Integrated Network Engineering IT Integration Support Experience
Integrated Network Engineering, Inc.
1. Engineering Standards Support: INE understands that client has the responsibility to establish the engineering standards and best business practice for enterprise-wide network/systems support. INE has led the client in standards development, review, and documentation by contributing these activities:
Communicate with client organizations and vendor/contractor community about client telecom and systems naming standards
Update, maintain, and share with the client field engineers about the current Standards
Review and update new versions of Configurations Standards (OS Systems, Router & Switches, firewalls, etc.) when new features are introduced into these devices
Define the QOS (Quality of Service) boundary and configuration standards/guidelines for VOIP implementation.
Review and update the document about the control and use of software-based capture and analysis tools (OPNET ACE, IT Guru, Infinistream, NetVantage, CiscoWorks, etc)
Led client for Domain Name Service (DNS) & DHCP architecture design discussion and deployment strategy.
2. Engineering Operations Support; INE understands that client critical operations needs. INE has seasoned engineers with Microsoft (MCSE), Cisco (CCNA/CCNP/CCIE) and security certified engineers (CISSP) to support the following Operations and projects:
Security/Firewalls Engineering Analysis; Working with the client security organization, INE engineers have provided pivotal roles for firewalls and load balancer design, configuration, and troubleshooting
WAN project support: As the client’s WAN is transitioned from the existing network contract to GSA Networkx services, INE engineers have led the team for extensive Lab testing to ensure that the contractual SLA are met by the carrier, and the applications have minimal impact.
NAC technology evaluation: NAC (Network Admission Control) is a network access security control mechanism. INE engineers have led the IRS to perform extensive NAC feature and functionality testing with various user access and authentication scenarios. INE engineers led the project for secured network switch design (802.1x, SNMP v2/v3), policy manager and policy enforcer integration testing. INE is providing the NAC deployment strategy to the client so that only client’s authorized users can access the LAN switches and resources in the future. INE engineers utilized the Vmware to enable Active Directory (AD) for Single Sign-On (Kerberos) user authentication, and Internet Authentication Server (IAS) as the RADIUS server for 802.1x user authentication.
Extranet Support: INE’s client has an Extranet that is secured Site-to-Site VPN connectivity via the Internet. Extranet allows the secured VPN tunnel between the client network and client’s trading partners. INE engineers led the client (IRS) business partners (i.e. FMS, SSA, Lockbox, and US Customs) for various extranet projects needs: OPM eQIP, PNC Bank DR connectivity, Dept of Ed, USPS, Navy DMDC, GSA, InterVoice etc
3. IPv6 Support: INE has provided skilled and experienced engineers to assist the IRS to accomplish the OMB IPv6 Mandate:
Incorporate the IPv6 into IRS IRM Strategic Plan
Update the IPv6 based Enterprise Architecture with the transition strategies
Complete the IPv6 Transition Plan
Assist the agency to generate the OMB required IPv6 progress report
Implement the IPv6 into the IRS backbone
Document the testing process and results
Specifically, INE has led the IRS IPv6 project as follows:
IPv6 related LAN/WAN Architect, Testing, Trouble Resolution, Systems/ Security Consulting for Voice, Video, and Data (Wire and Wireless) – INE led the IPv6 related architecture change, hardware and software testing, firewalls and Intrusion detection systems (IDS), security assessment, email and Web content filtering impact assessment, local area network (LAN) and wide area network (WAN) bandwidth and connectivity needs assessment. Specifically, INE engineers have identified and mitigated security risks associated with the IPv6 based LAN/WAN infrastructure.
IPv6 Related Business Case studies and Applications Impact Analysis Support: INE has developed and provided business case studies, and engineering alternative analysis. INE has communicated the IPv6 efforts with multiple organizations, and analyze the potential use of IPv6 based applications to add value to the IRS.
Network Baseline/Transition Support for IPv6: INE has documented the network baseline/transition planning support for IPv6. The support activities include coordinating/working with current and potential contractor(s) to baseline the current performance, capacity, ownership, management, etc. and develop transition plans to insert IPv6 into the IRS infrastructure.
Technical/Engineering Advisory Support on IPv6: INE has provided the technical support to the IRS for the IPv6 and network projects that are in progress or new requirements development. INE engineers act as the network engineering lead to support the network projects. INE engineers have provided advice and assistance to develop IPv6 project plan, WBS, security concerns, funding requirements, preliminary network/systems design, lab integration testing, and hardware and software acquisition necessary to complete the project. INE provided IPv6 implementation methodology that covers the identifications of requirements, the baseline of the current systems, the tools used for the IPv6 migration, the impact and the cost elements, and the measurement of the IPv6 implementation milestones.
4. Portal Infrastructure Support; Client’s Portals infrastructure is built to support a new growing set of Web-based applications and lay a foundation for a universal secure access to many legacy applications. It provides an integrated environment of Enterprise Portals (web servers and web application servers), security mechanisms and data access service. The Portal segment intends to provide access for registered users, partners, public and employees to new and legacy business applications. INE led the portal infrastructure support covers the following:
Portal Operations support: INE engineer has led client engineers in the portal technology refresh and the network interface design and testing. INE engineer led the Portal operations in the areas of troubleshooting, firewall security, Authentication/Authorization, IP addressing and routing scheme, DNS and load balancing, and VPN based secure network capacity and throughput assessment.
Extranet & Remote Access support: INE led the client for a cost-effective VPN-based remote access solution for all client enterprise users and approved contractors.
5. Cyber Security Consulting: INE assist its client in various security tasks:
Security & Privacy:
INE possesses senior level industry recognized subject-matter experts in security and privacy who have executed successful engagements for commercial and government organizations. Our professionals have industry certifications such as Certified Information System Security Professionals (CISSP), Certified Information Security Auditor (CISA). The INE team is skilled in the business process reengineering techniques to align security processes with business objectives. These techniques include; rapid needs assessment, conceptualization, and architecture design and system implementation.
Certification and Accreditation Services
Certification and accreditation (C&A) of major applications, general support systems and critical systems are effectively performed in accordance with the National Institute of Standards and Technology (NIST) special publications (SP). INE service offerings are centered on “Protection in Context” which covers security as outlined in the 10 CISSP domains. Protection in Context is a security assessment process that combines relevant NIST Special Publication (SP) 800 Series and ISO 17799:2000, Code of Practice for Information Security Management, into a comprehensive methodology and questionnaire. With Protection in Context, the INE team is able to rapidly create a baseline for the client, commensurate with the value of information being protected and the probability of loss.
Risk Assessment/PKI Services
INE has worked with its clients for risk assessment, defined security policies from desktop/server, network, to Internet access. INE performed SRA (Security Risk Assessment) for DC Superior Court via Pen test and provided security architecture review, and risk mitigation strategies for critical servers, Internet/Intranet email and public Web access, NetApp database access. INE helped clients to identify issues such as simple password protection, hand-held authentication (Secure Dynamic’s Secure ID), and biometric device identification. For the network, INE recommends the authentication with AD/Single Sign-on (SSO), 802.1x, ACL/filtering, log/audit trail and dial-back strategy for network/firewall device access. For the Internet E-business transactions, INE recommended its clients with intrusion detection/audit test tools (NMAP, Nessus, SNORT), Proxy/Firewall under DMZ design/implementation, and Entrust PKI CA/X. 500/timestamp/Biometric/Cisco VPN for digital signature/certificate authentication.
INE engineers have performed Independent Baseline Validation (IBV) functions for the Treasury Department to independently validate whether the CI (Consolidated Infrastructure) investment is meeting the requirements stipulated in OMB’s M-05-23 Memorandum, and identify deficiencies of the implementation of Earned Value Management System (EVMS) for all new and ongoing major developmental investments.
INE has also done IV&V tasks with Government agencies for network verifications and validations under TCS contract, and performed security accreditation and systems IV&V for the IRS under PRIME and TIPSS contracts. INE engineers utilized their network, security and systems engineering "best practices" to evaluate the correctness and quality of critical and complex security/systems/networks throughout the project life cycle. INE engineers used tools (requirement analysis and design, process modeling, and configuration management) to verify the compliance with project and system requirements, analyzed development processes, analyzed and ensured effective technology transfer to the clients and direct IV&V activities according to clients’ needs. INE engineers’ analytical approaches enable efficient, cost effective IV&V service through their network, systems, and COTS applications expertise.
6. Modeling and Network Performance Engineering Support: INE engineers have the expertise in using OpNet tool suite (ITGuru, SPGuru, ACE, Flow Analysis, Panorama, and Commander) to assist client in network planning, operation and trouble shooting of various applications and systems. INE Modeler has applied the following modeling methodologies to accomplish the results:
Review the required/projected traffic volume by type with the needed project
Construct a network topology diagram via VNE server with enough details from a LAN/WAN point of view based on actual current connectivity.
The detailed topology will include all nodes of interest, network connectivity, and capacity of each circuit.
Collect Concord data utilization to characterize link, and node traffic in terms of daily, weekly and seasonal traffic characteristics.
Collect transaction signature for each type of activities using OPNET ACE,
Develop longer term traffic projection model and short term application transaction and traffic model (OPNET simulation and OPNET ACE model)
Perform models Validation
Perform capacity modeling and planning for future network adjustment
Determine the achievable performance for the current network topology/capacity and under different traffic conditions: best case, typical case and worst case based on ACE capture data and ACE modeling tool such as Quick-Predict.
Determine the efficiency differences between HTTP (Web traffic) versus FTP based transactions for different type of filings using actual ACE capture data and ACE models
Update VNE server data.
In addition to the OpNet modeling/simulation support, INE engineers also led client for Capacity Planning and Performance Analysis with the following methodologies:
Define Planning Objectives: Document and Prioritize the information needs and objectives such as improving the network performance in anticipation of new applications, and grooming the circuit costs due to low (or none) usage.
Select proper tool such as Data Collection Tools (Concord, Netscout, Compuware Netvantage), Data Management Tools (CiscoWorks, HP Openviews, Tivoli), Network Graphic tools (Visio), and the Data Analysis Tools (OpNet NetDoctor, ITGuru) to perform network Capacity Planning and Performance Analysis,
Specify Network Performance Criteria: establish the performance baseline and criteria for measurement
Specify Data Collection and Storage Procedures; i.e. Identify existing sources of data that are generated from current work products, processes, or transactions, and specify how to collect and securely store the data for each required measure
Specify the Analysis Procedures; i.e. Specify and prioritize the analyses that will be conducted and specify criteria for evaluating the utility of the analysis results
Perform Data Collection from the Concord/Compuware tools
Perform Data Analysis and conduct additional measurement and analysis as necessary
Present data analysis results with stakeholders
Produce secured data inventory for future references
Communications with client Management Team
Provide recommendations to Operations and Application Development in areas where application performance can be enhanced.
7. Call Center CTI Technology and Security Support: INE has helped Skyallen Marketing and IRS for Call Center Technology test, security assessment, and new technology deployment.
For Skyallen marketing, INE has performed system and call router/predictive dialer installation to help marketing campaign.
For IRS, INE has performed 46 Call Centers capacity planning, and recommend IRS best utilized operations equipment/systems (ACD, VRU, Telefile, Teletax, TRIS, CSCR, ICM, Routers, etc.). INE has also planned, designed, implemented, and integrated the Call Center Environment including Aspect ACD, VRU, Intelligent Contact Manager (ICM), VOIP, and Empirix (Hammer) Integrated Testing and Monitoring Systems.
For Call Center security, INE assisted IRS in vulnerability assessment, design, implementation and remediation of computer and telecommunications-related security..
8. RDBMS (Oracle, MS SQL) and C/C++ based Applications and Web Development: INE has extensive experience of Oracle & MS SQL RDBMS architecture design and implementation for financial based applications development and administration.
INE has completed Oracle project with the Department of the Commerce (DOC) for financial systems design, GUI based forms and report design (Developer 2000), database volume & sizing, data replication, conversion (8I to 9), SQL access, data/process partitioning, event/trigger setting, and client/server performance optimization. Specifically, INE has performed the conversion planning - analysis, design and consultation on all aspects of the conversion (e.g., conversion planning, post-conversion assessment, database differences, required coding changes, testing, capacity assessment, performance optimization, data transfer, system administration needs, data warehouse design, etc.).
INE has led a contract with Bell Atlantic (Verizon) for Lotus Notes, MS SQL and customized VOD (Video On Demand) application development. And a contract with GSA-FSS for Internet-EDI based client/server applications. The applications were programmed in HTML, Java, and C/C++ languages.
INE has developed a software product named (AMIS) Asset Management Inventory Systems, which is Internet based inventory systems programmed with Java, Microsoft . ASP, and Windows SQL languages.