Beschreibung
For one of our clients we are looking for a "Solution Architect EPO (m/f)" in Den Haag/Munich.
Description:
The Contractor shall provide a detailed architecture of the DMZ infrastructure taking into account the constraints imposed by the EPO environment (infrastructure) and by the EPO policies. The recommendations shall at least address the following topics:
Overall architecture
Propose a global architecture design to initially support 7 servers and the two applications we intend to deploy: Active Directory Federation Services and Lync Edge service. The design shall be scalable in order to accommodate more servers and services in the future.
The supported platforms shall be Windows Server 2008 R2 and Windows Server 2012 R2.
Take into account the EPO high availability and the disaster recovery policies.
Rely on the existing infrastructure in term of virtualization, storage and network.
Server hardening according to Microsoft’s TechNet Security Guidance and VMware Security Hardening Guides
Propose an adequate server hardening and find the balance between security and server manageability.
Securing the virtualization platform (VMware).
Server management
Propose a server management strategy regarding at least the following topics:
Remote access
Monitoring (SCOM 2007 is the standard monitoring tool)
Patch management
System protection (antivirus, anti-malware ...).
Backup and restore
Processes
Propose a secure provisioning process
Define the specific processes related to security management
Risk Identification and Mitigation Strategy:
Identify possible risks for the proposed DMZ architecture, and provide a Mitigation Strategy.