Scribd
Upload
28 views7 pages

Sow V1.0

The document outlines the scope of work for a network segmentation project including configuring firewalls, switches, access points, and additional tasks. Key aspects include mounting and configuring 7 firewalls and switches, setting up 6 access points with separate guest networks, maintaining phone and camera systems, executing a penetration test, and reviewing the completed configuration.

Uploaded by

akmal
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
28 views7 pages

Sow V1.0

The document outlines the scope of work for a network segmentation project including configuring firewalls, switches, access points, and additional tasks. Key aspects include mounting and configuring 7 firewalls and switches, setting up 6 access points with separate guest networks, maintaining phone and camera systems, executing a penetration test, and reviewing the completed configuration.

Uploaded by

akmal
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

Network

Segmentation
Project
Scope of Work
In progress
ii
1. FORTIGATE FIREWALL CONFIGURATION - HO
OFFICE & BRANCH OFFICE (2 QTY)

 Mounting of Firewalls and Conducting Power On Self-Test.


 Activation of License Blades and Configuration of Username &
Password.
 Configuration of LAN, DMZ, and WAN Ports & Zones.
 Setup of 5 Firewall Policies & NAT Policies.
 Configuration of Advanced Threat Protection as per
requirements.
 Establishment of 2 IPS Profiles, Advanced Malware
Protection, and Application Control.
 Implementation of 5 Web Filtering & Video Filtering Rules.
 Configuration of 2 Site-to-Site/Remote VPNs.
 Setup of 5 Static Routes.
 Configuration of VPN Limited/Full Access.
 Establishment of Internet Access Policy, restricting access to
specific ports (e.g., Outlook POP3/SMTP).
 Implementation of FortiToken VPN Access for External Users,
incorporating Username, Password, and FortiToken as Multi-
Factor Authentication (MFA).
 Testing and Validation of Firewall Configuration .

3
2. SWITCHES CONFIGURATION - 7 SWITCHES

 Mounting of Switches and Performing Power on Self-


Test, including Stacking.
 Configuration of Hostname, Username & Passwords.
 Setup of VLANs, SVIs, and VLAN Database.
 Configuration of Interfaces as Access or Trunk Ports.
 Establishment of Port Channels.
 Implementation of Layer 3 Routing.
 Configuration of SNMP and Syslog.
 Connection of Uplinks to Interfaces.

4
3. ACCESS POINT CONFIGURATION - 6 ACCESS
POINTS

 Configuration of Hostname, Username & Passwords.


 Assignment of Static IP Address & Default Gateway.
 Configuration of SSID.
 Setup of PSK Security.
 Connection of Uplinks to Interfaces.
 Establishment of Separate Guest Internet Access for
both Locations (Plant & Bhosari Office).
 At Bhosari Office AP: Guest Internet Access, Finance,
Software (existing APs will work in defined VLAN).
 At Plant Office AP: Guest Internet Access, Software,
Design (existing APs will work in defined VLAN).

5
4. ADDITIONAL SCOPE POINTS

 Ensuring Telephone Intercom Functions According to


Existing Setup.
 Maintaining Smooth Communication between Point-to-
Point Connections: Main Plant to Bhosari Office & Main
Plant to Plant 2.
 Ensuring CCTV Camera IPs & NVR IPs are within the
Same Network as Existing (accessible via defined VLAN
network).
 Execution of External Penetration Test Post-Network
Setup.
 Clear Explanation of All Firewall Rules, both Inbound
and Outbound.
 Blocking of Unwanted Firewall Ports (e.g., RDP).
 Implementation of Rules in Firewall to Remove Risk
Factors within the Network (Internal & External Access).
 Resolution of All Issues Post-Network Segmentation
Configuration to Ensure Smooth Operation.

6
5. REVIEW AND ADJUSTMENT

Final Review to Identify Any Missing Components or Areas


for Improvement.
This scope of work outlines the comprehensive plan for
configuring network segmentation, ensuring smooth and
secure operation post-implementation.

You might also like