86 lines
4.8 KiB
HTML
86 lines
4.8 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 4//EN">
|
|
<HTML>
|
|
<HEAD>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
<meta name="Copyright" content="Copyright (c) 2005 by IBM Corporation">
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights - -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
|
|
<TITLE>Scenario: JKL Toy Company e-business plans</TITLE>
|
|
<LINK rel="stylesheet" type="text/css" href="ic.css">
|
|
</HEAD>
|
|
<BODY>
|
|
<!-- Java sync-link -->
|
|
<script language = "Javascript" src = "synch.js"></script>
|
|
<!-- End Header Records ============================================ -->
|
|
<A NAME="Top_Of_Page"></A>
|
|
<HR><H2><A NAME="HDRRZAJ45L_BASIC_CORP_USAGE">Scenario: JKL Toy Company e-business plans</A></H2>
|
|
<P>
|
|
<P>This scenario describes a typical business, the JKL Toy Company which has
|
|
decided to expand its business objectives by using the Internet.
|
|
Although the company is fictitious, their plans for using the Internet for
|
|
e-business and their resulting business needs are representative of many real
|
|
world company situations.
|
|
<P>The JKL Toy Company is a small, but rapidly growing, manufacturer of toys,
|
|
from jump ropes to kites to cuddly stuffed leopards. The company
|
|
president is enthusiastic about the growth of the business and about how its
|
|
new iSeries server can ease the burdens of that growth. Sharon Jones,
|
|
the accounting manager, is responsible for iSeries system administration and
|
|
system security.
|
|
<P>The JKL Toy Company has been successfully using its current setup for its
|
|
internal applications for over a year. The company now has plans to set
|
|
up an intranet to more efficiently share internal information. The
|
|
company also has plans to begin using the Internet to further its business
|
|
goals. Included in these goals are plans for creating a corporate
|
|
Internet marketing presence, including an online catalog. They also
|
|
want to use the Internet to transmit sensitive information from remote sites
|
|
to the corporate office. Additionally, the company wants to allow
|
|
employees in the design laboratory to have Internet access for research and
|
|
development purposes. Eventually, the company wants to allow customers
|
|
to use their web site for direct online purchasing. Sharon is
|
|
developing a report about the specific potential risks and challenges associated with these
|
|
activities and what measures the company should use to minimize these
|
|
risks. Sharon will be responsible for updating the company security
|
|
policy and adjusting the company computing strategies as they work to achieve their goals.
|
|
<P>The goals of this increased Internet presence are as follows
|
|
<UL COMPACT>
|
|
<LI>Promote general corporate image and presence as part of an overall
|
|
marketing campaign.
|
|
</LI><LI>Provide an online product catalog for customers and sales staff.
|
|
</LI><LI>Improve customer service.
|
|
</LI><LI>Provide employee e-mail and World Wide Web access.
|
|
</LI></UL>
|
|
<P>Here is the an example of the company Internet/network configuration.
|
|
<P>
|
|
<BR>
|
|
<IMG SRC="../rzaj4/rzaj500.gif" ALT="JKL Basic Network Configuration" border="0"><BR>
|
|
<P>As shown in the diagram, JKL Toy company has two primary iSeries
|
|
servers. They use one system for development (JKLDEV) and one for
|
|
production (JKLPROD) applications. Both of these servers handle
|
|
mission-critical data and applications. Consequently, they are not
|
|
comfortable running their Internet applications on these servers.
|
|
Instead, they have chosen to add a new iSeries server (JKLINT) to run these
|
|
applications.
|
|
<P>The company has placed the new system on a perimeter network and is using a
|
|
firewall between it and the main internal network of the company to ensure
|
|
better separation between their network and the Internet. This
|
|
separation decreases the Internet risks to which their internal systems are
|
|
vulnerable. By designating the new iSeries as an Internet server only,
|
|
the company also decreases the complexity of managing their network
|
|
security.
|
|
<P>The company will not run any mission-critical applications on the new
|
|
iSeries system at this time. During this stage of their e-business
|
|
plans the new system will provide a static public web site only.
|
|
However, the company wants to implement security measures to protect the
|
|
system and the public web site it runs to prevent service interruptions and
|
|
other possible attacks. Consequently, the company will protect the
|
|
system with packet filtering rules and network address translation (NAT)
|
|
rules, as well as strong basic security measures.
|
|
<P>As the company develops more advanced public applications (such as an
|
|
e-commerce web site or extranet access) they will implement more advanced
|
|
security and systems management measures.
|
|
<A NAME="Bot_Of_Page"></A>
|
|
</BODY></HTML>
|