experience

Integrated Network Engineering IT Integration Support
Experience

Integrated Network Engineering, Inc.

1. Engineering Standards Support: INE understands that client has the responsibility to
establish the engineering standards and best business practice for enterprise-wide
network/systems support. INE has led the client in standards development, review,
and documentation by contributing these activities:

Communicate with client organizations and vendor/contractor community about client
telecom and systems naming standards
Update, maintain, and share with the client field engineers about the current Standards
Review and update new versions of Configurations Standards (OS Systems, Router &
Switches, firewalls, etc.) when new features are introduced into these devices
Define the QOS (Quality of Service) boundary and configuration standards/guidelines for
VOIP implementation.
Review and update the document about the control and use of software-based capture
and analysis tools (OPNET ACE, IT Guru, Infinistream, NetVantage, CiscoWorks, etc)
Led client for Domain Name Service (DNS) & DHCP architecture design discussion and
deployment strategy.

2. Engineering Operations Support; INE understands that client critical operations
needs. INE has seasoned engineers with Microsoft (MCSE), Cisco (CCNA/CCNP/CCIE)
and security certified engineers (CISSP) to support the following Operations and
projects:

Security/Firewalls Engineering Analysis; Working with the client security organization, INE
engineers have provided pivotal roles for firewalls and load balancer design, configuration,
and troubleshooting
WAN project support: As the client’s WAN is transitioned from the existing network
contract to GSA Networkx services, INE engineers have led the team for extensive Lab
testing to ensure that the contractual SLA are met by the carrier, and the applications
have minimal impact.
NAC technology evaluation: NAC (Network Admission Control) is a network access security
control mechanism. INE engineers have led the IRS to perform extensive NAC feature and
functionality testing with various user access and authentication scenarios. INE engineers
led the project for secured network switch design (802.1x, SNMP v2/v3), policy manager
and policy enforcer integration testing. INE is providing the NAC deployment strategy to
the client so that only client’s authorized users can access the LAN switches and
resources in the future. INE engineers utilized the Vmware to enable Active Directory (AD)
for Single Sign-On (Kerberos) user authentication, and Internet Authentication Server
(IAS) as the RADIUS server for 802.1x user authentication.
Extranet Support: INE’s client has an Extranet that is secured Site-to-Site VPN connectivity
via the Internet. Extranet allows the secured VPN tunnel between the client network and
client’s trading partners. INE engineers led the client (IRS) business partners (i.e. FMS,
SSA, Lockbox, and US Customs) for various extranet projects needs: OPM eQIP, PNC
Bank DR connectivity, Dept of Ed, USPS, Navy DMDC, GSA, InterVoice etc

3. IPv6 Support: INE has provided skilled and experienced engineers to assist the IRS
to accomplish the OMB IPv6 Mandate:

Incorporate the IPv6 into IRS IRM Strategic Plan
Update the IPv6 based Enterprise Architecture with the transition strategies
Complete the IPv6 Transition Plan
Assist the agency to generate the OMB required IPv6 progress report
Implement the IPv6 into the IRS backbone
Document the testing process and results

Specifically, INE has led the IRS IPv6 project as follows:

IPv6 related LAN/WAN Architect, Testing, Trouble Resolution, Systems/ Security
Consulting for Voice, Video, and Data (Wire and Wireless) – INE led the IPv6 related
architecture change, hardware and software testing, firewalls and Intrusion detection
systems (IDS), security assessment, email and Web content filtering impact assessment,
local area network (LAN) and wide area network (WAN) bandwidth and connectivity needs
assessment. Specifically, INE engineers have identified and mitigated security risks
associated with the IPv6 based LAN/WAN infrastructure.

IPv6 Related Business Case studies and Applications Impact Analysis Support: INE has
developed and provided business case studies, and engineering alternative analysis. INE
has communicated the IPv6 efforts with multiple organizations, and analyze the potential
use of IPv6 based applications to add value to the IRS.

Network Baseline/Transition Support for IPv6: INE has documented the network
baseline/transition planning support for IPv6. The support activities include
coordinating/working with current and potential contractor(s) to baseline the current
performance, capacity, ownership, management, etc. and develop transition plans to insert
IPv6 into the IRS infrastructure.

Technical/Engineering Advisory Support on IPv6: INE has provided the technical support
to the IRS for the IPv6 and network projects that are in progress or new requirements
development. INE engineers act as the network engineering lead to support the network
projects. INE engineers have provided advice and assistance to develop IPv6 project plan,
WBS, security concerns, funding requirements, preliminary network/systems design, lab
integration testing, and hardware and software acquisition necessary to complete the
project. INE provided IPv6 implementation methodology that covers the identifications of
requirements, the baseline of the current systems, the tools used for the IPv6 migration,
the impact and the cost elements, and the measurement of the IPv6 implementation
milestones.

4. Portal Infrastructure Support; Client’s Portals infrastructure is built to support a new
growing set of Web-based applications and lay a foundation for a universal secure access to
many legacy applications. It provides an integrated environment of Enterprise Portals (web
servers and web application servers), security mechanisms and data access service. The Portal
segment intends to provide access for registered users, partners, public and employees to new
and legacy business applications. INE led the portal infrastructure support covers the following:

Portal Operations support: INE engineer has led client engineers in the portal technology
refresh and the network interface design and testing. INE engineer led the Portal
operations in the areas of troubleshooting, firewall security, Authentication/Authorization,
IP addressing and routing scheme, DNS and load balancing, and VPN based secure
network capacity and throughput assessment.
Extranet & Remote Access support: INE led the client for a cost-effective VPN-based
remote access solution for all client enterprise users and approved contractors.

5. Cyber Security Consulting: INE assist its client in various security tasks:

Security & Privacy:

INE possesses senior level industry recognized subject-matter experts in security
and privacy who have executed successful engagements for commercial and government
organizations. Our professionals have industry certifications such as Certified Information
System Security Professionals (CISSP), Certified Information Security Auditor (CISA). The
INE team is skilled in the business process reengineering techniques to align security
processes with business objectives. These techniques include; rapid needs assessment,
conceptualization, and architecture design and system implementation.

Certification and Accreditation Services

Certification and accreditation (C&A) of major applications, general support systems
and critical systems are effectively performed in accordance with the National Institute of
Standards and Technology (NIST) special publications (SP). INE service offerings are
centered on “Protection in Context” which covers security as outlined in the 10 CISSP
domains. Protection in Context is a security assessment process that combines relevant
NIST Special Publication (SP) 800 Series and ISO 17799:2000, Code of Practice for
Information Security Management, into a comprehensive methodology and questionnaire.
With Protection in Context, the INE team is able to rapidly create a baseline for the client,
commensurate with the value of information being protected and the probability of loss.

Risk Assessment/PKI Services

INE has worked with its clients for risk assessment, defined security policies from
desktop/server, network, to Internet access. INE performed SRA (Security Risk
Assessment) for DC Superior Court via Pen test and provided security architecture review,
and risk mitigation strategies for critical servers, Internet/Intranet email and public Web
access, NetApp database access. INE helped clients to identify issues such as simple
password protection, hand-held authentication (Secure Dynamic’s Secure ID), and
biometric device identification. For the network, INE recommends the authentication with
AD/Single Sign-on (SSO), 802.1x, ACL/filtering, log/audit trail and dial-back strategy for
network/firewall device access. For the Internet E-business transactions, INE
recommended its clients with intrusion detection/audit test tools (NMAP, Nessus, SNORT),
Proxy/Firewall under DMZ design/implementation, and Entrust PKI CA/X.
500/timestamp/Biometric/Cisco VPN for digital signature/certificate authentication.

Independent Verification & Validation (IV& V) Project

INE engineers have performed Independent Baseline Validation (IBV) functions for
the Treasury Department to independently validate whether the CI (Consolidated
Infrastructure) investment is meeting the requirements stipulated in OMB’s M-05-23
Memorandum, and identify deficiencies of the implementation of Earned Value
Management System (EVMS) for all new and ongoing major developmental investments.

INE has also done IV&V tasks with Government agencies for network verifications and
validations under TCS contract, and performed security accreditation and systems IV&V
for the IRS under PRIME and TIPSS contracts. INE engineers utilized their network,
security and systems engineering "best practices" to evaluate the correctness and quality
of critical and complex security/systems/networks throughout the project life cycle. INE
engineers used tools (requirement analysis and design, process modeling, and
configuration management) to verify the compliance with project and system requirements,
analyzed development processes, analyzed and ensured effective technology transfer to
the clients and direct IV&V activities according to clients’ needs. INE engineers’ analytical
approaches enable efficient, cost effective IV&V service through their network, systems,
and COTS applications expertise.

6. Modeling and Network Performance Engineering Support: INE engineers have the
expertise in using OpNet tool suite (ITGuru, SPGuru, ACE, Flow Analysis, Panorama, and
Commander) to assist client in network planning, operation and trouble shooting of various
applications and systems. INE Modeler has applied the following modeling methodologies to
accomplish the results:

Review the required/projected traffic volume by type with the needed project
Construct a network topology diagram via VNE server with enough details from a LAN/WAN
point of view based on actual current connectivity.
The detailed topology will include all nodes of interest, network connectivity, and capacity
of each circuit.
Collect Concord data utilization to characterize link, and node traffic in terms of daily,
weekly and seasonal traffic characteristics.
Collect transaction signature for each type of activities using OPNET ACE,
Develop longer term traffic projection model and short term application transaction and
traffic model (OPNET simulation and OPNET ACE model)
Perform models Validation
Perform capacity modeling and planning for future network adjustment
Determine the achievable performance for the current network topology/capacity and
under different traffic conditions: best case, typical case and worst case based on ACE
capture data and ACE modeling tool such as Quick-Predict.
Determine the efficiency differences between HTTP (Web traffic) versus FTP based
transactions for different type of filings using actual ACE capture data and ACE models
Update VNE server data.

In addition to the OpNet modeling/simulation support, INE engineers also led client for
Capacity Planning and Performance Analysis with the following methodologies:

Define Planning Objectives: Document and Prioritize the information needs and objectives
such as improving the network performance in anticipation of new applications, and
grooming the circuit costs due to low (or none) usage.
Select proper tool such as Data Collection Tools (Concord, Netscout, Compuware
Netvantage), Data Management Tools (CiscoWorks, HP Openviews, Tivoli), Network
Graphic tools (Visio), and the Data Analysis Tools (OpNet NetDoctor, ITGuru) to perform
network Capacity Planning and Performance Analysis,
Specify Network Performance Criteria: establish the performance baseline and criteria for
measurement
Specify Data Collection and Storage Procedures; i.e. Identify existing sources of data that
are generated from current work products, processes, or transactions, and specify how to
collect and securely store the data for each required measure
Specify the Analysis Procedures; i.e. Specify and prioritize the analyses that will be
conducted and specify criteria for evaluating the utility of the analysis results
Perform Data Collection from the Concord/Compuware tools
Perform Data Analysis and conduct additional measurement and analysis as necessary
Present data analysis results with stakeholders
Produce secured data inventory for future references
Communications with client Management Team
Provide recommendations to Operations and Application Development in areas where
application performance can be enhanced.

7. Call Center CTI Technology and Security Support: INE has helped Skyallen Marketing
and IRS for Call Center Technology test, security assessment, and new technology deployment.

For Skyallen marketing, INE has performed system and call router/predictive dialer
installation to help marketing campaign.
For IRS, INE has performed 46 Call Centers capacity planning, and recommend IRS best
utilized operations equipment/systems (ACD, VRU, Telefile, Teletax, TRIS, CSCR, ICM,
Routers, etc.). INE has also planned, designed, implemented, and integrated the Call
Center Environment including Aspect ACD, VRU, Intelligent Contact Manager (ICM), VOIP,
and Empirix (Hammer) Integrated Testing and Monitoring Systems.
For Call Center security, INE assisted IRS in vulnerability assessment, design,
implementation and remediation of computer and telecommunications-related security..

8. RDBMS (Oracle, MS SQL) and C/C++ based Applications and Web Development: INE
has extensive experience of Oracle & MS SQL RDBMS architecture design and implementation
for financial based applications development and administration.

INE has completed Oracle project with the Department of the Commerce (DOC) for
financial systems design, GUI based forms and report design (Developer 2000), database
volume & sizing, data replication, conversion (8I to 9), SQL access, data/process
partitioning, event/trigger setting, and client/server performance optimization. Specifically,
INE has performed the conversion planning - analysis, design and consultation on all
aspects of the conversion (e.g., conversion planning, post-conversion assessment,
database differences, required coding changes, testing, capacity assessment,
performance optimization, data transfer, system administration needs, data warehouse
design, etc.).
INE has led a contract with Bell Atlantic (Verizon) for Lotus Notes, MS SQL and customized
VOD (Video On Demand) application development. And a contract with GSA-FSS for
Internet-EDI based client/server applications. The applications were programmed in HTML,
Java, and C/C++ languages.
INE has developed a software product named (AMIS) Asset Management Inventory
Systems, which is Internet based inventory systems programmed with Java, Microsoft .
ASP, and Windows SQL languages.