You have been hired as consultants to design and implement a security initiative for an expanding global eCommerce corporation with two websites and locations in New York and London. There are currently about 300 employees in the company.

In the next three months, the corporation will be acquiring another company in a different line of business with plans to offer products for sale online. This new company is in Paris and will have a Research and Development (R&D) and a Sale Dept., with a total of 150 to 200 employees. They will create new products and sell it online.

Part of your role would be to recommend the best way for integrating both environments. However, not much information is available about the IT setup for the company being acquired. The other company might even have a mix of different operating environment - it is unclear since the IT staff in that company is not very communicative.

Some critical staff members in the other company are not happy with the upcoming merger and have sworn to be as uncooperative as possible. The Network Manager for the other company is a difficult personality. There are plans to fire him but unfortunately, he is the only one who knows the network architecture completely and he is not willing to share. You must find out everything about the new environment and propose specifics on how to seamlessly integrate both Enterprise Level environments.

In the initial conversation with executives of the global company, you realize that the company does not have a security policy. After much discussion, they have agreed that you should come up with a detailed security policy customized for the company.

In a follow-up meeting with the executives and IT staff of the global corporation, you were also assigned the task of identifying:

• Two (2) security audit tools (vulnerability/web scanners).
• Two (2) intrusion detection systems.
• Two (2) network firewall products that would be suitable for the global company.
• Two (2) automated network asset inventory tools to know what exists at the new location and determine what will be integrated into the merged company.
• You are to test and describe the features of selected security solutions.
• Indicating (a) which you prefer and (b) providing convincing rationale for why you prefer a specific solution in each category. In other words, you are to evaluate two products for each category and recommend one, giving the reasons for your choice.

Salient points: The new corporate acquisition will increase the total numbe