Risk Assessment for Cybertrans Ltd.,

¶ … risk assessment for CyberTrans Ltd., a logistics firm that is faced with relocation and system upgrade issues. The company is to relocate its technology base to another site within two-year and upgrade its systems to Wireless and VoIP in order to aid in a cost effective relocation exercise. The latest technology such as fiber optics is to be incorporated and its satellite tracking solution can be outsourced but with the ownership and control of the system still being under the control of CyberTrans Ltd.A risk assessment is also carried out and recommendations provided.

Overview of Cybertrans Ltd.

Cybertrans Ltd. is a logistics firm, which provides next day delivery services throughout the UK for packages weighing up to 50kg in weight, as well as a three-day service for shipments over 50kg. They do operate a national fleet of vehicles from small vans up to articulated trucks of 38-tonnes. All of their vehicles have satellite tracking devices that allow the firm to know exactly where each of the vehicles is located at any point in time. The tracking system is hosted on a leased server, based off site, having 24-hour maintenance

Overview of the applicable technologies

Wireless LAN technology

Wireless Local Area network (WLAN) is a special form of LAN that employs radio frequency (RF) in order to communicate as opposed to using wires. The wireless clients then connect to the WLAN via wireless access points (WAP).This is as indicated below;

Figure 1:Wired and wireless network access. Source: Teare and Paquet (2005)

Teare and Paquet (2005) points out three main advantages of WLAN. These are;

It provides flexibility

It increases overall productivity

It results in cost savings in comparison to wired networks

All these are of great importance to Cybertrans considering that it requires relocating within the shortest time possible and at reduced costs. The requirement of flexibility is necessary as this would allow for the free movement of items within the office.

The implementation of the WLAN by Cybertrans would result in the following scenario;

Flexible work environment

The WLAN would allow the staff at Cybertrans Ltd. To easily access printers, servers as well as other network resources easily without regard to their location. This is however subject to the wireless network coverage. This flexibility implies that a laptop that is connected to the Cybertrans access point can stay connected anywhere within the Cybertrans Ltd. wireless network coverage. The employees can work in their cubicles, in their cafeteria as well as in the meeting rooms! The flexibility aspect of WLAN would make it possible for Cybertrans Ltd. To be able to move machines and people around in the office space without having to run extension network cables everywhere.

Increased productivity

A study by NOP World Technology for Cisco Systems in November, 2003 indicated that users of WLAN normally remained connected to the corporate network about 3.64 hours longer as compared to their wired counterparts. This ends up increasing their productivity by twenty seven percent (Cisco, 2003). This increased productivity can indeed be important to Cybertrans.

Low deployment cost

The other great benefit attached to the deployment of WLAN is the low cost of deployment (Teare and Paquet (2005). This is because the total cost of ownership (TCO) is considerable lower as compared to the benefits that it attracts to the organization. This is however subject to a caveat; the WLAN must be well managed and secured.

The wireless components

The Cybertrans corporate WLAN is to be made up of;

Wireless access points and Wireless client devices

The Wireless Access Points

These are used to provide connectivity to the Cybertrans wireless client devices such as laptops, desktops, printers and IP phones. Due to the complex nature of the services at Cybertrans, it is appropriate if they implement an integrated wireless access point. They can acquire Cisco integrated access point systems. This is by putting in place a high-speed wireless interface card (HWIC) using Cisco 2800 or their 3800 routers. This is due to their capability to concurrently route, switch and offer security services on a single platform that has IEEE 802.11 Wireless LAN functionality (Cisco, n.d). The Cisco HWIC-AP WLAN Module for Cisco 1800, 2800 and 3800 used in the convergence of IP communication with IP telephony is shown in the diagram below

Figure 2: Source (Cisco, n.d).

Wireless client devices

He wireless client devices are the ones that have wireless interface card (WIC) that are use for communication over Wireless access points (WAPs) and Radio Frequency (RF). They may include laptops, workstations, PDAs and Wireless IP phones. The Cybertrans expansion/modernization plan is to include the implementation of wireless IP telephony in their call centers. The phones are implemented on 802.11b technology and should have inbuilt security features such as QoS as well as management features. Cybertrans should deploy their wireless IP telephony using Cisco IP phones. This should be deployed using Cisco Unified Wireless IP Phone 7920 (Cisco,2005).

Wireless IP telephony deployment (Teare and Paquet,2005).

Secure Hosting Server

A secure hosting server is important for Cybertrans since it would enable it to effectively host its vehicle tracking system using its own resources. The hosting server should be secure and reliable and must provided the three tenets of information security namely confidentiality, availability and integrity. The hosting server is to be based on HP ProLiant G6 Servers that are equipped with the Intel Xeon 5500 Processors. The server is to run Red Hat Enterprise Linux 5.2 distribution. The vehicle tracking software to be used is WebTMC which is a special Web Server used for Telemetry, Monitoring and Control as well as Vehicle Tracking (Methos Consulting, 2011).

Fiber Optic technology

A fiber optic framework is to be used to provide a Wide Area Network (WAN) between the main office and the new offsite location that houses the tracking servers, customer liaison and finance operations. This is to be done using a broadband coverage service from Virgin Fiber Optic from Virgin Media. The broadband service is to be used in linking up the two the various offices with the main office (Headquarters).This is to be implemented using a 100Mb option for fast and secure exchange of information

Risk Assessment

Risk assessment is defined by PC Magazine (n.d) as a report that clearly shows the vulnerabilities of an organization as well as an estimate of the recovery cost in the event of any damage. The risk assessment also provides a summary of the defensive measures as well as associated costs on the basis of the amount of risk the given organization is willing to fully accept. This is also referred to as the risk tolerance. Risk analysis on the other hand is the process of undertaking the risk assessment. In risk analysis, there are threats. Threats refer to the harmful events and acts like the deployment of worms and viruses as well as unauthorized network access. Risk on the other hand us the level of expectation that a given threat might as well succeed as well as the damage that can result.

Wireless LAN technology Risk Assessment

The wireless network technologies have several advantages of the wired networks. These include:

1. Support for mobility

2. Rapid deployment of the network resources

3. Flexibility in implementation

4. Scalability

The frequency allocation for wireless spectrum

The industrial, scientific and medical (ISM) frequency band

Lower limit

Upper limit

Total bandwidth

902 MHz

928 MHz

26 MHz

2.4 GHz

2.4835 GHz

83.5 GHz

5.725GHz

58.50GHz

125 MHz

Table 1: The industrial, scientific and medical frequency band -- Source Bruce (2000)

The components of wireless LAN -Source (Burrell,2002)

Technologies for WLAN Transmission

Infrared LANS

this form of transmission is needed where there is no need of long-range. The infrared signals cannot go past opaque walls .No license is needed to operate this form of transmission.

Spread spectrum LANs

In this case, the spread spectrum transmission technology is employed. The LANs in this case uses the Industrial, Scientific, and Medical (ISM) band in order to eliminate the need for licensing.

Narrowband Microwave

In this category, microwaves are used in the transmission. Some of the frequencies require FCC licensing while others don't. This is because they utilize the ISM bands.

Infrared transmission

There are three forms of infrared transmission. These are;

1. Direct beam

2. Omnidirectional

3. Diffused

The direct beam infrared is the one that has the best speed of transmission. The receiver in this case is aligned with the signal sender unit in order to form a point-to-point link. The signal range however depends on the level of focus as well as the power that is emitted. The source of light is dependent on the specific environment .Indoor environments requires light emitting diodes (LEDs) while outdoors require lasers.

The omnidirectional infrared configuration on the other hand uses a sing base transmitter station (BTS) that is within the LAN's line of sight. The base station is mounted at a suitable point on the ceiling where it operates as a multiport repeater. The station then broadcasts signals omnidirectionally to be received by the Infrared receivers in the given area.

The diffused infrared configuration however, uses a transmitter that fills a given office space with signals. The signal receiver can then be located anywhere in the office area in order to successfully receive the IR signal.

The Spread spectrum LANs

This form of arrangement utilizes the multiple-cell configuration. Each of the cells are appropriately assigned a unique center frequency that lies within a specific band in order to avoid signal interference. This transmission technique makes use of two methods; frequency hopping as well as direct sequence modulation

The Frequency hopping method uses signals that jumps from a given frequency to the other within a specific bandwidth. The transmission unit then "listens" to a give channel and if successfully detects any idle time (a time when no signal is transmitted),then transmits the packet via the full channel bandwidth .In case a channel is deemed "full," the transmitter then "hops" to the next channel and then the process is repeated. Both the transmitter and the receiver have the same "jumping" behavior.

In the case of Direct Sequence Modulation, a wide frequency band as well as Code Division Multiple Access (CDMA) is utilized. The signals from various units (multiple) are then transmitted at a certain range of frequencies at relatively lower power. With each signal transmitted, there is a code to be used by the receiver in the identification of the appropriate signal from the sending unit. This frequency falls within the industrial, scientific and medical (ISM) band.

The Narrow and Microwave Local Area Networks (LANs)

This type of LAN is implemented using narrow bandwidth microwaves frequencies in the transmission of signals. Most of the equipment using this bandwidth range needs licensing from FCC. They employ 18.82-19.205GHz of frequency spectrum (radio).

There are;

The Licensed narrow radio frequencies which involves the use of narrowband frequency schemes that employ cell configuration whereby the cells that are adjacent employ nonoverlapping bandwidths that lie within the 18 Ghz band. An advantage of this scheme is that it allows foir a guaranteed communication that has no form of interference. The communication channels are also highly encrypted in order to eliminate threats of unauthorized data interception (eavesdropping).

The unlicensed Narrow RF also operates within the ISM spectrum and can be employed for transmissions of power less than 0.5 watts.

A comparison of the techniques of Wireless transmission

Source: Burrell (2002)

The Wireless LAN Topologies

The WLAN makes use of three main topologies;

These are

1. Basic Service Set (BSS)

2. Independent Basic Service Set (IBSS)

3. Extended Service Set (ESS)

A further classification involves two modes. Namely, the ad hoc and infrastructure modes.

Wireless topologies. Source- Burell (2002).

WLAN Security threats and vulnerabilities

A close examination of the WLAN systems reveals a system that is not entirely safe from threats. The WLAN attacks are aimed at interfering with the confidentiality, integrity and availability of the system and the data within it. These security attacks can come in the form of active or passive attacks.

The passive attacks;

These attacks are made up of unauthorized data WLA system access for the purpose of either traffic analysis or eavesdropping. It can also be for the purpose of modifying the content of the data traffic and therefore interfering with its integrity. The passive network attacks are hard to detect as the data is often unaffected. This therefore calls for prevetion efforts such as encryption other than detection.

Active attacks

These forms of network attacks involves the unauthorized access of WLAN resources for the purpose of malicious data modification or the interruption of the given network service (Jeopardizing the availability of the system).