Overview

I was originally brought in to assess the security standards on the existing Microsoft Exchange environment to which I reported that security holes did indeed need to be patched. I was then asked to assess the current multiple Active Directory Forests with many Active Directory domains in 12 Data Centers/Networks containing 2 separate Exchange Email systems, hundreds of server applications. I ran scanning tools for security holes, vulnerabilities, and weaknesses without effecting current operations, and provided risks levels to vulnerabilities then proposing a solution to each finding. Due to the nature of the work I was performing, I had to work closely with IT commissioner, IT Head, and the Board to go over all discovered security vulnerabilities and to present the risk level/impact/percentage complete/estimated completion date.

I was then asked if I could consolidate multiple forest with15 Domains to one forest and 10 domains by removing and combining resources and users as required then moving servers to one data center. In the process of combining Domains, I had to get all Exchange Servers on the same version, so I migrated all mail Exchange servers to the latest version without negatively affecting over 10,000 users. During the email servers upgrade I was able to bring all Exchange servers to one data center which in-turn allowed for better disaster recovery of email.

Being proactive, I brought in and setup event log monitoring software and other monitoring tools to check and alert on security breaches. Then I created system that allowed trusted staff to change all local admin server passwords and change all service account passwords throughout the organization within minutes. In my final analysis, I removed over 200 administrators and restructured administration to lockdown permissions throughout the organization, implemented security policies Administrators were now required to login as a user on their desktops. Their environment is now a lot more secure from these changes.

NOTABLE TECHNOLOGY USED

Microsoft Windows Server

Microsoft Exchange

Microsoft GPO Management Tools

DELL SANs/Blades/Servers

Microsoft Virtual Server

Blackberry Server

Microsoft Office, Microsoft Project, Microsoft Visio

NetBackup

Lieberman Service A/C Manager, Keroon PW Reset

Quest In-Trust Change Auditor Exchange and AD, Adventnet Eventlog Analyzer

McAfee AV Enterprise & GroupShield

SMTP Appliance

Microsoft SQL

Microsoft DNS/DHCP/WINS/Dfs

Network Router/Switches

Juniper VPN