Network Addressing and Security - Desklib
Added on 2023-06-03
5 Pages1385 Words497 Views
Network Addressing and Security
Student Name:
II. Network Addressing and Security
A. Subnetting
Proposed Subnet
Subnet Network Address Host Address Range Broadcast Address
Subnet Mask: 255.255.255.0
Classroom 1 (First
Floor)
192.168.3.0 192.168.3.1 - 192.168.3.30 192.168.3.31
Classroom 2 (First
Floor)
192.168.3. 32 192.168.3. 33 - 192.168.3. 62 192.168.3. 63
Classroom 4 (First
Floor)
192.168.3. 64 192.168.3.65 - 192.168.3.94 192.168.3. 95
Classroom 1
(Second Floor)
192.168.3.96 192.168.3.97 - 192.168.3.126 192.168.3.127
Classroom 5
(Second Floor)
192.168.3.128 192.168.3.129 - 192.168.3.158 192.168.3.159
Office 5 –
Admissions
(Second Floor)
192.168.3.160 192.168.3.161- 192.168.3.190 192.168.3.191
Student Computer
Lab
192.168.3.192 192.168.3.193 - 192.168.3.222 192.168.3.223
Library 192.168.3.224 192.168.3.225 - 192.168.3.254 192.168.3.255
Wi-Fi Network 192.168.4.0 192.168.4.1- 192.168.4.30 192.168.4.31
B. Firewall Implementation
Technical requirements
I understand that user cybersecurity is key to any organization. University of Maryland University
College is not an exception. UMUC requires a security system that will slow the activities of an
Student Name:
II. Network Addressing and Security
A. Subnetting
Proposed Subnet
Subnet Network Address Host Address Range Broadcast Address
Subnet Mask: 255.255.255.0
Classroom 1 (First
Floor)
192.168.3.0 192.168.3.1 - 192.168.3.30 192.168.3.31
Classroom 2 (First
Floor)
192.168.3. 32 192.168.3. 33 - 192.168.3. 62 192.168.3. 63
Classroom 4 (First
Floor)
192.168.3. 64 192.168.3.65 - 192.168.3.94 192.168.3. 95
Classroom 1
(Second Floor)
192.168.3.96 192.168.3.97 - 192.168.3.126 192.168.3.127
Classroom 5
(Second Floor)
192.168.3.128 192.168.3.129 - 192.168.3.158 192.168.3.159
Office 5 –
Admissions
(Second Floor)
192.168.3.160 192.168.3.161- 192.168.3.190 192.168.3.191
Student Computer
Lab
192.168.3.192 192.168.3.193 - 192.168.3.222 192.168.3.223
Library 192.168.3.224 192.168.3.225 - 192.168.3.254 192.168.3.255
Wi-Fi Network 192.168.4.0 192.168.4.1- 192.168.4.30 192.168.4.31
B. Firewall Implementation
Technical requirements
I understand that user cybersecurity is key to any organization. University of Maryland University
College is not an exception. UMUC requires a security system that will slow the activities of an
intruder into IT infrastructure. Additionally, students should not have excess rights to access of
certain shared materials and the internet.
Proposed Network Security Hardware.
Amongst the available firewall system available on the market, Cisco ASA 5550 firewall is the best
security hardware that should be implemented. It has a security device that combines antivirus,
firewall, intrusion and VPN (Virtual Private network) capabilities
Justification
Cisco ASA 5550 handles UMUC’s security requirement of hindering an intruder the access of its IT
infrastructure resources. In fact, it will prevent access of protected material by students by use of
ACLs.
Intrusion Detection System/Intrusion Protection System.
Technical requirements
UMUC have an understating that prevention is better than cure. That is to say, it is better to detect
an intrusion activities then protection be put in place than protecting something that has been
already intruded into. Cisco ASA 5550 firewall will be used to implement an IDS/IPS system that will
be detecting student’s, staff’s or/and external malicious activities.
We assume that the students are not supposed to access certain information from file sharing
server. Additionally, staff are not required to access HR’s biodata of other employees [1].
Proposed Network Security Hardware
Cisco ASA 5550 has an IDS/IPS module that runs an advanced IPS software application which offers
proactive intrusion prevention services that is capable of stopping malicious traffic which may
include network viruses and worms before they affect the network [2].
Justification
In our technical are we assumed that students are not supposed to access certain administrative
material. Cisco ASA will manage this by use of ACLs. The ACLs will be configured in a manner will
filter out traffic from student LAN not to access specified material. In case a student is detected
bypassing the ACL, all the IT infrastructure will be denied and the student will be forced to report the
denial of service for the services to be restored. In addition, malicious activities will be denied by the
firewall from finding their way into UMUC’s network environment [3].
D. DMZ Implementation.
Technical requirements
DMZ stands for demilitarized Zone. UMUC IT technical team have good knowledge that attackers
may compromise the firewall and find their way in UMUC network. Therefore, UMUC requires
additional protection mechanism that will hinder the attackers access of UMUC IT infrastructure
resources just in case other security mechanisms put in place are compromised [4].
certain shared materials and the internet.
Proposed Network Security Hardware.
Amongst the available firewall system available on the market, Cisco ASA 5550 firewall is the best
security hardware that should be implemented. It has a security device that combines antivirus,
firewall, intrusion and VPN (Virtual Private network) capabilities
Justification
Cisco ASA 5550 handles UMUC’s security requirement of hindering an intruder the access of its IT
infrastructure resources. In fact, it will prevent access of protected material by students by use of
ACLs.
Intrusion Detection System/Intrusion Protection System.
Technical requirements
UMUC have an understating that prevention is better than cure. That is to say, it is better to detect
an intrusion activities then protection be put in place than protecting something that has been
already intruded into. Cisco ASA 5550 firewall will be used to implement an IDS/IPS system that will
be detecting student’s, staff’s or/and external malicious activities.
We assume that the students are not supposed to access certain information from file sharing
server. Additionally, staff are not required to access HR’s biodata of other employees [1].
Proposed Network Security Hardware
Cisco ASA 5550 has an IDS/IPS module that runs an advanced IPS software application which offers
proactive intrusion prevention services that is capable of stopping malicious traffic which may
include network viruses and worms before they affect the network [2].
Justification
In our technical are we assumed that students are not supposed to access certain administrative
material. Cisco ASA will manage this by use of ACLs. The ACLs will be configured in a manner will
filter out traffic from student LAN not to access specified material. In case a student is detected
bypassing the ACL, all the IT infrastructure will be denied and the student will be forced to report the
denial of service for the services to be restored. In addition, malicious activities will be denied by the
firewall from finding their way into UMUC’s network environment [3].
D. DMZ Implementation.
Technical requirements
DMZ stands for demilitarized Zone. UMUC IT technical team have good knowledge that attackers
may compromise the firewall and find their way in UMUC network. Therefore, UMUC requires
additional protection mechanism that will hinder the attackers access of UMUC IT infrastructure
resources just in case other security mechanisms put in place are compromised [4].
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Network Addressing and Security for School Networklg...
|8
|2018
|225
Network Addressing and Securitylg...
|7
|2152
|141
Network Security Implementationlg...
|20
|3861
|478
Information Management: Intrusion Detection, Firewalls, and Operating System Securitylg...
|4
|778
|289
COIT20262 Advance Network Securitylg...
|15
|1894
|53
Internet Exchange Point (IXP) Network Designlg...
|16
|1760
|480