The London Stock Exchange
Wharf Traders Limited is a firm of investment advisers, which specialises in companies listed on the Alternative Investment Market (AIM), of the London Stock Exchange. 'AIM is the London Stock Exchange's international market for smaller growing companies. A wide range of businesses includingearly stage, venture capital backedas well asmore establishedcompanies join AIM, seeking access to growth capital.'
Wharf Traders' operations comprise four main divisions:
- Corporate Finance,
- Investment Advice,
- Back Office
The company acts as an AIM 'Nomad' (Nominated Advisor), i.e. it sponsors new entrants to the market. The work involves preparing detailed documentation and seeking underwriting (guarantees from investment funds) for new issues. This involves the transfer of documents between the firm and its client companies and their other advisors - accountants and lawyers. Wharf coordinates the preparation of all the documentation prior to a new listing amongst all the advisors and itself advises on the correct market pricing on listing. Since the information that the corporate finance department has is always price sensitive, the work is highly confidential. If the information were to 'leak' and profit were to be made on the trading of shares as a result, then the perpetrators would be guilty of 'insider trading', which is a crime punishable in the UK by imprisonment. Very often the fact that two parties are exchanging messages alone, whatever their content, would be enough to start a rumour of a potential new issue or takeover. Therefore no information must leak, not even to the firm's own investment advisors.
Wharf uses its Research Department to source new potential prospects for its corporate finance division and to keep abreast of developments in the companies to which it is a Nominated Advisor. It must also research companies elsewhere in the market, so that it can inform its investment advisors of statistics that will allow them to form a view as to the correct relative pricing of shares within the market.
The Investment Division acts as a broker to investment clients, who mainly comprise institutional investors, such as investment companies and pension funds and the like, but also wealthy private investors to a lesser extent. A 'broker' is a middleman who acts between their clients and the market-makers. (Market makers take positions in the shares in which they trade and offer to buy them from, or sell them to, the broker on behalf of its investment clients.)
Trades made on behalf of investment clients and other settlement/accounting and logistical work is carried out by 'Back Office' personnel. In total the firm employs some 50 staff.
Wharf has grown and is shortly to move to a new office. It is proposed that the new office LAN will run Windows XP/Vista workstations, managed by a Windows Server 2008 server. Research material is hosted on another Windows Server 2008 server, which is configured as a file server. All members of staff require access to the Internet for search and e-mail services. However, the highly sensitive nature of communications between Corporate Finance staff and their clients requires all to be configured using Linux OS servers. Investment advisors execute trades with market makers using a system, which is hosted by the market and delivered securely over the general Internet. This comprises an application, which lists market-makers in the shares of individual listed companies and permits the advisors to compare prices and execute trades using Web technology.
You have been employed as a consultant by Wharf to produce a detailed instruction manual to be used by the office systems administrator that gives clear, step-by-step information on how (s)he should configure the Linux and Windows Server 2008 servers and their application server infrastructure to support the daily activities of the firm. Amongst other things you should pay particular attention to the following:
- The likely nature of the data flows within the LAN and external to it,
- The necessity to create and maintain users and groups for project and other work in this environment and the storage and transfer of sensitive data across the network and over the Internet infrastructure,
- Detailed procedures for authentication, authorisation and access control, both internal to the LAN and external to the Linux server(s) and to any database server if implemented.
- The advisability of, and methodology for, encryption of data in transit and for storage,
- Integration with, and configuration for, other services, which will be required to be supported such as essential Web access and secure messaging systems,
- Practical procedures for restoration in the event of a system failure,
- Basic audit procedures to detect possible network compromise,
- The implementation of an appropriate security and maintenance management policy.
You may assume that the administrator has some familiarity with Windows Server 2008 management GUIs (and an instruction manual) and also can navigate a Linux file system using a command line secure-shell interface (and can use the 'man' pages).
The Instruction Manual
The only deliverable is the instruction manual, with the coursework header sheet attached. No further submission comprising a 'report' containing a description or justification is required. This MUST be your own individual work.
Assessment will be as to:
All aspects itemised 1-8 above must be considered, together with any others that you consider relevant and important. Each of the above criteria, applied to each of the items 1-8 above will represent one-quarter of the 50% of total marks for the module to be awarded for this coursework.
- the likely requirements of the scenario have been correctly identified and suitable strategies developed to meet them,
- the suggested configuration is both technically feasible and appropriate
- all aspects of management and maintenance have been considered
- the quality of presentation of the instruction manual is high.
As above, but weak in one criterion.
As above, but weak in more than one criterion, or with one criterion particularly poor, e.g. grossly inadequate coverage, or a poor choice of configuration strategies.
Weak throughout, demonstrating poor knowledge and lack of plausibility in terms of server configuration for secure data storage/transfers and an incomplete or inaccurate manual.
A poor interpretation of the likely requirements of the scenario, scant appreciation of techniques to meet the needs for data security and an inadequate or missing manual.