Project on Network and Information Security
The First National University (FNU) is a major public higher education institution with multiple campuses and online programs.
103 Pages21907 Words91 Views
Added on 2023-06-13
About This Document
This project report focuses on the network redesign and security plan for First National University. It includes identifying the organization's needs and constraints, technical goals, and security strategies. The report also covers the implementation of security controls and technology, such as access control, DMZ zone, RADIUS server, IPS, IDS, backup and recovery technology, and penetration testing.
Project on Network and Information Security
The First National University (FNU) is a major public higher education institution with multiple campuses and online programs.
Added on 2023-06-13
ShareRelated Documents
Running head: PROJECT ON NETWORK AND INFORMATION SECURITY
Project on Network and Information Security
Name of the Student
Name of the University
Author’s Note
Project on Network and Information Security
Name of the Student
Name of the University
Author’s Note
1
PROJECT ON NETWORK AND INFORMATION SECURITY
Table of Contents
Chapter 1 - Network Redesign........................................................................................................5
Overview....................................................................................................................5
Identify Organisation’s Needs and Constraints..........................................................7
Protocols and Quality of Service Requirements......................................................22
Logical Network Redesign.......................................................................................25
Physical Network Redesign.....................................................................................33
Conclusion................................................................................................................36
Chapter 2 - Network Security Plan................................................................................................38
Introduction....................................................................................................................................38
Scope..............................................................................................................................................38
Objectives......................................................................................................................................39
Assumptions..................................................................................................................................40
Risk Analysis.................................................................................................................................40
Security Policies............................................................................................................................54
Acceptable Use Policies...........................................................................................54
Email and Communications Policy..........................................................................54
Internet and Network Access Policy........................................................................54
Workstation Policy...................................................................................................55
Wireless and BYOD Policy.....................................................................................55
Network Security Policies........................................................................................55
Antivirus Policy.......................................................................................................55
DMZ Policy.............................................................................................................56
Extranet Policy.........................................................................................................57
VPN and Remote Access (Work-at-home) Security Policy....................................57
Firewall Policy.........................................................................................................58
PROJECT ON NETWORK AND INFORMATION SECURITY
Table of Contents
Chapter 1 - Network Redesign........................................................................................................5
Overview....................................................................................................................5
Identify Organisation’s Needs and Constraints..........................................................7
Protocols and Quality of Service Requirements......................................................22
Logical Network Redesign.......................................................................................25
Physical Network Redesign.....................................................................................33
Conclusion................................................................................................................36
Chapter 2 - Network Security Plan................................................................................................38
Introduction....................................................................................................................................38
Scope..............................................................................................................................................38
Objectives......................................................................................................................................39
Assumptions..................................................................................................................................40
Risk Analysis.................................................................................................................................40
Security Policies............................................................................................................................54
Acceptable Use Policies...........................................................................................54
Email and Communications Policy..........................................................................54
Internet and Network Access Policy........................................................................54
Workstation Policy...................................................................................................55
Wireless and BYOD Policy.....................................................................................55
Network Security Policies........................................................................................55
Antivirus Policy.......................................................................................................55
DMZ Policy.............................................................................................................56
Extranet Policy.........................................................................................................57
VPN and Remote Access (Work-at-home) Security Policy....................................57
Firewall Policy.........................................................................................................58
2
PROJECT ON NETWORK AND INFORMATION SECURITY
Intrusion Detection Policy........................................................................................58
Vulnerability Scanning Policy.................................................................................59
Internet Policy..........................................................................................................59
IP Address and Documentation Management Policy...............................................59
Physical Security Policies........................................................................................60
External Protection...................................................................................................60
Internal Protection....................................................................................................60
Personnel Policies....................................................................................................60
Visitors Policy..........................................................................................................60
Employee Hiring and Termination Policy...............................................................61
User training Policy..................................................................................................61
Data Policies.............................................................................................................61
Information Classification and Sensitivity Policy....................................................61
Encryption Policy.....................................................................................................61
Backup Policy..........................................................................................................61
Password Management and Complexity Policy.......................................................62
System and Hardware Policies.................................................................................62
Hardware Lifecycle and Disposal Policy.................................................................62
Workstation Policy...................................................................................................62
Switch and Router Policy.........................................................................................62
Server Security Policy..............................................................................................62
Logging Policy.........................................................................................................62
Disaster Recovery and Business Continuity..................................................................................63
Security Strategies and Recommended Controls...........................................................................65
Security Strategies....................................................................................................65
Specific recomended Controls to mitigate the risks uncovered...............................65
Residual Risks...............................................................................................................................66
Resources.......................................................................................................................................68
Conclusion.....................................................................................................................................68
PROJECT ON NETWORK AND INFORMATION SECURITY
Intrusion Detection Policy........................................................................................58
Vulnerability Scanning Policy.................................................................................59
Internet Policy..........................................................................................................59
IP Address and Documentation Management Policy...............................................59
Physical Security Policies........................................................................................60
External Protection...................................................................................................60
Internal Protection....................................................................................................60
Personnel Policies....................................................................................................60
Visitors Policy..........................................................................................................60
Employee Hiring and Termination Policy...............................................................61
User training Policy..................................................................................................61
Data Policies.............................................................................................................61
Information Classification and Sensitivity Policy....................................................61
Encryption Policy.....................................................................................................61
Backup Policy..........................................................................................................61
Password Management and Complexity Policy.......................................................62
System and Hardware Policies.................................................................................62
Hardware Lifecycle and Disposal Policy.................................................................62
Workstation Policy...................................................................................................62
Switch and Router Policy.........................................................................................62
Server Security Policy..............................................................................................62
Logging Policy.........................................................................................................62
Disaster Recovery and Business Continuity..................................................................................63
Security Strategies and Recommended Controls...........................................................................65
Security Strategies....................................................................................................65
Specific recomended Controls to mitigate the risks uncovered...............................65
Residual Risks...............................................................................................................................66
Resources.......................................................................................................................................68
Conclusion.....................................................................................................................................68
3
PROJECT ON NETWORK AND INFORMATION SECURITY
Chapter 3 – Technology Implementation of Security Controls.....................................................70
Overview........................................................................................................................................70
Network Security – Access Control..............................................................................................71
Overview..................................................................................................................71
Objective of Control.................................................................................................71
Resources Used........................................................................................................71
Developing the control.............................................................................................72
Description of the System....................................................................................73
Block Diagram.....................................................................................................74
Configuration of the system.................................................................................75
Test Plan Design..................................................................................................76
Test Plan Implementation....................................................................................77
Test Results and Analysis....................................................................................77
Network Security – DMZ Zone.....................................................................................................77
Objective of Control.................................................................................................77
Resources Used........................................................................................................77
Developing the control.............................................................................................78
Description of the System....................................................................................78
Configuration of the system.................................................................................78
Test Plan Design..................................................................................................79
Test Plan Implementation....................................................................................79
Test Results and Analysis....................................................................................79
Network Security – RADIUS Server.............................................................................................80
Objective of Control.................................................................................................80
Resources Used........................................................................................................80
Developing the control.............................................................................................80
Description of the System....................................................................................81
Configuration of the system:................................................................................81
Test Plan Design:.................................................................................................81
PROJECT ON NETWORK AND INFORMATION SECURITY
Chapter 3 – Technology Implementation of Security Controls.....................................................70
Overview........................................................................................................................................70
Network Security – Access Control..............................................................................................71
Overview..................................................................................................................71
Objective of Control.................................................................................................71
Resources Used........................................................................................................71
Developing the control.............................................................................................72
Description of the System....................................................................................73
Block Diagram.....................................................................................................74
Configuration of the system.................................................................................75
Test Plan Design..................................................................................................76
Test Plan Implementation....................................................................................77
Test Results and Analysis....................................................................................77
Network Security – DMZ Zone.....................................................................................................77
Objective of Control.................................................................................................77
Resources Used........................................................................................................77
Developing the control.............................................................................................78
Description of the System....................................................................................78
Configuration of the system.................................................................................78
Test Plan Design..................................................................................................79
Test Plan Implementation....................................................................................79
Test Results and Analysis....................................................................................79
Network Security – RADIUS Server.............................................................................................80
Objective of Control.................................................................................................80
Resources Used........................................................................................................80
Developing the control.............................................................................................80
Description of the System....................................................................................81
Configuration of the system:................................................................................81
Test Plan Design:.................................................................................................81
4
PROJECT ON NETWORK AND INFORMATION SECURITY
Test Plan Implementation....................................................................................82
Test Results and Analysis....................................................................................82
Network Security – IPS.................................................................................................................82
Objective of Control.................................................................................................82
Resources Used:.......................................................................................................83
Developing the control.............................................................................................83
Description of the System:.......................................................................................83
Configuration of the system:....................................................................................84
Test Plan Design:.....................................................................................................86
Test Plan Implementation........................................................................................86
Network Security – IDS.................................................................................................................88
Objective of Control.................................................................................................88
Resources Used:.......................................................................................................88
Developing the control.............................................................................................88
Description of the System:.......................................................................................89
Configuration of the system:....................................................................................90
Test Plan Design:.....................................................................................................90
Test Plan Implementation........................................................................................91
Backup and Recovery Technology................................................................................................92
Penetration testing....................................................................................................96
Scanning Server.......................................................................................................96
Conclusion.....................................................................................................................................98
Bibliography..................................................................................................................................99
PROJECT ON NETWORK AND INFORMATION SECURITY
Test Plan Implementation....................................................................................82
Test Results and Analysis....................................................................................82
Network Security – IPS.................................................................................................................82
Objective of Control.................................................................................................82
Resources Used:.......................................................................................................83
Developing the control.............................................................................................83
Description of the System:.......................................................................................83
Configuration of the system:....................................................................................84
Test Plan Design:.....................................................................................................86
Test Plan Implementation........................................................................................86
Network Security – IDS.................................................................................................................88
Objective of Control.................................................................................................88
Resources Used:.......................................................................................................88
Developing the control.............................................................................................88
Description of the System:.......................................................................................89
Configuration of the system:....................................................................................90
Test Plan Design:.....................................................................................................90
Test Plan Implementation........................................................................................91
Backup and Recovery Technology................................................................................................92
Penetration testing....................................................................................................96
Scanning Server.......................................................................................................96
Conclusion.....................................................................................................................................98
Bibliography..................................................................................................................................99
5
PROJECT ON NETWORK AND INFORMATION SECURITY
Chapter 1 - Network Redesign
Overview
The First national university FNU is an institution off public higher education and the
institution deals with distance education and online study programs. This is the first higher
education institution of the country which has been associated with providing a distance
education facility and the recent facility includes the online programs. Besides the main campus
of the University there also exists five regional campus and ten metropolitan campus. The
present situation of the University has been associated with providing a diverse range of
undergraduate and postgraduate programs along with Vocational as well as educational trainings
and short professional programs. There exists around more than 45,000 students who are
currently studying in the various levels of the University as an on-campus student. Besides this
there exists around 15000 students who are currently studying under the online facility and the
distance education program.
There exists three major facilities which has been associated with supporting the IT
services which includes the Headquarters, Operations and the backup. The headquarter is
situated in the main campus and the operation facilities are located at a distance of 50 K.M. away
from the headquarter at a warehouse which is owned by the university in an industrial area of the
country. The Operation facility is associated with housing the technical functions at the back
office, Data Centres and the staffs of the It department. The location of the backup facility is
almost at a distance of 1000 K.M. from the headquarter. The University is associated with using
the backup facility for the purpose of using it as a warm-site which would get operational
whenever failure in the operation facility takes place.
PROJECT ON NETWORK AND INFORMATION SECURITY
Chapter 1 - Network Redesign
Overview
The First national university FNU is an institution off public higher education and the
institution deals with distance education and online study programs. This is the first higher
education institution of the country which has been associated with providing a distance
education facility and the recent facility includes the online programs. Besides the main campus
of the University there also exists five regional campus and ten metropolitan campus. The
present situation of the University has been associated with providing a diverse range of
undergraduate and postgraduate programs along with Vocational as well as educational trainings
and short professional programs. There exists around more than 45,000 students who are
currently studying in the various levels of the University as an on-campus student. Besides this
there exists around 15000 students who are currently studying under the online facility and the
distance education program.
There exists three major facilities which has been associated with supporting the IT
services which includes the Headquarters, Operations and the backup. The headquarter is
situated in the main campus and the operation facilities are located at a distance of 50 K.M. away
from the headquarter at a warehouse which is owned by the university in an industrial area of the
country. The Operation facility is associated with housing the technical functions at the back
office, Data Centres and the staffs of the It department. The location of the backup facility is
almost at a distance of 1000 K.M. from the headquarter. The University is associated with using
the backup facility for the purpose of using it as a warm-site which would get operational
whenever failure in the operation facility takes place.
6
PROJECT ON NETWORK AND INFORMATION SECURITY
The regional as well as the metropolitan campuses are almost similar to the main campus
in terms of the size, staff as well as the technologies. The IT infrastructure that the university is
having is associated with the usage of the old and complex technologies. Along with this the
university is still associated with the usage of numerous protocols for the purpose of enabling the
communication in the campus and the main server farm which are located in the various
locations. In order to support the day-to-day learning and the activities as well as the teaching
activities, academics and administrative staffs present in the university. This is done for the
purpose of dealing with the external partners which includes the hospitals, research centres and
many more in various ways which are not necessarily compatible with each other. The current
network that the university is having has various problems related to consistence, performance
and reliability and this has been responsible for owing the growth of the enrolments and the
expansion of the operations which are very recent. There has been an increase in the number of
students for this reason the IT department of the university has been informed about the increase
in the number of students along with informing them about the various complaints received from
the faculties. Particularly it can be stated that the faculties and the academic staffs has been
associated with facing a problem related to the network. For this reason they are not capable of
submitting the grades in an efficient way or maintain a consistent connection amongst the
colleagues at the other units or keeping up with the research or conducting of the daily tasks.in
an similar way the students are also facing lot of problem and this includes late submission of the
tasks and many more. This problem has mainly occurred after the introduction of the online
submission method. For all this problems this report has been prepared in order to analyse the
business goals of the university along with redesign the network as the physic structure for the
purpose of elimination of all the problems.
PROJECT ON NETWORK AND INFORMATION SECURITY
The regional as well as the metropolitan campuses are almost similar to the main campus
in terms of the size, staff as well as the technologies. The IT infrastructure that the university is
having is associated with the usage of the old and complex technologies. Along with this the
university is still associated with the usage of numerous protocols for the purpose of enabling the
communication in the campus and the main server farm which are located in the various
locations. In order to support the day-to-day learning and the activities as well as the teaching
activities, academics and administrative staffs present in the university. This is done for the
purpose of dealing with the external partners which includes the hospitals, research centres and
many more in various ways which are not necessarily compatible with each other. The current
network that the university is having has various problems related to consistence, performance
and reliability and this has been responsible for owing the growth of the enrolments and the
expansion of the operations which are very recent. There has been an increase in the number of
students for this reason the IT department of the university has been informed about the increase
in the number of students along with informing them about the various complaints received from
the faculties. Particularly it can be stated that the faculties and the academic staffs has been
associated with facing a problem related to the network. For this reason they are not capable of
submitting the grades in an efficient way or maintain a consistent connection amongst the
colleagues at the other units or keeping up with the research or conducting of the daily tasks.in
an similar way the students are also facing lot of problem and this includes late submission of the
tasks and many more. This problem has mainly occurred after the introduction of the online
submission method. For all this problems this report has been prepared in order to analyse the
business goals of the university along with redesign the network as the physic structure for the
purpose of elimination of all the problems.
7
PROJECT ON NETWORK AND INFORMATION SECURITY
Identify Organisation’s Needs and Constraints
Business Goals: different type of business goals of the university has been identified and
this include the providing of a network for the students as well as for the faculties to work in a
proper way. Besides this the university is also thinking of providing the facility of BYOD or
work at home policy. The university aims at providing a network which would be much faster
and would be helping the peoples associated with it to work efficiently and with much more
efficiency. Besides this the university is associated with providing with various type of
educational courses. The university has been focus on improving its IT infrastructure as they
think that the enrolment process of the campus is likely to grow by 50 % in the upcoming years.
Besides this they are also associated with improving the efficiency of the faculties and the
academic staffs. This is done for the purpose of helping them in taking active part in various type
of research processes by taking help from the other peoples who are present in the other units of
the university. The university is also aimed at improving the efficiency of the students. This is to
be done for the purpose of helping them in obtaining good marks along with helping them in
doing faster submissions and do their works in an efficient way. They are also thinking of giving
remote access of the campus network to the students and the faculties so as to help them in doing
their work from home. Another major goal involves saving themselves from any type of
intruders.
Technical Goals aimed to support business transactions:
Scalability
The following are the list of the scalability of the network needs that are needed for
redesigning the network solution for the first national university
PROJECT ON NETWORK AND INFORMATION SECURITY
Identify Organisation’s Needs and Constraints
Business Goals: different type of business goals of the university has been identified and
this include the providing of a network for the students as well as for the faculties to work in a
proper way. Besides this the university is also thinking of providing the facility of BYOD or
work at home policy. The university aims at providing a network which would be much faster
and would be helping the peoples associated with it to work efficiently and with much more
efficiency. Besides this the university is associated with providing with various type of
educational courses. The university has been focus on improving its IT infrastructure as they
think that the enrolment process of the campus is likely to grow by 50 % in the upcoming years.
Besides this they are also associated with improving the efficiency of the faculties and the
academic staffs. This is done for the purpose of helping them in taking active part in various type
of research processes by taking help from the other peoples who are present in the other units of
the university. The university is also aimed at improving the efficiency of the students. This is to
be done for the purpose of helping them in obtaining good marks along with helping them in
doing faster submissions and do their works in an efficient way. They are also thinking of giving
remote access of the campus network to the students and the faculties so as to help them in doing
their work from home. Another major goal involves saving themselves from any type of
intruders.
Technical Goals aimed to support business transactions:
Scalability
The following are the list of the scalability of the network needs that are needed for
redesigning the network solution for the first national university
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Answers. S No. Option. S No. Option. S No. Option. S Nolg...
|1
|242
|160
Linux Server Administrationlg...
|123
|727
|100
Business Plan of a Digital Businesslg...
|115
|28927
|240
Understanding Exponential Decay through Newton's Law of Coolinglg...
|9
|783
|478
Comparative Analysis of Exam Scores using Boxplots, Histograms, F-test, Confidence Interval and Hypothesis Testlg...
|8
|785
|125
Statistics Assignment: Australian Exports Analysis, Analysis of Sales, Estimation and Testing Significance Levellg...
|11
|1439
|69