Standards for Technology in Automotive Retail

 
 Home -  News Feed 

Dealership Infrastructure Guidelines

Version 2010

Bill Fitzpatrick, NADA

Jason Loeffler, Karmak

John Lebel, Karmak

Sarah Condiff, Navistar

Dave Carver, STAR


Table of Contents

I. PREFACE
I.I. STAR ORGANIZATION
I.II. SUMMARY OF CHANGES FROM 2009v1.0
I.III. SCOPE
I.IV. BACKGROUND
I.V. OEM VISION
I.VII. BENEFITS TO DEALERS
I.VII. DISCLAIMER
II. EXECUTIVE SUMMARIES
II.I. Overview
III. ROLES AND RESPONSIBILITIES
III.I. Overview
1. SERVICE LEVEL AGREEMENTS
1.1. OVERVIEW
1.2. WHAT IS AN SLA?
1.3. WHEN SHOULD AN SLA BE USED?
1.4. WHAT SHOULD AN SLA INCLUDE?
2. TRADITIONAL NETWORK INFRASTRUCTURE
2.1. OVERVIEW
2.2. WHAT IS NETWORK UTILIZATION?
2.3. VIRTUAL LOCAL AREA NETWORK
2.3.1. Overview
2.3.2. Planning for VLANs
2.3.3. Required LAN Information
2.3.4. Required ISP Information
2.3.5. Design and Implementation Considerations
2.4. MULTI-BUILDING/LOCATION NETWORKS
2.4.1. Campus Network
2.4.2. Wide Area Network (WAN)
2.4.3. Virtual Private Network (VPN)
2.4.4. Multi-Location Recommendations
2.5. Multi-OEM Locations
2.6. Network Infrastructure Recommendations
2.7. USEFUL WEBSITES
3. NETWORK DESIGN FRAMEWORK
3.1. OVERVIEW
3.2. WIRING STANDARDS
3.2.1. Data Cabling
3.2.2. Fiber Optic Cabling
3.2.3. Building Codes
3.2.4. Testing
3.2.5. Hubs and Switches
4. NETWORK SERVICES
4.1. OVERVIEW
4.2. ADDRESSING
4.3. ROUTING
4.4. ROUTING HARDWARE
4.5. NETWORK ADDRESS TRANSLATION (NAT)
4.6. DYNAMIC HOST CONFIGURATION PROTOCOL (DHCP)
4.7. DOMAIN NAME SERVICE (DNS)
4.7.1. How to get an IP Address and DNS Domain Name
4.7.2. Recommendations
4.7.3. Local DNS
4.7.4. Compliance with Web Standards
4.8. NON-DEALER DATA ACCESS
4.8.1. Understanding the network setup
4.8.2. Negotiating and Auditing the contract terms
4.9. NETWORK SERVICES POLICY RECOMMENDATIONS
4.10. USEFUL WEBSITES
5. PRIVATE AND VIRTUAL PRIVATE NETWORKS
5.1. OVERVIEW
5.2. USING VIRTUAL PRIVATE NETWORKS
5.2.1. Security
5.2.2. Access Control
5.2.3. Authentication
5.2.4. Encryption
5.2.5. Tunneling
5.2.6. Tunneling Protocols
5.2.7. Other Considerations
5.2.8. VPN Recommendation Guidelines
6. WIRELESS NETWORKS
6.1. OVERVIEW
6.2. COMPARISON OF 802.11G, N AND A
6.3. WIRELESS RECOMMENDATIONS
6.3.1. Implementation Guidelines
6.4. WIRELESS LAN SECURITY
6.5. WIRELESS SECURITY OPTIONS
6.5.1. Wi-Fi Protected Access (WPA)
6.5.2. Wired Equivalent Privacy (WEP)
6.5.3. VPN
6.5.4. SSL
6.5.5. Dealership-Private Wireless LAN Recommendations
6.5.6. Guest Wireless LAN Recommendations
7. DEALERSHIP SECURITY
7.1. OVERVIEW
7.1.1. System Administration
7.1.2. Physical Security
7.1.3. Network Monitoring
7.1.4. Software Configuration
7.1.5. Quality Assurance
7.2. FIREWALLS
7.2.1. Inbound Access Examples
7.3. PACKET FILTERS
7.4. PERSONAL FIREWALL SOFTWARE
7.5. DEMILITARIZED ZONE
7.6. PROXY SERVER
7.7. INTRUSION DETECTION AND PREVENTION SOFTWARE
7.8. ANTI-VIRUS PROTECTION
7.8.1. Client Protection
7.8.2. Firewalls, Routers and Server Protection
7.9. ATTACK RECOVERY
7.10. RECOMMENDED POLICIES
7.11. USEFUL WEBSITES
8. DEALER MANAGEMENT SYSTEMS
8.1. OVERVIEW
8.2. DEALERSHIP NETWORK INFRASTRUCTURE
8.3. TYPES OF DMS SYSTEMS
8.4. ASSESSING THE EXISTING DMS
8.5. CHANGING DMS PROVIDERS
8.6. WHAT DMS PROVIDERS CAN DO
8.6.1. Assessing DMS and Third Party Provider Offerings
8.7. DATA ACCESS
8.8. BACKUP
9. CLIENT HARDWARE REQUIREMENTS
9.1. OVERVIEW
9.1.1. Workstation set-up considerations
9.1.2. Selecting Client Hardware
9.2. PC CLIENT USES
9.2.1. Service Contract Considerations
9.2.2. Browser Software
9.2.3. Anti-Virus Software
10. HARDWARE PERIPHERALS
10.1. OVERVIEW
10.2. PREVENTING LOSS OF DATA
10.3. PRINTERS
10.4. PHYSICAL SECURITY FOR PRINTERS
10.5. TABLET PCs
10.6. Payment Gateways and Credit Card Processing Device
10.7. VOIP PHONES
11. DEALER DESKTOP MANAGEMENT
11.1. OVERVIEW
11.2. STANDARDIZING
11.3. TYPES OF MALICIOUS SOFTWARE
11.4. MALICIOUS SOFTWARE COUNTERMEASURES
11.5. RECOVERY AND CONTAINMENT
11.6. SELECTING SECURITY PRODUCTS
11.6.1. Password Protection
11.6.2. Phishing
11.6.3. Plug-Ins and Multimedia Products
12. MULTIMEDIA DELIVERY
12.1. OVERVIEW
12.2. TYPES OF MULTIMEDIA DELIVERY
12.3. PLUG-INS
12.3.1. Adding Plug-ins
12.4. DELIVERY METHODS
12.4.1. Traditional Delivery Methods
12.4.2. Business Broadcast
12.4.3. Enhanced Delivery Methods
12.4.4. Internet Multimedia
12.4.5. Content Delivery Network (CDN)
12.5. RECOMMENDATIONS
13. INTERNET ACCESS METHODS
13.1. OVERVIEW
13.2. SERVICE LEVEL AGREEMENTS/QUALITY OF SERVICE
13.3. DETAILED METHODS REVIEW
13.3.1. Wired Methods
13.3.2. Non-Wired Methods
13.3.3. Wireless Internet Access
13.4. NETWORK TRAFFIC LOAD
13.5. EXTENSION OF THE CIRCUIT D-MARC
13.6. RECOMMENDED ACCESS METHODS
13.7. COMMUNCATIONS BACKUP
13.8. INTERNET ACCESS METHOD SUMMARY
13.9. USEFUL WEBSITES
14. INTERNET CONTENT FILTERING
14.1. OVERVIEW
14.2. FILTERING METHODS
14.3. Useful Websites
15. SAFEGUARDING CUSTOMER INFORMATION
15.1. OVERVIEW
15.1.1. Gramm-Leach-Bliley Act (GLB)
15.1.2. Red Flag Rule
15.2. RECOMMENDATIONS
16. DISASTER RECOVERY AND BUSINESS CONTINUATION
16.1. OVERVIEW
16.2. RISK ANALYSIS
16.2.1. Potential High Impacts
16.2.2. Potential Medium level Impacts
16.2.3. Potential Low level Impacts
16.3. MITIGATING RISK
16.3.1. On-site
16.3.2. Off-site
16.4. RECOVERY ADMINISTRATION
16.4.1. Planning
16.4.2. Checklist
16.4.3. Auditing
16.4.4. Backup
16.4.5. Legal
17. Backups
17.1. Overview
17.1.1. Backup Methods
17.1.2. What and When to Backup
17.1.3. Backup Media & Services
18. TECHNOLOGY WATCH
18.1. OVERVIEW
18.2. NETWORKING
18.2.1. Item Descriptions
18.3. HARDWARE
18.3.1. Item Descriptions
18.4. SOFTWARE
18.4.1. Item Descriptions
18.5. VIRTUALIZATION
18.5.1. Item Description
18.6. COMMUNICATIONS
18.6.1. Item Descriptions
Normative References
A. Dealership Needs Assessment
B. Checklists
C. Disaster Recovery Checklist
D. Project Checklist
Glossary

List of Figures

1. System Migration
2. OEM Vision
2.1. Simplified Dealership Wiring
2.2. Campus Network Options
3.1. NONrouted LANS
3.2. Routed LANS
6.1. Wireless LAN
6.2. Access Point
7.1. Dealership Demilitarized Zones (DMZ)
18.1. Network Technology Watch
18.2. Hardware Technology Watch
18.3. Software Technology Watch
18.4. Virtualization Technology Watch
18.5. Communications Technology Watch