A company requires a centralized security workstation to monitor the internal network of their primary location, remote sites, and other facilities. The security operations center needs to be robust and capable of passive and active monitoring and vulnerability analysis, and it should be able to generate reports, alerts, and graphical metrics. The computing requirements of the workstation will be very high to support the large scope of monitoring, but a Beta implementation will be made with smaller requirements to demonstrate the concept before proceeding with a more robust and finalized implementation.

Technical Requirements:

  • Network monitoring
  • Intrusion detection
  • Vulnerability analysis
  • Report / Alert generation
  • Graphical metrics
  • *Rogue AP detection

Hardware Requirements:

  • 16gb RAM
  • Link-dependent storage requirements; (possible high-capacity need)
  • 10 CPU Cores
  • Two NICs (Monitoring and Sensors)
  • Physical sensors for the network

Student Team Members: Clay Hampton, Keith Cornell

Author