Workstation Deployment Plan

CS5493 Assignment: Write A Deployment Plan for…

The purpose of this assignment is to write a deployment plan for a portable notebook computer.

1.  Create a fictitious medical supply company name, and address.

2.  Notebook computers might be configured differently depending on who is issued the computer.

3.  Notebook-computers are used by employees who travel or telecommute.

4.  The OS required is MS Windows XP or Vista (your choice).

5.  Assume the following about the company

1. All employees have a supervisor except the CEO.
2. There is a Director of Systems Administration.
3. There is a staff of computer technicians to configure systems. Technicians report to the Director of Systems Administration.
4. Employees require access to the following software
5. Cisco VPN client
6. MS Office –
7. MS Outlook (for e-mail) or any other email reader.
8. A browser is used for accessing online information available to customers.

6.  Write a computer deployment plan for a portable notebook computer. Consult the text (J. Allen), your class notes, and any other appropriate sources.

7.  Include a cover/title page and a table of contents.

8.  The attached worksheet is simply a resource and may be used for this assignment.

Workstation Deployment Policy Worksheet Tech Services, Inc.

SA/Technician must record bar-codes or serial numbers for any and all deployed hardware.

Equipment Installation Inventory

Description Bar Code/SN

CPU-box ______

______Manufacturer

______Model number

______Memory size

______CPU (type/rating)

______Disk capacity

Terminal ______

______Manufacturer

______Dimensions

Keyboard ______

Mouse

Printer

Speakers

Cables

UPS/Surge protector

Graphics card

Other (external drives, Fax, Scanner, … )

An accurate record of the deployed system location is required. If the user is receiving an upgrade, it may be necessary to migrate previous data to the new system.

Destination Migration from user’s Previous System

User name

Address Address

Office number Office number

Phone Phone

e-mail e-mail

Supervisor Bar Code/SN

Initial Request Date

Deployment Date (by)

______Check for User Computer Systems Access Agreement

______Disclosure of Services Agreement

Identify the OS name, version, and most current update information for the installed OS.

Operating System Installation

OS Name and Version

OS Installation Disk ID:

OS checklist

SP version

Additional Updates version and date

OS Updates Configuration

_____ Boot Password (yes or no)

_____ Setup Password (yes or no)

_____ Disk Password (yes or no)

_____ etc.

OS Configuration

·  ______Configure Windows Update for auto-update scheduled @ 2:00am weekly/nightly

·  OS Startup editing using AutoRuns: list disabled startups here:

·  Driver Installation List: list additional drivers not included with the OS install.

·  Driver Removal List : Use AutoRuns to disable the following drivers

·  Windows System Restore.

o  Flush any existing restore points upon installation.

o  Make new System Restore Point

·  Disable Auto-Run on DVD/CD drives.

·  Configure to show file extensions

o  On your desktop, open My Computer. If you don't see My Computer, then open any folder.

o  Select the Tools menu, & then select Folder Options ....

o  In the Folder Options windows, click on the View tab.

o  Uncheck the box next to Hide file extensions for known file types

o  Click OK

·  Start the Event Log (view with the Event Viewer):

o  Type: sc start EventLog from a cmd window.

o  Run: secpol.msc the

§  Set all 9 categories to record failures

§  Record success for: policy change, process tracking, system events.

·  Test security configuration against the security template.

User Configuration

·  ______Create User Account

o  User ID ______

o  Password (yes or no) ______

o  Set access privilege for user ______(access type)

·  List user requested applications:

Application Installed Updates

o  Windows Office x x

o  FireFox x x

o  Windows Media Player x x

o  Outlook(e-mail) x x

·  IE Browser configuration

o  Disable or “prompt for action” on all ActiveX, Java, and JavaScript options.

o  Add Trusted sites: http://surfthenetsafely.com/ieseczone7.htm

o  Disable Auto-complete

o  (consider using SiteAdvisor)

Include special configuration instructions for security software.

Security Software Application Updated Activated

Anti-Virus McAfee x x

Anti-Spy/Adware AdAware x x

Firewall Comodo(firewall) x x

Windows Firewall off

Other WinPatrol x x

Glary Tools x x

WinSCP x x

Putty configure to use ssh port.

(Key logger)

OS Registry Configuration

·  Run registry cleaner

·  Flush and make a new restore point for Windows System Restore

·  Backup registry

·  Checksum registry backup

·  Encrypt the backup and checksum.

·  Copy registry backup and its checksum to WROM.

Disk Maintenance

·  Run disk cleanup

·  De-fragment disk in safe mode.

·  Make full ISO image backup of the disk. Record the checksum of the ISO image.

Physical Security Checklist

______Cabinet intrusion lock:

______Cabinet security lock/cable:

______Terminal lock/cable:

______Privacy screen

______Tamper detection

______Other, specify details:

Attaching to the network is the last step in the deployment.

Networking

Procedure check. All must be checked before connecting to the internal network.

______OS is up to date

______Security software is up to date

______Signature approval for deployment

______Passworded

______Physical Security in place

System MAC Address

Logical network type

Machine DNS Name

Machine DNS Suffix

IP address

Gateway

Subnet

Network software

VPN- client

Network Passwording

MS Active Directory

NIS (Network Information Service)

LDAP (Lightweight Directory Access Protocol)

Include details about special instructions for this particular system.

Other Special Instructions:

Backup schedule for system.

When the system is deployed and configured by the SA-staff; and accepted by the end user.

Installation Completion Approval Signatures Name Signature

SA/Technician

SA/Tech Staff Supervisor

User