This article discusses the technical requirements and proposed network security hardware for subnetting, firewall implementation, DMZ implementation, physical security measures, and additional network security measures.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Network Addressing and Security Student Name: II.Network Addressing and Security A.Subnetting Proposed Subnet SubnetNetwork AddressHost Address RangeBroadcast Address Subnet Mask: 255.255.255.0 Classroom 1 (First Floor) 192.168.3.0192.168.3.1 - 192.168.3.30192.168.3.31 Classroom 2 (First Floor) 192.168.3. 32192.168.3. 33 - 192.168.3. 62192.168.3. 63 Classroom 4 (First Floor) 192.168.3. 64192.168.3.65 - 192.168.3.94192.168.3. 95 Classroom 1 (Second Floor) 192.168.3.96192.168.3.97 - 192.168.3.126192.168.3.127 Classroom 5 (Second Floor) 192.168.3.128192.168.3.129 - 192.168.3.158192.168.3.159 Office 5 – Admissions (Second Floor) 192.168.3.160192.168.3.161- 192.168.3.190192.168.3.191 Student Computer Lab 192.168.3.192192.168.3.193 - 192.168.3.222192.168.3.223 Library192.168.3.224192.168.3.225 - 192.168.3.254192.168.3.255 Wi-Fi Network192.168.4.0192.168.4.1- 192.168.4.30192.168.4.31 B.Firewall Implementation Technical requirements I understand that user cybersecurity is key to any organization.University of Maryland University Collegeis not an exception. UMUC requires a security system that will slow the activities of an
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
intruder into IT infrastructure. Additionally, students should not have excess rights to access of certain shared materials and the internet. Proposed Network Security Hardware. Amongst the available firewall system available on the market, Cisco ASA 5550 firewall is the best security hardware that should be implemented. It has a security device that combines antivirus, firewall, intrusion and VPN (Virtual Private network) capabilities Justification Cisco ASA 5550 handles UMUC’s security requirement of hindering an intruder the access of its IT infrastructure resources. In fact, it will prevent access of protected material by students by use of ACLs. Intrusion Detection System/Intrusion Protection System. Technical requirements UMUC have an understating that prevention is better than cure. That is to say, it is better to detect an intrusion activities then protection be put in place than protecting something that has been already intruded into. Cisco ASA 5550 firewall will be used to implement an IDS/IPS system that will be detecting student’s, staff’s or/and external malicious activities. We assume that the students are not supposed to access certain information from file sharing server. Additionally, staff are not required to access HR’s biodata of other employees[1]. Proposed Network Security Hardware Cisco ASA 5550 has an IDS/IPS module that runs an advanced IPS software application which offers proactive intrusion prevention services that is capable of stopping malicious traffic which may include network viruses and worms before they affect the network[2]. Justification In our technical are we assumed that students are not supposed to access certain administrative material. Cisco ASA will manage this by use of ACLs. The ACLs will be configured in a manner will filter out traffic from student LAN not to access specified material. In case a student is detected bypassing the ACL, all the IT infrastructure will be denied and the student will be forced to report the denial of service for the services to be restored. In addition, malicious activities will be denied by the firewall from finding their way into UMUC’s network environment[3]. D.DMZ Implementation. Technical requirements DMZ stands for demilitarized Zone. UMUC IT technical team have good knowledge that attackers may compromise the firewall and find their way in UMUC network. Therefore, UMUC requires additional protection mechanism that will hinder the attackers access of UMUC IT infrastructure resources just in case other security mechanisms put in place are compromised[4].
Proposed Network Hardware Security Hardware A DMZ denotes to the network or a host computer that acts as a secure path between a business enterprises’ internal network and the external WAN. UMUC require a DMZ that will serve as a frontline network that will be interacting directly with external networks while logically separating the UMUC’s network. Web server and file servers will be put in the DMZ. Justification Though not indicated, we assume that UMUC has a website and file sharing services. These services are hosted in webserver and file server respectively. The two servers require secure layer due to the sensitivity of information they store. DMZ will be required to primarily be implemented to secure the internal network from the interaction with and the exploitation and the access by the external networks. E.Physical Security Measures Technical requirements UMUC understand that information security is not only comprised of logical security aspect. Physical security is also another aspect that require attention to be paid to it. As we know classes will be open to students, some physical aspects have to be put in place to ensure that IT infrastructure is secure from vandalism, theft, adverse weather conditions and power surges. Proposed Network Security Hardware To prevent the above aforementioned physical security threats, computer locks should be used to prevent theft of computer devices. In fact, the most vulnerable are the computer peripherals such as mouse, keyboard, speakers etc., and these peripherals ought to be tied nicely so as not hinder their intended role[5]. Computer class rooms and labs should a security guard and CCTV surveillance cameras to prevent vandalism of IT infrastructure services. Additionally, computer hardware components should be put in an area that is well enclosed and experiences zero water availability. We understand the effect that water will cause when it comes in contact with electronics. Another important factor is the availability of power surge protectors. These will prevent blowing computing devices in case there is power surge. Not forget dust, computing environment should be kept dust free. Dust is like to cause metallic parts of computing hardware to rust and may even clog the PC fans. Justification We assumed that computing hardware devices are likely to be stolen, vandalized or even rained on by rains. It is therefore necessary to have a security measure prevent these physical hardware vulnerabilities. F.Additional Network Security Measures Technical requirements
It should be noted that security of an information system begins with an individual. UMUC require individuals who are well educated on the use of computer systems and misuse of computer systems and the aftermath of misuse of a computer system. Additionally, fires may erupt unexpectedly causing loss of information. UMUC requires measures put in place to ensure fire is put out within minimal time. Proposed Network Security Hardware Training should be carried out withUniversity of Maryland University Collegeto educate everyone on the use of computer systems. Additionally, importance integrity while handling information systems should be emphasized. Fire extinguishers should be put in open places to be utilized just in case there is a fire outbreak.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
References [1]J. U. Olu-Egbuniwe, "Development of Secure Network System for Complex Network," International Journal of Business and Social Science ,vol. 5, no. 7, pp. 174-178, 2014. [2]T. W. Herzig, MSHI, CISSP, T. Wals, CISSP, a. L. A. Gallagher, BSEE, CISM and CPHIMS, Implementing Information Security in Healthcare: Building a Security Program, Chicago: HIMSS, 2016. [3]A. Gómez-Goiri, C. D. López-de-Ipiña and N. L. Casado, "Security analysis and resource requirements of group-oriented user access control for hardware-constrained wireless network services,"Logic Journal of the IGPL,vol. 24, no. 1, pp. 80-91, 2016, https://doi.org/10.1093/jigpal/jzv045. [4]S. Ghosh, Principles of Secure Network Systems Design, Berlin: Springer Science & Business Media, 2012. [5]V. Gupta, S. Goswami and A. K. &. M. Singh, "Networking and Security Measures,"Desidoc Bulletin of Information Technology,vol. 24, no. 2, pp. 9-16, 2014, 10.14429/dbit.24.2.3621.