Professional Documents
Culture Documents
Jason M. Jeffares
Table of Contents
Proposal Overview......................................................................................................................................3
Problem Summary...................................................................................................................................3
IT Solution...............................................................................................................................................4
Implementation Plan................................................................................................................................5
Review of Other Work................................................................................................................................6
Relation of Artifacts to Project Development..........................................................................................9
Project Rationale.......................................................................................................................................10
Current Project Environment.....................................................................................................................11
Methodology.............................................................................................................................................13
Project Goals, Objectives, and Deliverables..............................................................................................14
Goals, Objectives, and Deliverables Table............................................................................................14
Goals, Objectives, and Deliverables Descriptions.................................................................................15
Project Timeline with Milestones..............................................................................................................17
Outcome....................................................................................................................................................18
References.................................................................................................................................................19
Appendix A...............................................................................................................................................20
Comcast Business Internet Speed Tiers.................................................................................................20
Appendix B...............................................................................................................................................21
Verizon Fios Business Service Tiers.....................................................................................................21
BUILDING BLOCKS, LLC NETWORK UPGRADES 3
Proposal Overview
Problem Summary
Consulting911 has been retained by Building Blocks, LLC – a local Architecture Firm to
evaluate their current Information Technology infrastructure and provide recommendations for
upgrades. Building Blocks began as a single person entity, working from the founder’s spare
bedroom in 2005. Over the past fifteen years, the firm has grown to 3 Architects and a support
staff of 5. The Managing Partner is in discussions with another individual to further expand the
The firm relocated to its current office location in late-2017; a converted 3-story row
home in the ever-growing H Street Corridor in Northwest D.C. When the firm relocated to this
location, the Managing Partner was in a rush to find internet services to service the building and
went with the first available provider he came across. While this service was adequate for the
needs of the firm at the time, technology needs, and the increase in staffing have outpaced the
Project staff from Consulting911 had a meeting with the staff from Building Blocks to
discuss their needs both in the office, and while visiting clients at their sites. Several issues
became common themes among most of the staff; most complaining primarily about the lagging
internet speeds, difficulty in sharing files with other members of the team, and the lack of any
ability to access office-based files when away from the office. The Managing Partner, and a
couple other staff members also mentioned overall internet security after reading about the
increasing number of cyber-attacks being perpetrated. This raised some flags about the safety
and integrity of the firm’s data, since their projects are the livelihood of all the staff, and
IT Solution
Following the preliminary discussions with the Building Blocks staff, there were four
areas for improvement that are slated for implementation and preliminary objectives:
System
systems
access
Once these solutions have been implemented, the Managing Partner believes this will
result in a more productive and collaborative environment within the office, and result in better
BUILDING BLOCKS, LLC NETWORK UPGRADES 5
relations with the firm’s clients as more project information will be available while making site
Implementation Plan
After an initial survey and assessment of the firm’s current Information Technology
infrastructure, the first item to consider will be looking at ISP service levels and begin the
requisition process for upgrades and new installations as those installation dates can require
advanced planning of up to a month from commitment to installation. Once the ISP installations
and upgrades have been planned, the plan can shift to hardware planning for the Firewall/IPS,
VPN, and NAS. Hardware can be sourced from any of Consulting911’s existing suppliers, or
from one of Building Blocks’ choosing; however, the supplier’s response to COVID-19 may
affect shipping lead times, so that should be considered when making a supplier selection.
After Firewall/IPS, VPN, and NAS hardware has been selected, initial configuration and
hardening can take place at Consulting911’s facility prior to installation at Building Blocks.
Partners at Building Blocks, along with Consulting911 staff have already agreed that final
installation and configuration of the new hardware installation will occur on a weekend so as to
not disrupt normal office operations during the week. In addition to the planned network outages
for the hardware installation, access will be needed to each workstation in the office to configure
Given the initial uncertainty of the timing of the ISP installations, and should they need to
occur after the completion of the remainder of the project, Consulting911 staff will be available
when those installations occur to ensure a successful integration with the newly installed
hardware, assess the new bandwidth available to the office, and to conduct additional testing to
BUILDING BLOCKS, LLC NETWORK UPGRADES 6
ensure that the connections function as intended to provide redundancy as planned – in the event
With the ever-growing need for enterprise network security, including intrusion detection
and prevention, there are numerous pieces of available hardware to accomplish this task from
numerous vendors. With so many available hardware options, this leads to many questions …
and an IPS? What is the best device for our network? So many more questions exist, but HP, in a
2014 white paper answers the first two of the questions just posed in the opening line of the
paper, “Next-generation firewalls include intrusion prevention system (IPS) technology that can
detect and block cyber attacks. But they are not a complete substitute for a purpose-built next-
generation IPS. Effective network security requires both. (Hewlett Packard, 2014)”
The paper continues to point out several distinct factors play into the role that a Next-
Generation Firewall and an IPS combine to provide a more complete solution to network
security: 1. Network Location – edge vs. core; 2. Traffic inspection and control – external traffic
coming into private network vs. incoming and outgoing traffic in addition to in-network traffic;
3. Frost & Sullivan’s four phases of advanced persistent threats – Phases 1 & 4 vs. Phases 1
through 4.
As previously mentioned, data security and the protection of Building Blocks’ intellectual
property is paramount to the continued success of the firm. To date, there have not been any
instances of external threats, nor of any insider bad actors; the project intends to address the
BUILDING BLOCKS, LLC NETWORK UPGRADES 7
potential of these threats and provide the means to thwart attempts before they happen with the
Fortinet brings up other good points in their 2019 White paper about IPS and NGFW:
Performance is a key factor driving many companies to select standalone IPS rather than
functionality integrated into an NGFW. The additional load on a firewall appliance that
must now inspect packets and payloads for IPS will slow down network traffic. Signature
matching alone can reduce some NGFWs’ speed by as much as 30%. (Fortinet, 2019)
This should provide the decision makers at Building Blocks some additional guidance
when making considerations for new hardware for their installation. These statistics, along with
the ability of a stand-alone IPS to monitor internal network traffic provide additional reasoning
and logic for the separation of Firewall and IPS devices for the new hardware installation.
Threat intelligence and its integration into an IPS with Advanced Threat Prevention
(ATP) capabilities is another aspect of the device selection that should be considered. ATP and a
threat intelligence service, when integrated into an IPS, can be used to automatically update the
threat signatures used by the IPS, “which supplement the native functionality of the devices with
ongoing updates about zero-day and other emerging threats (Fortinet, 2019).”
Another integral part of the upgrade project for Building Blocks is file sharing and its
accessibility from within the office and remotely. Remote access to office-based resources will
be accomplished using a VPN, which for ease of configuration will be integrated into the new
firewall that is to be included with this upgrade project. Back to the file sharing … Network
Attached Storage (NAS) or Storage-Area Network (SAN)? Both options have their pros and
BUILDING BLOCKS, LLC NETWORK UPGRADES 8
cons. A 2018 blog post from Enterprise Storage begins to scratch the surface of the two and
provides a bit more insight as to which may be more appropriate for our current project and
installation needs. “NAS is a file-level data storage device attached to a TCP/IP network, usually
block-level storage. The network interconnects storage devices, switches, and hosts.” …
furthermore, “NAS is not typically as fast as block-based SAN, but high-speed LANs can
overcome most performance and latency issues.” Yes, Building Blocks is an architecture firm
that often deals with large Computer-Aided Drawing files, but can the extra cost for a SAN be
SANs are the higher performers for environments that need high-speed traffic such as
high transaction databases and ecommerce websites. NAS generally has lower throughput
and higher latency because of its slower file system layer, but high-speed networks can
Building Blocks is not running a high transaction database, nor are they running an
One should not depart from the topic of file sharing and availability without discussing
RAID. Data security revolves around the C-I-A Triad – Confidentiality, Integrity, Availability.
The availability of data is paramount for any business, hence the need to discuss a RAID
configuration as part of the file sharing aspect of this installation. In a 2005 White Paper,
Adaptec opens with “Data is the most valuable asset of any business today. Lost data means lost
business.” Let’s face it … we all know that hard drives fail. For this reason, a simple RAID-0
BUILDING BLOCKS, LLC NETWORK UPGRADES 9
array is out of the question here, because the failure of 1 drive in the array leads to total data loss
for the entire array. RAID-1 and RAID-5 allow for 1 drive in the array to fail, but when one of
these are combined into a larger RAID-0 array, creating a RAID-10 or RAID-50 implementation,
the fault tolerance increases. Adaptec compares the varying types of RAID implementations in
their 2005 white paper, and details typical applications of those varying types. Based on the
Adaptec white paper, file server implementations, such as the one being considered for Building
Blocks, are best suited to a RAID-50 implementation, suffering little performance degradation
The selected articles and white papers provide direction for various aspects of the project
and its main objectives. The Fortinet and HP white papers provide some direction to the project
by guiding a decision about a combined Firewall/IPS or separate devices. The Enterprise Storage
article provides insight to the selection of a storage solution, while the Adaptec white paper
provides guidance on the selection of a RAID implementation for the selected storage solution –
which provides redundancy to ensure availability of Building Blocks’ data despite failure of a
While the staff of Consulting911 has their own preferences of product, and ideas for their
own ways to implement these objectives, the choice ultimately rests with the Building Blocks
staff, and their preferences. These artifacts, along with discussion with Consulting911 staff, are
intended to assist with the selection of products and solutions that work in the best interest of
Building Blocks’ work practices. In the event that Building Blocks’ staff is unsure about what
help guide a decision for what solutions will work best and be of the most benefit now and to
“future proof” the installation – making today’s investment most beneficial as far into the future
as possible.
Project Rationale
Building Blocks began to consider this project in the closing months of 2019, as more
office staff began to complain about lagging internet, and difficulty in sharing files with other
team members. The project was tabled due to the hectic nature of the holidays and was pushed
off until after the beginning of the new year. 2020 started slower than expected for Building
Blocks, and the issues subsided due to the lower-than-normal volume of work, moving the
investment in the technology upgrades down the spending priority list. The project had to be
further postponed due to the COVID-19 pandemic that has crippled many businesses, including
Building Blocks, for most of the year. In preparation for business to pick back up, and to
facilitate better remote-working conditions, Building Blocks’ Managing Partner made the
decision to pull from the firm’s strategic financial reserves and move ahead with this project
Even though the firm’s current workload is low, there are still projects in progress with
deadlines that still need to be met. A few members of the staff have firm-provided laptops that
they are still able to work from while working from the office. However, there is one big
downside to working from a laptop – they lack the processing power required to efficiently run
the Computer-Aided Drawing software used in today’s Architectural processes. This had led
most of the firm’s Architects to move back to pencil and paper – spread out on the dining room
table at home, hoping the kids don’t come through and spill the mid-afternoon snack and drink
BUILDING BLOCKS, LLC NETWORK UPGRADES 11
on the drawing that’s been in process for the last three weeks. With a remote connection, and a
couple of external monitors, the firm’s architects can begin to take up a sense of normalcy with
their CAD system, but there’s one other limiting factor to the effectiveness of this solution – the
internet connection speed at the office: it is insufficient to support a stable remote desktop
connection session.
In addition to addressing the connection issues to the office, significant emphasis was
placed on the need for additional security to protect Building Blocks’ intellectual property. While
Building Blocks is a small, local firm, the threat of malicious cyber actors cannot be discounted –
Even though Building Blocks’ current workload is less than usual, and most of the work
is being done away from their normal office space, collaboration on active projects still must
take place to ensure that the current deadlines can be met. This shift in collaboration methods
brought forth the thoughts from Building Blocks’ Managing Partner about the installation of a
centralized file-sharing implementation at the office. Combined with the other aspects of the
project slated for installation, the file sharing solution serves as an additional way for more
Building Blocks, LLC is a local architecture firm that moved to its current office space in
late 2017 – a renovated and refurbished three-story brick row home, built c. 1900. As part of the
renovation and conversion from residential to office space, CAT-6 network cable was installed
throughout the space, and run to a small, central rack space on the ground level. This network
rack was installed with a patch panel, which was clearly labeled to facilitate ease of use in
BUILDING BLOCKS, LLC NETWORK UPGRADES 12
expansion of network resources throughout the office space. The patch panel is currently in use,
with connections being made to the desktop computers currently in use by Building Blocks’ staff
members. These connections are currently being made directly to the ISP provided equipment,
which is also serving as the office’s primary Wi-Fi access point. Aside from the existing cabling,
patch panel, and the ISP-provided hardware the IT infrastructure is generally non-existent at
After some additional investigation, there are significant Wi-Fi connection issues on the
second and third floors of the office space – later realizing that it is the placement of the
hardware that is the cause. Additional discussions with the Managing Partner of Building Blocks
has already prompted a request to expand the project and include measures to remediate the Wi-
Fi issues with standalone access points on all three floors of the office space – since because of
the hardware installation in the original scope of the project would discontinue the direct use of
the ISP provided hardware for provision of Wi-Fi service and DHCP network routing.
implementation of a hardware firewall, or any kind of network attached storage. All internet
service for the office is being served through the ISP-provided hardware, as well as providing
DHCP and Wi-Fi services. This hardware will remain in place unless an upgrade is required by
the ISP as part of the service level upgrade being considered. Hardware for a secondary ISP will
be installed parallel to this existing hardware – providing additional bandwidth and redundancy
for the office. ISP-provided hardware will be remaining in place, only serving as an interface to
the providers’ networks, with DHCP and Wi-Fi services being moved to hardware inside the
Methodology
Consulting911 will use a PDCA or PDSA methodology for this project, as it does of most
of the other projects undertaken by the firm. The firm’s manager is most familiar with this
methodology from its use in prior work experience and have integrated its usage into normal
business practice with Consulting911. Some view this methodology as Plan, Do, Check, Act;
some view it as Plan, Do, Check, Adjust; others as Plan, Do, Study, Act. At Consulting911 we
have modified it to our own version – Plan, Do, Study, Adjust: making our plan, executing our
plan, studying the result, and adjusting our methods. If the initial result is not satisfactory to our
client, we will pick up where we left off, and proceed through the cycle again, adjusting our
take place after the acceptance of the project proposal from the Managing Partner of Building
Blocks. The initial step of the project will begin with the selection of an upgrade to the existing
internet services coming into the office. Hopefully, this can be accomplished with the provider
adjusting the configuration on the back end, with no other action required at the equipment
already installed at Building Blocks’ office. However, if there is additional hardware needed or if
the existing hardware requires replacement, then a service appointment will be scheduled as soon
as possible. In addition to the upgraded service from the current ISP, services from a secondary
ISP will be researched and planned for installation at the earliest available date.
Product selection will follow, and recommendations provided to the Managing Partner
for final selection. After the final selection of the products to complete the project, they will be
ordered from one of Consulting911’s existing vendors. While waiting on the hardware to arrive,
initial configuration plans will be formulated to expedite the device configuration upon its arrival
BUILDING BLOCKS, LLC NETWORK UPGRADES 14
at Consulting911. Initial device configuration and testing will occur at Consulting911’s office
prior to installation in Building Blocks’ office. Connectivity and configuration verification will
occur after each segment of the new hardware has been installed to ensure functionality and
After all hardware has been installed and verified to be functioning appropriately,
Building Blocks’ Managing Partner will again ensure that all project goals and objectives have
The first goal of this project is to upgrade the internet services for Building Blocks’
office. Two primary objectives will accomplish this goal, each with similar deliverables. The two
objectives are evaluations of the current ISP, along with evaluation of a new ISP. Successful
BUILDING BLOCKS, LLC NETWORK UPGRADES 16
completion of this goal will be measured by the completion of a service-level upgrade from the
The second goal of the project is to improve the firm’s security stance and internet
System
Deliverables for these three objectives are fundamentally identical: provide a complete
installation of the three systems, ensure connectivity through them, conduct testing to ensure
proper functionality, and supplying the customer with documentation and training on the
Implementation of a VPN system serves to satisfy this goal. Server and client configurations
must be performed to ensure functionality across all types of customer-supplied device hardware.
Implementation will culminate with connectivity testing and staff training on the features and
Finally, a request was made to implement an office-wide file sharing system. A Network-
Attached Storage system will be installed and configured with RAID to ensure redundancy and
continuous availability in the event of a drive failure. Success in this area will be measured by
the ability of all staff members to access the shared system from their device of choice from
infrastructure
Evaluate
infrastructure
assessment; research
recommendations for
ISP
Present
recommendations to
Managing Partner,
3 days 12/3 12/7
allowing time to
product proposals
Contact ISPs to
installation
TBD – determined by
ISP Installations 2 days
provider availability
BUILDING BLOCKS, LLC NETWORK UPGRADES 18
configuration and
testing
at Building Blocks’
office
Outcome
Once completed, Building Blocks, LLC will have a faster, more secure connection to the
internet, as well as the ability to remotely access the firm’s resources while away from the office,
and more effectively share files within the office staff. Overall success of the project will be
measured by the continued connectivity after the new hardware installations, but also by a
measured improvement in the downstream bandwidth available to users in the office. Based on
initial reports of current bandwidth, after the upgrade and new installation users should expect a
References
Adaptec. (2005). Which RAID Level is Right for Me? [White paper].
https://www.adaptec.com/nr/rdonlyres/874d145e-f64f-4804-9e27-
037bc5a9dce0/0/3994_raid_whichone_v112.pdf
Enterprise Storage. (May 8, 2018). NAS vs. SAN: Differences and Use Cases.
https://www.enterprisestorageforum.com/storage-networking/nas-vs.-san-differences-
and-use-cases.html
Fortinet. (2019). A Definitive Guide To The IPS Technology Landscape: Essential Solution to
https://www.fortinet.com/content/dam/fortinet/assets/white-papers/wp-a-definitive-guide-
to-the-ips-technology-landscape.pdf
Hewlett-Packard Development Company, LP. (2014). Next-generation IPS and Firewall: Why
IPS-and-Firewall.pdf
BUILDING BLOCKS, LLC NETWORK UPGRADES 20
Appendix A
Appendix B