The Client
The client is a small consulting firm in Washington, DC that provides data foraging, analytics, and support services to the Intelligence Community, United States Armed Services, and foreign governments.
The Challenge
As businesses grow, standardized network architecture, network security, and data transport protocols are required for stream-lined business operations and growth.
The client was originally using a standard ISP-provided, consumer-grade router to provide local area network (LAN) and internet connectivity to their entire office. Most employees connected wirelessly, with no physical connections to the LAN, and overall network performance was too slow to conduct business. Despite operating in a medium-to-high threat environment, the network had minimal physical and security protocols and major exposure to cyberattacks.
The Solution
To ensure the network upgrade met all operational and security needs, ITS Roads initially conducted a network assessment and risk analysis and documented all current network configurations. Based on current usage and anticipated growth, ITS Roads designed a comprehensive upgrade to the system emphasizing performance, ease-of-maintenance, and robust cybersecurity measures – as well as an implementation plan to minimize downtime.
ITS Roads’ new network architecture included virtual network separation using VLANs (802.1Q), prioritized quality of service (QoS) rules, and a combination Firewall and active Intrusion Prevention Device that constantly monitors the LAN. Additionally, the new architecture established a gigabit CAT6 physical connection to each workstation to improve data throughput. All network equipment is placed in a locked cabinet inside an access-controlled room to further increase physical security. ITS Roads also recommended implementation of two-factor authentication (2FA) among other network access and data transport best practices to protect sensitive data.