciscopress.com/articles/article.asp?p=1156068&seqNum=4
Mitchell, B. (2017, August 21). Why You Should Change the Default Password on a Wi-Fi
Network . Retrieved from lifewire.com: https://www.lifewire.com/changing-defaultpassword-on-wifi-network-816567
Northcutt & Novak, “Network Intrusion Detection: An Analyst’s Handbook,” 2nd Edition, New
Riders Publishing, Berkeley, 2000.
Operational Risk. (2016). Retrieved from
https://www.investopedia.com/terms/o/operational_risk.asp
Performance and Progress Reporting. (n.d.). Retrieved January 18, 2018, from
http://www.projectcontrolsonline.com/InfoPad/ReferenceZone/PractitionersGuide/Perfor
manceandProgressReporting.aspx
Phifer, L. (2017). WLAN security: Best practices for wireless network security. Retrieved from
http://searchsecurity.techtarget.com/WLAN-security-Best-practices-for-wirelessnetwork-security
NETWORK AND SECURITY SOLUTION 80
Powerful admin controls. (n.d.). Retrieved from
https://lastpass.com/enterprise/user-management
Prerequisite. (n.d.). Retrieved from http://www.dictionary.com/browse/prerequisite
Projectinsight.net. (2018). Project Resource Allocation and Resource Management. Retrieved
from projectinsight.net: https://www.projectinsight.net/project-management-basics/basicresource-management
Rawat, S. (2016, June 18). 5 Main Processes of Communication (With Diagram). Retrieved from
http://www.businessmanagementideas.com/communication/processes/5-main-processesof-communication-with-diagram/3084
Risk Management. (n.d.). Retrieved from
http://www.dictionary.com/browse/risk-management?s=t
Rouse, M. (2011, January). What is change control? – Definition from WhatIs.com. Retrieved
from http://searchdisasterrecovery.techtarget.com/definition/change-control
Rouse, M. (2007, March). What is escalation plan? – Definition from WhatIs.com. Retrieved
from http://searchcrm.techtarget.com/definition/escalation-plan
Schwalbe, K. (2016). Information Technology Project Management (8th ed.). Boston, MA:
Cengage Learning ISBN-13: 978-1-285-45234-01
Scrum Alliance (2016). What is Scrum? Retrieved from:
https://www.scrumalliance.org/why-scrum
Siegelaub, J. (2007). Six (yes six! constraints. Retrieved from
https://www.pmi.org/learning/library/six-constraints-enhanced-model-project-control7294
Sliger, M. (2011). Agile project management with Scrum. Paper presented at PMI® Global
NETWORK AND SECURITY SOLUTION 81
Congress 2011—North America, Dallas, TX. Newtown Square, PA: Project Management
Institute.
Stream in every corner of your home. (n.d.). Retrieved from https://eero.com/
Tippet, P. (2017). The National Computer Security Association: A Valuable Resource for Data
Security Managers. doi:10.18411/a-2017-023
Top Ten Cybersecurity Tips | The U.S. Small Business Administration. (n.d.). Retrieved from
https://www.sba.gov/managing-business/cybersecurity/top-ten-cybersecurity-tips
Tran, L. (2016, September 28). A Guide to Dependencies, Constraints and Assumptions (Part 3):
Making Project Assumptions. Retrieved from
https://www.inloox.com/company/blog/articles/a-guide-to-dependencies-constraints-andassumptions-part-3-project-assumptions/
Ubiquiti Networks – UniFi® Cloud Key. (n.d.). Retrieved from
https://www.ubnt.com/unifi/unifi-cloud-key/
Ubiquiti Networks – Wireless networking products for broadband and enterprise. (n.d.).
Retrieved from: https://www.ubnt.com/
VLAN Security – Making the Most of VLANs. (n.d.). Retrieved from
http://www.firewall.cx/networking-topics/vlan-networks/226-vlan-security.html
Wright, Joshua (2006). Explaining WPA2. Retrieved from
https://www.networkworld.com/article/2306774/network-security/explaining-wpa2.html
Zeiger, S. (n.d.). Decision-Making Styles for Organizations. Retrieved from
http://smallbusiness.chron.com/decisionmaking-styles-organizations-24385.html
NETWORK AND SECURITY SOLUTION 82. Computer Science homework help
