Network Addressing and Security - Desklib
VerifiedAdded on 2023/06/03
|5
|1385
|497
AI Summary
This article discusses the technical requirements and proposed network security hardware for subnetting, firewall implementation, DMZ implementation, physical security measures, and additional network security measures.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Network Addressing and Security
Student Name:
II. Network Addressing and Security
A. Subnetting
Proposed Subnet
Subnet Network Address Host Address Range Broadcast Address
Subnet Mask: 255.255.255.0
Classroom 1 (First
Floor)
192.168.3.0 192.168.3.1 - 192.168.3.30 192.168.3.31
Classroom 2 (First
Floor)
192.168.3. 32 192.168.3. 33 - 192.168.3. 62 192.168.3. 63
Classroom 4 (First
Floor)
192.168.3. 64 192.168.3.65 - 192.168.3.94 192.168.3. 95
Classroom 1
(Second Floor)
192.168.3.96 192.168.3.97 - 192.168.3.126 192.168.3.127
Classroom 5
(Second Floor)
192.168.3.128 192.168.3.129 - 192.168.3.158 192.168.3.159
Office 5 –
Admissions
(Second Floor)
192.168.3.160 192.168.3.161- 192.168.3.190 192.168.3.191
Student Computer
Lab
192.168.3.192 192.168.3.193 - 192.168.3.222 192.168.3.223
Library 192.168.3.224 192.168.3.225 - 192.168.3.254 192.168.3.255
Wi-Fi Network 192.168.4.0 192.168.4.1- 192.168.4.30 192.168.4.31
B. Firewall Implementation
Technical requirements
I understand that user cybersecurity is key to any organization. University of Maryland University
College is not an exception. UMUC requires a security system that will slow the activities of an
Student Name:
II. Network Addressing and Security
A. Subnetting
Proposed Subnet
Subnet Network Address Host Address Range Broadcast Address
Subnet Mask: 255.255.255.0
Classroom 1 (First
Floor)
192.168.3.0 192.168.3.1 - 192.168.3.30 192.168.3.31
Classroom 2 (First
Floor)
192.168.3. 32 192.168.3. 33 - 192.168.3. 62 192.168.3. 63
Classroom 4 (First
Floor)
192.168.3. 64 192.168.3.65 - 192.168.3.94 192.168.3. 95
Classroom 1
(Second Floor)
192.168.3.96 192.168.3.97 - 192.168.3.126 192.168.3.127
Classroom 5
(Second Floor)
192.168.3.128 192.168.3.129 - 192.168.3.158 192.168.3.159
Office 5 –
Admissions
(Second Floor)
192.168.3.160 192.168.3.161- 192.168.3.190 192.168.3.191
Student Computer
Lab
192.168.3.192 192.168.3.193 - 192.168.3.222 192.168.3.223
Library 192.168.3.224 192.168.3.225 - 192.168.3.254 192.168.3.255
Wi-Fi Network 192.168.4.0 192.168.4.1- 192.168.4.30 192.168.4.31
B. Firewall Implementation
Technical requirements
I understand that user cybersecurity is key to any organization. University of Maryland University
College is not an exception. UMUC requires a security system that will slow the activities of an
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
intruder into IT infrastructure. Additionally, students should not have excess rights to access of
certain shared materials and the internet.
Proposed Network Security Hardware.
Amongst the available firewall system available on the market, Cisco ASA 5550 firewall is the best
security hardware that should be implemented. It has a security device that combines antivirus,
firewall, intrusion and VPN (Virtual Private network) capabilities
Justification
Cisco ASA 5550 handles UMUC’s security requirement of hindering an intruder the access of its IT
infrastructure resources. In fact, it will prevent access of protected material by students by use of
ACLs.
Intrusion Detection System/Intrusion Protection System.
Technical requirements
UMUC have an understating that prevention is better than cure. That is to say, it is better to detect
an intrusion activities then protection be put in place than protecting something that has been
already intruded into. Cisco ASA 5550 firewall will be used to implement an IDS/IPS system that will
be detecting student’s, staff’s or/and external malicious activities.
We assume that the students are not supposed to access certain information from file sharing
server. Additionally, staff are not required to access HR’s biodata of other employees [1].
Proposed Network Security Hardware
Cisco ASA 5550 has an IDS/IPS module that runs an advanced IPS software application which offers
proactive intrusion prevention services that is capable of stopping malicious traffic which may
include network viruses and worms before they affect the network [2].
Justification
In our technical are we assumed that students are not supposed to access certain administrative
material. Cisco ASA will manage this by use of ACLs. The ACLs will be configured in a manner will
filter out traffic from student LAN not to access specified material. In case a student is detected
bypassing the ACL, all the IT infrastructure will be denied and the student will be forced to report the
denial of service for the services to be restored. In addition, malicious activities will be denied by the
firewall from finding their way into UMUC’s network environment [3].
D. DMZ Implementation.
Technical requirements
DMZ stands for demilitarized Zone. UMUC IT technical team have good knowledge that attackers
may compromise the firewall and find their way in UMUC network. Therefore, UMUC requires
additional protection mechanism that will hinder the attackers access of UMUC IT infrastructure
resources just in case other security mechanisms put in place are compromised [4].
certain shared materials and the internet.
Proposed Network Security Hardware.
Amongst the available firewall system available on the market, Cisco ASA 5550 firewall is the best
security hardware that should be implemented. It has a security device that combines antivirus,
firewall, intrusion and VPN (Virtual Private network) capabilities
Justification
Cisco ASA 5550 handles UMUC’s security requirement of hindering an intruder the access of its IT
infrastructure resources. In fact, it will prevent access of protected material by students by use of
ACLs.
Intrusion Detection System/Intrusion Protection System.
Technical requirements
UMUC have an understating that prevention is better than cure. That is to say, it is better to detect
an intrusion activities then protection be put in place than protecting something that has been
already intruded into. Cisco ASA 5550 firewall will be used to implement an IDS/IPS system that will
be detecting student’s, staff’s or/and external malicious activities.
We assume that the students are not supposed to access certain information from file sharing
server. Additionally, staff are not required to access HR’s biodata of other employees [1].
Proposed Network Security Hardware
Cisco ASA 5550 has an IDS/IPS module that runs an advanced IPS software application which offers
proactive intrusion prevention services that is capable of stopping malicious traffic which may
include network viruses and worms before they affect the network [2].
Justification
In our technical are we assumed that students are not supposed to access certain administrative
material. Cisco ASA will manage this by use of ACLs. The ACLs will be configured in a manner will
filter out traffic from student LAN not to access specified material. In case a student is detected
bypassing the ACL, all the IT infrastructure will be denied and the student will be forced to report the
denial of service for the services to be restored. In addition, malicious activities will be denied by the
firewall from finding their way into UMUC’s network environment [3].
D. DMZ Implementation.
Technical requirements
DMZ stands for demilitarized Zone. UMUC IT technical team have good knowledge that attackers
may compromise the firewall and find their way in UMUC network. Therefore, UMUC requires
additional protection mechanism that will hinder the attackers access of UMUC IT infrastructure
resources just in case other security mechanisms put in place are compromised [4].
Proposed Network Hardware Security Hardware
A DMZ denotes to the network or a host computer that acts as a secure path between a business
enterprises’ internal network and the external WAN. UMUC require a DMZ that will serve as a
frontline network that will be interacting directly with external networks while logically separating
the UMUC’s network. Web server and file servers will be put in the DMZ.
Justification
Though not indicated, we assume that UMUC has a website and file sharing services. These services
are hosted in webserver and file server respectively.
The two servers require secure layer due to the sensitivity of information they store. DMZ will be
required to primarily be implemented to secure the internal network from the interaction with and
the exploitation and the access by the external networks.
E. Physical Security Measures
Technical requirements
UMUC understand that information security is not only comprised of logical security aspect. Physical
security is also another aspect that require attention to be paid to it. As we know classes will be
open to students, some physical aspects have to be put in place to ensure that IT infrastructure is
secure from vandalism, theft, adverse weather conditions and power surges.
Proposed Network Security Hardware
To prevent the above aforementioned physical security threats, computer locks should be used to
prevent theft of computer devices. In fact, the most vulnerable are the computer peripherals such as
mouse, keyboard, speakers etc., and these peripherals ought to be tied nicely so as not hinder their
intended role [5].
Computer class rooms and labs should a security guard and CCTV surveillance cameras to prevent
vandalism of IT infrastructure services. Additionally, computer hardware components should be put
in an area that is well enclosed and experiences zero water availability. We understand the effect
that water will cause when it comes in contact with electronics.
Another important factor is the availability of power surge protectors. These will prevent blowing
computing devices in case there is power surge. Not forget dust, computing environment should be
kept dust free. Dust is like to cause metallic parts of computing hardware to rust and may even clog
the PC fans.
Justification
We assumed that computing hardware devices are likely to be stolen, vandalized or even rained on
by rains. It is therefore necessary to have a security measure prevent these physical hardware
vulnerabilities.
F. Additional Network Security Measures
Technical requirements
A DMZ denotes to the network or a host computer that acts as a secure path between a business
enterprises’ internal network and the external WAN. UMUC require a DMZ that will serve as a
frontline network that will be interacting directly with external networks while logically separating
the UMUC’s network. Web server and file servers will be put in the DMZ.
Justification
Though not indicated, we assume that UMUC has a website and file sharing services. These services
are hosted in webserver and file server respectively.
The two servers require secure layer due to the sensitivity of information they store. DMZ will be
required to primarily be implemented to secure the internal network from the interaction with and
the exploitation and the access by the external networks.
E. Physical Security Measures
Technical requirements
UMUC understand that information security is not only comprised of logical security aspect. Physical
security is also another aspect that require attention to be paid to it. As we know classes will be
open to students, some physical aspects have to be put in place to ensure that IT infrastructure is
secure from vandalism, theft, adverse weather conditions and power surges.
Proposed Network Security Hardware
To prevent the above aforementioned physical security threats, computer locks should be used to
prevent theft of computer devices. In fact, the most vulnerable are the computer peripherals such as
mouse, keyboard, speakers etc., and these peripherals ought to be tied nicely so as not hinder their
intended role [5].
Computer class rooms and labs should a security guard and CCTV surveillance cameras to prevent
vandalism of IT infrastructure services. Additionally, computer hardware components should be put
in an area that is well enclosed and experiences zero water availability. We understand the effect
that water will cause when it comes in contact with electronics.
Another important factor is the availability of power surge protectors. These will prevent blowing
computing devices in case there is power surge. Not forget dust, computing environment should be
kept dust free. Dust is like to cause metallic parts of computing hardware to rust and may even clog
the PC fans.
Justification
We assumed that computing hardware devices are likely to be stolen, vandalized or even rained on
by rains. It is therefore necessary to have a security measure prevent these physical hardware
vulnerabilities.
F. Additional Network Security Measures
Technical requirements
It should be noted that security of an information system begins with an individual. UMUC require
individuals who are well educated on the use of computer systems and misuse of computer systems
and the aftermath of misuse of a computer system. Additionally, fires may erupt unexpectedly
causing loss of information. UMUC requires measures put in place to ensure fire is put out within
minimal time.
Proposed Network Security Hardware
Training should be carried out with University of Maryland University College to educate
everyone on the use of computer systems. Additionally, importance integrity while handling
information systems should be emphasized. Fire extinguishers should be put in open places to be
utilized just in case there is a fire outbreak.
individuals who are well educated on the use of computer systems and misuse of computer systems
and the aftermath of misuse of a computer system. Additionally, fires may erupt unexpectedly
causing loss of information. UMUC requires measures put in place to ensure fire is put out within
minimal time.
Proposed Network Security Hardware
Training should be carried out with University of Maryland University College to educate
everyone on the use of computer systems. Additionally, importance integrity while handling
information systems should be emphasized. Fire extinguishers should be put in open places to be
utilized just in case there is a fire outbreak.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
References
[1] J. U. Olu-Egbuniwe, "Development of Secure Network System for Complex Network,"
International Journal of Business and Social Science , vol. 5, no. 7, pp. 174-178, 2014.
[2] T. W. Herzig, MSHI, CISSP, T. Wals, CISSP, a. L. A. Gallagher, BSEE, CISM and CPHIMS,
Implementing Information Security in Healthcare: Building a Security Program, Chicago: HIMSS,
2016.
[3] A. Gómez-Goiri, C. D. López-de-Ipiña and N. L. Casado, "Security analysis and resource
requirements of group-oriented user access control for hardware-constrained wireless network
services," Logic Journal of the IGPL, vol. 24, no. 1, pp. 80-91, 2016,
https://doi.org/10.1093/jigpal/jzv045.
[4] S. Ghosh, Principles of Secure Network Systems Design, Berlin: Springer Science & Business
Media, 2012.
[5] V. Gupta, S. Goswami and A. K. &. M. Singh, "Networking and Security Measures," Desidoc
Bulletin of Information Technology, vol. 24, no. 2, pp. 9-16, 2014, 10.14429/dbit.24.2.3621.
[1] J. U. Olu-Egbuniwe, "Development of Secure Network System for Complex Network,"
International Journal of Business and Social Science , vol. 5, no. 7, pp. 174-178, 2014.
[2] T. W. Herzig, MSHI, CISSP, T. Wals, CISSP, a. L. A. Gallagher, BSEE, CISM and CPHIMS,
Implementing Information Security in Healthcare: Building a Security Program, Chicago: HIMSS,
2016.
[3] A. Gómez-Goiri, C. D. López-de-Ipiña and N. L. Casado, "Security analysis and resource
requirements of group-oriented user access control for hardware-constrained wireless network
services," Logic Journal of the IGPL, vol. 24, no. 1, pp. 80-91, 2016,
https://doi.org/10.1093/jigpal/jzv045.
[4] S. Ghosh, Principles of Secure Network Systems Design, Berlin: Springer Science & Business
Media, 2012.
[5] V. Gupta, S. Goswami and A. K. &. M. Singh, "Networking and Security Measures," Desidoc
Bulletin of Information Technology, vol. 24, no. 2, pp. 9-16, 2014, 10.14429/dbit.24.2.3621.
1 out of 5
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.