Integrated Network Engineering IT Integration Support
Experience
Integrated Network Engineering, Inc.
1. Engineering Standards Support: INE understands that client has the responsibility to
establish the engineering standards and best business practice for enterprise-wide
network/systems support. INE has led the client in standards development, review,
and documentation by contributing these activities:

  • Communicate with client organizations and vendor/contractor community about client
    telecom and systems naming standards
  • Update, maintain, and share with the client field  engineers about the current Standards
  • Review and update new versions of Configurations Standards (OS Systems, Router &
    Switches, firewalls, etc.)  when new features are introduced into these devices
  • Define the QOS (Quality of Service) boundary and configuration standards/guidelines for
    VOIP implementation.
  • Review and update the document about the control and use of software-based capture
    and analysis tools (OPNET ACE, IT Guru, Infinistream, NetVantage, CiscoWorks, etc)
  • Led client for Domain Name Service (DNS) & DHCP architecture design discussion and
    deployment strategy.

2. Engineering Operations Support; INE understands that client critical operations
needs. INE has seasoned engineers with Microsoft (MCSE), Cisco (CCNA/CCNP/CCIE)
and security certified engineers (CISSP) to support the following Operations and
projects:

  • Security/Firewalls Engineering Analysis; Working with the client security organization, INE
    engineers have provided pivotal roles for firewalls and load balancer design, configuration,
    and troubleshooting
  • WAN project support: As the client’s WAN is transitioned from the existing network
    contract  to GSA Networkx services, INE engineers have led the team for extensive Lab
    testing to  ensure that the contractual SLA are met by the carrier, and the applications
    have minimal impact.
  • NAC technology evaluation: NAC (Network Admission Control) is a network access security
    control mechanism. INE engineers have led the IRS to perform extensive NAC feature and
    functionality testing with various user access and authentication scenarios. INE engineers
    led the project for secured network switch design (802.1x, SNMP v2/v3), policy manager
    and policy enforcer integration testing. INE is providing the NAC deployment strategy to
    the client so that only client’s authorized users can access the LAN switches and
    resources in the future. INE engineers utilized the Vmware to enable Active Directory (AD)
    for Single Sign-On (Kerberos) user authentication, and Internet Authentication Server
    (IAS) as the RADIUS server for 802.1x user authentication.
  • Extranet Support: INE’s client has an Extranet that is secured Site-to-Site VPN connectivity
    via the Internet. Extranet allows the secured VPN tunnel between the client network and
    client’s trading partners. INE engineers led the client (IRS) business partners (i.e. FMS,
    SSA, Lockbox, and US Customs) for various extranet projects needs: OPM eQIP, PNC
    Bank DR connectivity, Dept of Ed, USPS, Navy DMDC, GSA, InterVoice etc

3. IPv6 Support: INE has provided skilled and experienced engineers to assist the IRS
to accomplish the OMB IPv6 Mandate:

  • Incorporate the IPv6 into IRS IRM Strategic Plan
  • Update the IPv6 based Enterprise Architecture with the transition strategies
  • Complete the IPv6 Transition Plan
  • Assist the agency to generate the OMB required IPv6 progress report
  • Implement the IPv6 into the IRS backbone
  • Document the testing process and results

Specifically, INE has led the IRS IPv6 project as follows:

  • IPv6 related LAN/WAN Architect, Testing, Trouble Resolution, Systems/ Security
    Consulting for Voice, Video, and Data (Wire and Wireless) – INE led the IPv6 related
    architecture change, hardware and software testing, firewalls and Intrusion detection
    systems (IDS), security assessment, email and Web content filtering impact assessment,
    local area network (LAN) and wide area network (WAN) bandwidth and connectivity needs
    assessment. Specifically, INE engineers have identified and mitigated security risks
    associated with the IPv6 based LAN/WAN infrastructure.

  • IPv6 Related Business Case studies and Applications Impact Analysis Support: INE has
    developed and provided business case studies, and engineering alternative analysis. INE
    has communicated the IPv6 efforts with multiple organizations, and analyze the potential
    use of IPv6 based applications to add value to the IRS.

  • Network Baseline/Transition Support for IPv6: INE has documented the network
    baseline/transition planning support for IPv6. The support activities include
    coordinating/working with current and potential contractor(s) to baseline the current
    performance, capacity, ownership, management, etc. and develop transition plans to insert
    IPv6 into the IRS infrastructure.

  • Technical/Engineering Advisory Support on IPv6: INE has provided the technical support
    to the IRS for the IPv6 and network projects that are in progress or new requirements
    development.  INE engineers act as the network engineering lead to support the network
    projects. INE engineers have provided advice and assistance to develop IPv6 project plan,
    WBS, security concerns, funding requirements, preliminary network/systems design, lab
    integration testing, and hardware and software acquisition necessary to complete the
    project. INE provided IPv6 implementation methodology that covers the identifications of
    requirements, the baseline of the current systems, the tools used for the IPv6 migration,
    the impact and the cost elements, and the measurement of the IPv6 implementation
    milestones.

4. Portal Infrastructure Support; Client’s Portals infrastructure is built to support a new
growing set of Web-based applications and lay a foundation for a universal secure access to
many legacy applications. It provides an integrated environment of Enterprise Portals (web
servers and web application servers), security mechanisms and data access service. The Portal
segment intends to provide access for registered users, partners, public and employees to new
and legacy business applications. INE led the portal infrastructure support covers the following:

  • Portal Operations support: INE engineer has led client engineers in the portal technology
    refresh and the network interface design and testing. INE engineer led the Portal
    operations in the areas of troubleshooting, firewall security, Authentication/Authorization,
    IP addressing and routing scheme, DNS and load balancing, and VPN based secure
    network capacity and throughput assessment.  
  • Extranet & Remote Access support: INE led the client for a cost-effective VPN-based
    remote access solution for all client enterprise users and approved contractors.

5. Cyber Security Consulting: INE assist its client in various security tasks:

  • Security & Privacy:
  •        INE possesses senior level industry recognized subject-matter experts in security
    and   privacy who have executed successful engagements for commercial and government
    organizations. Our professionals have industry certifications such as Certified Information
    System Security Professionals (CISSP), Certified Information Security Auditor (CISA).  The
    INE team is skilled in the business process reengineering techniques to align security
    processes with business objectives.  These techniques include; rapid needs assessment,
    conceptualization, and architecture design and system implementation.

  • Certification and Accreditation Services
  •        Certification and accreditation (C&A) of major applications, general support systems
    and critical systems are effectively performed in accordance with the National Institute of
    Standards and Technology (NIST) special publications (SP).  INE service offerings are
    centered on “Protection in Context” which covers security as outlined in the 10 CISSP
    domains.  Protection in Context is a security assessment process that combines relevant
    NIST Special Publication (SP) 800 Series and ISO 17799:2000, Code of Practice for
    Information Security Management, into a comprehensive methodology and questionnaire.  
    With Protection in Context, the INE team is able to rapidly create a baseline for the client,
    commensurate with the value of information being protected and the probability of loss.

  • Risk Assessment/PKI Services

  •        INE has worked with its clients for risk assessment, defined security policies from
    desktop/server, network, to Internet access. INE performed SRA (Security Risk
    Assessment) for DC Superior Court via Pen test and provided security architecture review,
    and risk mitigation strategies for critical servers, Internet/Intranet email and public Web
    access, NetApp database access. INE helped clients to identify issues such as simple
    password protection, hand-held authentication (Secure Dynamic’s Secure ID), and
    biometric device identification. For the network, INE recommends the authentication with
    AD/Single Sign-on (SSO), 802.1x,  ACL/filtering, log/audit trail and dial-back strategy for
    network/firewall device access. For the Internet E-business transactions, INE
    recommended its clients with intrusion detection/audit test tools (NMAP, Nessus, SNORT),
    Proxy/Firewall under DMZ design/implementation, and Entrust PKI CA/X.
    500/timestamp/Biometric/Cisco VPN for digital signature/certificate authentication.

  • Independent Verification & Validation (IV& V) Project

  •        INE engineers have performed Independent Baseline Validation (IBV) functions for
    the Treasury Department to independently validate whether the CI (Consolidated
    Infrastructure) investment is meeting the requirements stipulated in OMB’s M-05-23
    Memorandum, and identify deficiencies of the implementation of Earned Value
    Management System (EVMS) for all new and ongoing major developmental investments.

  • INE has also done IV&V tasks with Government agencies for network verifications and
    validations under TCS contract, and performed security accreditation and systems IV&V
    for the IRS under PRIME and TIPSS contracts. INE engineers utilized their network,
    security and systems engineering "best practices" to evaluate the correctness and quality
    of critical and complex security/systems/networks throughout the project life cycle. INE
    engineers used tools (requirement analysis and design, process modeling, and
    configuration management) to verify the compliance with project and system requirements,
    analyzed development processes, analyzed and ensured effective technology transfer to
    the clients and direct IV&V activities according to clients’ needs. INE engineers’ analytical
    approaches enable efficient, cost effective IV&V service through their network, systems,
    and COTS applications expertise.

6. Modeling and Network Performance Engineering Support: INE engineers have the
expertise in using OpNet tool suite (ITGuru, SPGuru, ACE, Flow Analysis, Panorama, and
Commander) to assist client in network planning, operation and trouble shooting of various
applications and systems. INE Modeler has applied the following modeling methodologies to
accomplish the results:

  • Review the required/projected traffic volume by type with the needed project
  • Construct a network topology diagram via VNE server with enough details from a LAN/WAN
    point of view based on actual current connectivity.  
  • The detailed topology will include all nodes of interest, network connectivity, and capacity
    of each circuit.
  • Collect Concord data utilization to characterize link, and node traffic in terms of daily,
    weekly and seasonal traffic characteristics.
  • Collect transaction signature for each type of activities using OPNET ACE,
  • Develop longer term traffic projection model and short term application transaction and
    traffic model (OPNET simulation and OPNET ACE model)
  • Perform models Validation
  • Perform capacity modeling and planning for future network adjustment
  • Determine the achievable performance for the current network topology/capacity and
    under different traffic conditions: best case, typical case and worst case based on ACE
    capture data and ACE modeling tool such as Quick-Predict.
  • Determine the efficiency differences between HTTP (Web traffic) versus FTP based
    transactions for different type of filings using actual ACE capture data and ACE models
  • Update VNE server data.

In addition to the OpNet modeling/simulation support, INE engineers also led client for
Capacity Planning and Performance Analysis with the following methodologies:

  • Define Planning Objectives: Document and Prioritize the information needs and objectives
    such as improving the network performance in anticipation of new applications, and
    grooming the circuit costs due to low (or none) usage.
  • Select proper tool such as Data Collection Tools (Concord, Netscout, Compuware
    Netvantage), Data Management Tools (CiscoWorks, HP Openviews, Tivoli), Network
    Graphic tools (Visio), and the Data Analysis Tools (OpNet NetDoctor, ITGuru) to perform
    network Capacity Planning and Performance Analysis,
  • Specify Network Performance Criteria: establish the performance baseline and criteria for
    measurement
  • Specify Data Collection and Storage Procedures; i.e. Identify existing sources of data that
    are generated from current work products, processes, or transactions, and specify how to
    collect and securely store the data for each required measure
  • Specify the Analysis Procedures; i.e. Specify and prioritize the analyses that will be
    conducted and specify criteria for evaluating the utility of the analysis results
  • Perform Data Collection from the Concord/Compuware tools
  • Perform Data Analysis and conduct additional measurement and analysis as necessary
  • Present data analysis results with stakeholders
  • Produce secured data inventory for future references
  • Communications with client Management Team
  • Provide recommendations to Operations and Application Development in areas where
    application performance can be enhanced.  

7. Call Center CTI Technology and Security Support:  INE has helped Skyallen Marketing
and IRS for Call Center Technology test, security assessment, and new technology deployment.

  • For Skyallen marketing, INE has performed system and call router/predictive dialer
    installation to help marketing campaign.
  • For IRS, INE has performed  46 Call Centers capacity planning, and recommend IRS best
    utilized operations equipment/systems (ACD, VRU, Telefile, Teletax, TRIS, CSCR, ICM,
    Routers, etc.). INE has also planned, designed, implemented, and integrated the Call
    Center Environment including Aspect ACD, VRU, Intelligent Contact Manager (ICM), VOIP,
    and Empirix (Hammer) Integrated Testing and Monitoring Systems.
  • For Call Center security, INE assisted IRS in vulnerability assessment, design,
    implementation and remediation of computer and telecommunications-related security..

8. RDBMS (Oracle, MS SQL) and C/C++ based Applications and Web Development: INE
has extensive experience of Oracle & MS SQL RDBMS architecture design and implementation
for financial based applications development and administration.

  • INE has completed Oracle project with the Department of the Commerce (DOC) for
    financial systems design, GUI based forms and report design (Developer 2000), database
    volume & sizing, data replication, conversion (8I to 9), SQL access, data/process
    partitioning, event/trigger setting, and client/server performance optimization. Specifically,
    INE has performed the conversion planning - analysis, design and consultation on all
    aspects of the conversion (e.g., conversion planning, post-conversion assessment,
    database differences, required coding changes, testing, capacity assessment,
    performance optimization, data transfer, system administration needs, data warehouse
    design, etc.).
  • INE has led a contract with Bell Atlantic (Verizon) for Lotus Notes, MS SQL and customized
    VOD (Video On Demand) application development. And a contract with GSA-FSS for
    Internet-EDI based client/server applications. The applications were programmed in HTML,
    Java, and C/C++ languages.  
  • INE has developed a software product named (AMIS) Asset Management Inventory
    Systems, which is Internet based inventory systems programmed with Java, Microsoft  .
    ASP, and Windows SQL languages.