Network Redesign and Security Technology Implementation

Verified

Added on 2023/06/11

AI Summary

This guide by Desklib covers network redesign and security technology implementation. It explains the business and technical goals, existing network, and logical and physical network redesign. It also provides insights into security technology implementation and its various aspects. The guide includes a detailed overview of scalability, availability, network performance, security, manageability, usability, adaptability, and affordability. The subject and course code are not mentioned.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Table of Contents
PART 2-Network redesign............................................................................................................................2
1. Overview.................................................................................................................................................2
1.1 Business goals........................................................................................................................................3
1.2 Technical goals......................................................................................................................................4
1.3 Existing network....................................................................................................................................9
1.4 Network traffic analysis.......................................................................................................................13
1.5 Logical network redesign.....................................................................................................................14
1.6 Physical network redesign...................................................................................................................18
2. Conclusion.............................................................................................................................................19
References.................................................................................................................................................20
PART 3-Security technology implementation............................................................................................22
3. Overview...............................................................................................................................................22
3.1 Control 1..............................................................................................................................................23
3.2 Control 2..............................................................................................................................................44
3.3 Control 3..............................................................................................................................................44
3.4 Control 4..............................................................................................................................................45
3.5 Control 5..............................................................................................................................................45
4. Conclusion.............................................................................................................................................46
References.................................................................................................................................................47
1

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

PART 2-Network redesign
1. Overview
In this project the network redesign is considered about the design of network in the
organization and it helps to make a way to the person access the needed one. According to the
scenario the network such as LAN and wan network used in the network design and multiple
devices take a place in the design of the network and make a clear vision to the user and in that
scenario it is used to the students in the organization.
And the implementation of network design described below kind of diagrams. And the
scenario is tell about the requirements such as network based and the design used to be the
students with the goal of technical and also in business. So in the organization the network is
much needed one and that network used to the students to get the access from the department and
the network is to be used in the way kind of LAN and wan network.
These both network has been used to the design of such network platform used to the
students and their related studies. In the organization they are used to different platform for the
students and it has the goals such as business and technical. LAN network is used completely in
the form of network connection inside the areas such as lab and similarly the wan network is
used to the network for the total place occupied in the organization.
And in this project the network made by using the devices and that is related to the
network. And the network platform has made upon using the firewall and the techniques are used
in this design to make perfect network for the organization. And in that network design it
includes the traffic analysis of the network by using the hosts in that it includes many servers and
the network design in the way of logical and physical design.
In that logical design it explains about the network devices design and mentioned about
ip address allocation and virtual LAN configuration and described about the sub netting and the
sub netting is used to spread the network to the below network based on the scenario such as the
work or resources to the basic network.
2

1.1 Business goals
The business goal of the organization is to make a design of network which is used to the
students and their studies. And not only students and the high position people also follow the
network to their work using this network redesign by the parameters of the network.
In this business goals it is related to the scenario in that it has the big organization
through this they providing the network to the operations and the operation in the kind of
metropolitan and regional and these separated as graduate in the way undergraduate and post
graduate and in here many students are offered many programs.
And it has three options like operation, Headquarters and backup. And each of the
operation is held on different places within the certain range. And has a warehouse to provide the
data to the related person as staff and the backup is used to store the contents about the operation
and include the technical related functions.
And in that each operation uses the network devices such as routers and LAN and wan
networks. And the topology is used to the network kind of design and transfer of data. And the
network design should be support the learning and research activity.
And the network should be good in performance and need to be constant in the network
design and the departments should follow the network used to share the content related to the
department for the technical information.
And this network design is used to solve the problems happened in the network. And by
the usage of network in the scenario the staff can communicate easily with the students. And the
security issues are analyzed in these network connection.
Security is the main issue in the network and it has to be solved through this network
design by using the network components and devices and the traffic has to be analyzed through
the firewall settings in the network design and the sub netting is help to manage the network
traffic in terms of spread the network to the sub fields in the network.
3

And in networking design the security is the essential operation to send the data with
secured structure and the design has to be secured to the process in the network platform. And in
this students can make the problems with the organization rules and can make proxy through this
network so we have to provide the security for the network design.
Normally the business goal of some organizations is like have to grow the efficiency and
to increase the performance level and services and need to be focus on the development of the
company or some organizations. In the scenario it mainly focusing on the college and network
settings for that infrastructure.
And the main business goal is to make a network design to reach them to all who the
students and other staffs and in that organization they leads that such kind of business in the way
of providing opportunities to the students in the way of reduce the complex and make the place
in terms of network connect and also the wireless connection for the students.
For the network connection here different kind of networks has been used and the
networks is useful for the communication and development of the organization works and also it
is used more kind of things related to the network.
The business goal of organization is in the way to provide the secured with feasible
opportunities to the students through the network. And the network should be appropriate and
usable. And it have a connection with technical goals and it acts as an overview for the technical
goals. And the business goals contains the requirements to accomplish the goal useful for the
students.
1.2 Technical goals
The technical aim of this network to make a perfect design with the network devices and
in that network it concerns about the security issues and the data, scalability, Availability and use
to analyze the network performance and also usability.
Scalability
In information technology the scalability used to two different usage. First one it has the
ability of the computer hardware or software. And also it changes the size and volume of the
4

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

computer application based on the user. The re scaling process has a big size of volume. It
includes lot of resources like a line of computer system, different size if terms, and RAM.
The second usage is the function of the rescaled situation. For instance an application
program should be scalable, and then it moves from small operating system to large operating
system. Then we need large number of users for control the operating system. Scalability is the
best method for downloaders.
Scalability describes the ability of a process, network, software or organizational growth.
And also is used for manage the system, business, and also the software. Scalability has an
ability to adapt the changes based on the user needs. The organization, network system, or
software’s are use the scalability process for handle the demands, increase the productions, and
also perform the user needs.
Availability
Availability means percentage of time, in a particular time interval which server is
complete designed and built it using cloud service or other machines. Normally the formula is
used to calculate the network availability. Availability is the ratio between the uptime and total
time.
Availability= uptime/total time
And also,
Total time= down time+ uptime. The total time is calculated by adding the down time
and up time. The VPN tunnel is used for calculate the network availability. In VPN tunnel it
includes only the internal applications not the external applications.
In this calculation, the availability is calculated by the multiplication of external
application weight and internet network availability. Then add the result into multiplication of
internal application weight and VPN network availability.
5

Network performance
The network performance defines the analysis and review of collection of network
statistics. The underlying computer networks are used for define the quality of service. It is also
known as qualitative and quantitative process. That measures the performance of available
network. And also it tells the details about the network administrator review, measures, and also
takes some improvements.
The user deliver the quality of network service, using network performance and this
service are easily deployed. Normally the network performance is used for measure the end user
perspective. The following network components are used for measure the statistics and metrics
of the network performance.
 Network bandwidth or capacity
 Network throughput
 Network delay or latency
 Data loses
 Network errors
The network bandwidth is used for check the availability of data transfer. Capacity
means shows the entire storage of the system. Second one is network throughput; it means the
entire amount of data is successfully transferred over the network in a given time limit. Third one
is network delay or latency, the packet transfer is little slow compared to the normal packets.
Final one is data loss and network errors, the packets are dropped or lose their quality, and also
the transmission and delivery is lost.
Security
Network security means is any activity, used for protect the usability and integrity of the
networks and also the data. The computer hardware and software use the network security. The
most effective network security is used to manage the accessible network. We are using several
threats to stop the network spreading.
Different types of network securities are used, like access control, antivirus, and
antimalware software, application security, behavioral analytics, data loss prevention, and email
6

security, firewalls, intrusion prevention system, mobile device security, network segmentation,
security information and event management, VPA, web security, and wireless security.
Manageability
Sample diagram
The manageability functions are classified into four categories:
 Logging, health monitoring, and alerting
 Control and configuration
 Updates and deployment
 Asset discovery and inventory
Usability
The web applications and software consider the usability for achieving their goals
effectively and also efficiently. The usability includes the different level of user interface. And
also the non-functional requirement is used in this technique. The usability design process
consider three different principals, they are
 Iterative focus on the user and the task
7

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

 Iterative design
 Empirical measurement
The evaluation of usability is done by the following methods.
 Cognitive modeling
 Inspection
 Inquiry
 Prototyping
 Testing
Adaptability
A good network means they have an ability to adapt any kind of new technologies and
also the changes. They have no of features for adapting the new protocols, new business,
practical, new goals, and new registration. The availability needs more effects. And the traffic
patterns are changed by using the flexible design.
Using adaptability we can achieve three working models
 WG1- GESCANT
 WG2- ADAPNA
 WG3- OR BITS
Affordability
Affordability is also known as cost effectiveness process, the main goal of affordability is
reduce the total amount of traffic from the given financial cost. Basically all the campus
networks are low cost and also reduce the network traffic. Sometimes we are using the enterprise
networks for achieving the low cost.
8

The campus network design must use the affordability for reduce the financial cost.
Quality routing protocol is the best example of affordability.
Sample affordable policy diagram
1.3 Existing network
The network is used her such as LAN and wan. And the LAN network is used to provide
the network within the particular area. And the wan network provides the network within one
city. In this scenario is mentioned the LAN network is considered inside the class room and the
wan network considered in the total areas.
Many systems are connected together is called network. Advantage of network in
conversation and transfer many files or documents into one system to another system.
Existing network called disadvantages of network, if network wires and servers can be
hostile. Administration of big network is a very complicated and occur many problems. Mainly
drawback virus, it spreader one computer another computer. Hacking is one of the main reason,
unwanted person access your files very dangerous. Network Topology classified at two types.
9

Physical Network Topologies
It is used to build the network. Basically hardware tool is used to configure of
many network. Hardware tool used commonly lack that the architecture of web based on given
design.
Types
It has five types. And they are Point to point topology, Bus topology, Ring
Topology, Star Topology, Hub and Spoke Topology, Point to Multipoint topology.
Point to point topology
Point to point topology is used to communication purpose. This communication
link connect to two stations up a lone hardware connection. This topology used for connectivity
purpose at serial port of topology. It is called as daisy chaining.
Bus Topology
Topology worked at connect too many computer in single cable. That single cable
is type of coaxial cable used.
Ring Topology
Ring topology defines as connecting from one system to many systems. This
process in commonly used for both interfaces. Token ring is used for allow to transfer process.
Star Topology
Star typology is the important topology of physical network. Because star
topology is used for all network building purpose. To use hub for all network connected to
station.
Point to Multi point
It is defined as a single platform network to run a multi-platform network.
10

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Logical Network Topologies
Logical networks manage a number of networks and stations, if run process going
a physical network. Internet protocol generate many logical webs. All internet actions are
implement a logical topology. Peer to peer and client to server os known as the types of logical
network topology.
WAN Map Block Diagram
Wide area network managed many number of rages and distance which is based on
computer network oriented. If connect more local area network and spread worldwide a package
of switches and routers to use for connected to WAN. This connection flow to inside the
network.
LAN Map Block Diagram
11

This figure mentioned at below to spread internet via LAN. Internet broadcast to modem.
Modem is used to delivery purpose. Modem send to signal at firewall. Firewall used for security
purpose. Next router connect one port to many systems include workstation. Router connected to
firewall and spread to internet from workstation and sub systems.
Interconnection Device
This device grant that single system to communicate at many systems. This
communication process flowing an LAN wire or Landline. Is converted to big and difficult
switching method to used interconnecting way to build number of networks.
This figure mentioned at single core switch used. Core switch is a high quality switch, is placed
in physical part. Core switch is main part of diagram, is broad cast link to firewall and router,
number of switches.
Workgroup switch is an approximately low quality switch, it supply the work for smaller
group of labors. Floor switch is an electrical cabling and used for control the lights. The
workgroup and floor switch is continuously connected at different paths.
Network Segments
Network portion is a part of network that described as actions of network. This machine
supported as a repeater, hub, bridge, switch or router. Given segment control at single to many
computer.
12

1.4 Network traffic analysis
Traffic flow
In the network traffic is considered as huge one and for this traffic some of the prevention
method is present and in that the main method is quality of service and it done by the parameters.
In this traffic management happened by the hosts. And virtual host take a part based on
this scenario the in the university the traffic may be happen because the source send to
headquarters and data Centre. So in that online communication the traffic should occur so the
above diagram is described about the traffic between the layers.
And in that the traffic has to be analyzed by the host and here virtual host act as server
and it used to provide the connection and this connection go through the GPU and this is used to
pass the connection and it act as a medium to pass the network over the internet and this traffic
management makes the clear way of network to the files using the web servers. And the traffic
has to be analyzed in the way of network design and the network finally provided to the host or
system and it called as a node and the network has to be reached the end without any traffic.
13

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Traffic load
And in the traffic load the workstations as known as system and the servers are has to be
analyzed. In the traffic, the load has to be reduced by the usage of traffic analysis. Traffic
generally has some count for the load calculation. And the load removed while the traffic has to
be analyzed. And in that the traffic is to be configured by the servers and the host details and
collect the data about the workstation known as system. And here more system is connected with
the server for the network connection with the host and the GPU make a connection between
these two as host and system and the host here act as virtual host.
Protocol and Qos
Generally the protocol provides the rules about the network and the connection without
this we did not make a connection between the system and server and additionally the service or
network need to be checked with the parameters used for the service quality and this Qos has
such parameters like jitter and packet loss. These kind of parameters used to get the connection
and used to check the quality of the services provided by the network. The Qos parameters lists
described below. They are,
 Packet loss
 Jitter
 Bandwidth
1.5 Logical network redesign
14

In the network devices of the network is shown above diagram and the connection between
the devices is established with the routers and switches. And in this server provide the network to
the network devices such as routers and the switches also has a part in the network devices
design and the network finally provided the network to the computers.
In the ip address allocation the system and network devices are mentioned below based
on the scaenario the system mentioned in the layers should have the ip address for identifiaction.
So we have to allocate the ip for each devices. And in the ip address contains the external and
internal ip and their ip address also. And the devices are connected in the internet which has the
ip address for the identification of the devices for reduce the traffic. And the also the collection
of ip address is mentioned in the below diagrams. And the internet link provided to the devices
for the conection with correct ip address.
15

In the virtual local area network the configuration is made on before diagram by
using the protocol through the internet and this is connected to the servers by the firewall for
security in the scenario it needed firewall for network communication in a secured manner.
16

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

In the sub netting the traffic has analyzed by the subnet and in that subnet name and the id and
the host names are delivered.
In the firewall it was installed through the internet and it also used as perimeter and it is
used to protect the surrounding areas from the attack and use the zone to the critical attack and in
the same way and it use the internet for the services. In the server and remote the internet has
been used. And for the particular services it use these kind of servers. And it is used to protect
from the threats.
IDS/IPS
And the IPS device is used in the perimeter and also deployed and the IPS device in the
perimeter and the traffic created in the server and also in the internet to provide a security from
the threats. And the ip has many functions such as notification to the administrator and the traffic
is used to get the decode for the attacker and also it used to disconnect the communication in the
universities.
17

1.6 Physical network redesign
In the WAN network it is providing the network in the cities level and based on the
scenario the universities have only wide area network such as backup and data center as kind of
these areas. Using the wide area network we can analyze the gateways and their place of
position. And it has a topology in that it has network components and servers such as host
configuration and other common devices. And this topology makes the network as availability
and also used to voice. And it has servers and gateways and it use to analyze the servers such as
host server and the server has the bandwidth variation. And in the network such as cabling in the
wide area network such s standards cabling and the performance of wan described below. It
described about the CPU usage and voice and link. And it is used in the universities network
performance in the way of providing bandwidth increasing performance. And the quality of
service is needed to provide the connection in the universities network to check the traffic
between connections.
18

In the local area network it describes about the bandwidth and the quality of voice and in
that the layers may get conflict and the topology shows the devices and servers and gateways.
For the LAN it needs the bandwidth increase and scalability and the quality of service and this
network is used in the FNU universities inside the campus and the servers of the LAN network is
used here in the campus domain name service and the communication between the students. And
for that communication the network device such as used here and that is known as bandwidth
and link. And the performance of the LAN network of the LAN has the measurements inside the
campus like the usage of the CPU and failure rates and also the memory and LAN usage and for
the LAN network in the campus addressing is very essential one and this contains the subnets
and routes and servers for the network. And the protocol used for the network rules in the
network for the universities and that includes the VLAN and IPX.
2. Conclusion
The conclusion about the project scenario is accomplished through the network redesign
and in this redesign part the network design implemented for the use of people in the
organization with different kinds. And the implementation of network design is made using the
network devices and the analysis of traffic was completed.
19

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

References
Feng, T., Zhang, Z. and Ma, J. (2010). Security Authentication Protocol for WiMAX Wireless
Network Based on Protocol Composition Logic. Journal of Electronics & Information
Technology, 32(9), pp.2106-2111.
Habib, S. and Marimuthu, P. (2013). Comparing Communication Protocols within an Enterprise
Network for Carbon Footprint Reduction. Network Protocols and Algorithms, 5(1).
Tuxen, M., Rungeler, I., Stewart, R. and Rathgeb, E. (2008). Network Address Translation for
the Stream Control Transmission Protocol. IEEE Network, 22(5), pp.26-32.
Zhao, J. and Sun, Q. (2012). Design and validation of a novel space-earth integrated network
management protocol and its simulation. International Journal of Satellite Communications and
Networking, 30(6), pp.265-275.
ChemViews (2012). How Wind Turbines Work. ChemViews.
Hunt, C. (2010). TCP/IP Network Administration. Sebastopol: O'Reilly Media, Inc.
Lemetre, C., Zhang, Q. and Zhang, Z. (2013). SubNet: a Java application for subnetwork
extraction. Bioinformatics, 29(22), pp.2958-2958.
Mbale, J. and Mufeti, K. (2011). Phase teaching model for subnetting IPv4. International Journal
of Internet Technology and Secured Transactions, 3(1), p.1.
Xia, C. (2011). Analysis and Application of Petri Subnet Reduction. Journal of Computers, 6(8).
Avkiran, N. (2014). A Tutorial on Using Dynamic Network DEA to Benchmark Organizational
Performance. SSRN Electronic Journal.
Edmonson, R. (2014). 802.11 wireless local area network. Columbus, Ohio: Investment and
Governance Division, Ohio Office of Information Technology.
Kouvatsos, D. (2011). Network performance engineering. Berlin: Springer.
Lin, H. and Choi, M. (2010). Mining Web Usage within a Local Area Network. International
Journal of Engineering and Technology, 2(5), pp.435-441.
20

Liu, X., Qiao, C., Yu, D. and Jiang, T. (2010). Application-specific resource provisioning for
wide-area distributed computing. IEEE Network, 24(4), pp.25-34.
Liu, X., Qiao, C., Yu, D. and Jiang, T. (2010). Application-specific resource provisioning for
wide-area distributed computing. IEEE Network, 24(4), pp.25-34.
Opportunities to learn and network. (2014). The Pharmaceutical Journal.
Park, S. (2016). A Rogue AP Detection Method Based on DHCP Snooping. Journal of Internet
Computing and Services, 17(3), pp.11-18.
Sandbu, M. (2013). Microsoft System center configuration manager. Birmingham: Packt
Publishing.
Seo, Y. and Schmidt, A. (2013). Network configuration and hydrograph sensitivity to storm
kinematics. Water Resources Research, 49(4), pp.1812-1827.
Soyinka, W. (2010). Wireless Network Administration. New York, USA: McGraw-Hill
Professional Publishing.
Wan, J., Humar, I. and Zhang, D. (2016). Industrial IoT Technologies and Applications. Cham:
Springer.
21

PART 3-Security technology implementation
3. Overview
In this project the scenario is based on the communication using the network between the
students in the organization and their details have to keep with a security so we need to
implement the technology for the security issues through the network and this security
implemented using such kind of software and operating systems. In the way the Linux and
Sophos these kinds of techniques is used to list the security issues happened in the network. And
the security methods based on the scenario.
The network security pLAN is a step by step process. The information technology
is supported by three major facilities namely headquarters, operations, and backup. A proper
security pLAN has the formal threat assessment. The IT security pLAN is a document that is
produced by management. And also shows how you can secure the system in the industry. Using
security pLAN we can easily show the business procedure, and security towers the system and
data. Lot of security pLANs are available, it allow the daily procedures and pLANs. It fully
based on the online communication. Such as via email and video call. Different types of security
procedures and devices are currently used in place like physical protection, virus protection,
spam- filter software, password security, updates, wireless networking, backups, and firewalls.
A security pLAN contains lot of risks such as physical threats, computer security
threats, information threats, and natural threats. The physical threats contain theft, damage, and
arson. And the next one is computer security threats it includes malware, hardware failures and
system crashes, spam and viruses. Third one is information threats it also includes some things
like private data, secret of the business, and fraud. Final one is natural threats like tsunami,
floods, earthquake, and hurricane. The security measures are calculated by the following sections
such as protection, prevention, administration control, and storage on control.
In protection includes backup, encryption, and employees. The removal of data,
operating system, firewalls, and antivirus are done by prevention. Administration control means
access control, permission control, and webpage restrictions.
22

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

3.1 Control 1
Objective of the control
In this recommendation control it described about the backup of the data and explained about
how to rescue the data and analyze what are the files inside the network and the functions and
technology explained in this control section.
Resources
It has the resources like mail server and database server, web server and other network
components.
Developing the control
In this area such as data backup technique we have to use some software and operating
system as Linux and Sophos UTM. Kali Linux is used for the penetration testing by using the
commands and in the Sophos it also executed by using the virtual box. And these techniques
implementation clearly described below in the way of diagrams.
Description of the system
We are using the Kali Linux software, basically the kali Linux software is one of the best
open source security package. And it contains set of tools divided by different categories. Using
kali Linux the Wi-Fi cracking tools are incorporated. In kali Linux is affected by the wireless
attack, one of the most famous attacks is Fern Wi-Fi cracker. The following command is used for
start the terminal, “airmon-ng start wLAN-0”,
Next we are using Sophos, is a network security solution. Each and every Sophos
network security is used for providing the security modules, and also run it. All the security
models are available as total. In this modules include lot of resources like essential firewall,
network protection, web protection, email protection, web server protection, wireless protection,
and endpoint protection.
23

Implementation using kali linux
In above figure it shows the installation of kali linux using vmware. And the index page of
installation end is showna bove.
Installation of sophos UTM
24

Configuration of the system
Information gathering and vulnerabilities analysis
Scan reports
25

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Zenmap tool
Scan reports
26

Topology diagram
Hardware detection of sophos
27

choose admin interface
network configuration
28

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

enterprise toolkit
finish
Test pLAN design
29

In above diagram the port configuration is shown.
Tcp and udp ports scan reports
30

Ping command
31

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Vulnerability analysis tool
32

And in the end the vulnerability has been analyzed through the commands in the kali
Linux.
33

Website penetration testing
34

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Vulnerability tool
Test plan implementation
35

Database analysis
36

WPscan
37

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Joomscan
Execute the sophos UTM 9
basic system setup
38

system configuration
sophos intrfaces
39

internet connection
firewall
40

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Intrusion prevention
41

Web admin
Test result and analysis
In this part of security technology implementation we need to analyaze the attacks and
make a solution in the way of testing such as penetration testing using operating system by the
virtual box.
First one is the testing is done by the kali linux through virtual box and second one is
testing done by the sophos UTM through the virtual box.
Scope:
42

This tehnology includes the backup and recovery pLAN, but it not a limited one. In
includes lot of things like recovery of file and print server, mail server, database server, web
server, video steaming server, and aslo domain controllers. But this pLAN does not consider the
backup and recovery of client work stations, laptop, tablet PCs, or PDAs.
backup pLAN
Every business night must have a server backup, and excluding holidays. Before perform
the recycle operation we need to perform backup on Friday. The monthly backup is used for
descripe the last backup of every month. And it kept for a year before recycle. The fireproff safe
is used for store the monthly backup tapes. Only the last two monthly taps are stored in a
fireproof safe.Backup will be performed and also monitored by the full time IT staff members.
The verital backup execution is automatically extracted by the backups. And also use arcserve or
similar software product. The tapes are inserted in every night before leaving the network. The
director of information technology provide a report about backup failures. Any problems will be
occur the director take a action immediately. We need to perform the backup operation before
the server modification or updation.
loss of data
Sometimes the datas are losed so we need to discover the data lose and also evaluate it.
Mostly the data loses are related to file corruption, virus, security, or human error. The hardware
and software related problems are troubleshooted by the IT staffs. The data loss is related to a
virus and also related to the security stystem. And also it quickly solve the related problems.
Human error related problems are done by the IT staffs, the IT staffs inform immediately to
avoid further loss of data. The bachup media is used for perform the restoration operation and
minimize the data loss.
Restoration of data
The data lose time and date is noticed by the IT staffs. Every bachup media have a
appropriate server. The data restoration is monitored by the IT staffs. If the disaster is
discovered, the IT staffs are determine the extend of the problem. Basically the disaster is a
hardware related. Types of natural disasters are used like fire, tornado, earthquake, or other. The
43

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

data integrity and validity is check by the IT staffs. The restore is finished by the end user
approval.
3.2 Control 2
Security groups define the colections of user account, computer account, and also other
group account. The single unit in the security perspective is used for manage the account. In
windows opearting system we are using aeveral security groups, for complete the specific task.
The unique combinations of security requirements are used for craete a group in secure manner.
It based on the active directory based or local to the particular computer.
The rights and permissions of the domain resources are managed by the active directive
security. Then the local group exit is used for access the SAM database on local computer. The
computers are fully windows based but not the domain controller. The local computer resources
are managed by the local groups.
3.3 Control 3
The web tier in a three tier architecture is typically deployed by the apache server.
And also we are using the combined web and application tier. The reverse proxy functionalities
are provided by the same apache server, in front of a multi tier architecture. The catching and
44

compression operations are successfully executed using the reverse proxy functionalities. The
apache server only provide the web or web pplication functionality. One or more apache system
are used in a BIG-IP system. We are using several deployments like
 Web app tier/ apache as web tier
 Apache as reverse proxy
 BIG-IP replacing apache functionalities
 BIG-IP complete the apache functionality
 BIG-IP apache as reverse proxy is replaced.
3.4 Control 4
Mod security is a type of security used in network secutiry pLAN. Basically is a
open sources web application firewall, used by the apache. Mod security says the generic
applications are provided in particular order. In this technique we are using some core rules. They
are HTTP protection, real time blacklist lookups, web based malware detection, HTTP denial of
service protection, common web application protection, automation detection, integration with
AV sacnning for file uploads, tracking sensitive data, trojan protection, identification of
application defects, error detection and hiding.
3.5 Control 5
45

4. Conclusion
In this section is fully focused on the security technology implementation. The final
solution is created the way of penetraion testing using opearting system by the virtual box. The
kali Linux is insatlled and executed successfully, and also the generate the result using sophos
UTM. The objective of the control is to meet the organizational security, using RADIUS server.
Then the system development is done by using commercial hardware and software.
Draw the logical digram, in this diagram includes wireless router, range of IP address,
subnets, RADIUS server, and IP address interface. Finally the system configuration contains test
pLAN design, test paln implementation, and also analysis. All the connections and reprts are
completed successfully. The organisation permissions and rstriction controls are worked well.
The over all contruction of security pLAN was a big and effective improvemevt towards the
organization. We are using firewall and some anti virus software, for remove the threats very
fastly and effectively. One of the best method of backup is cloud dtorage, using cloud storage the
datas are safe and also avoide the phisical damage of the sytem.
46

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

References
Byoung-Jik, P., Sung-Hyuk, K. and Yong-Il, K. (2015). The Effects of Demilitarized Zone's
Brand Equity as a Tourist Destination on Place Attachment and Perceived Risk: Targeting
Foreign Tourists to the DMZ. Journal of Tourism Sciences, 39(5), pp.101-116.
DAYEZ-BURGEON, P. (2012). La DMZ coréenne, une frontière paradoxale (encadré). Hermès,
(63), p., [ p.].
Fu, W. and Lu, A. (2012). VLAN Technology Application Research Based on Campus Network
Security. Applied Mechanics and Materials, 220-223, pp.2945-2948.
Haji Nur, A. (2014). Performance Analysis of LAN and VLAN Using Soft Computing
Techniques. IOSR Journal of Electronics and Communication Engineering, 9(6), pp.10-16.
Hunter, W. (2013). The Visual Representation of Border Tourism: Demilitarized Zone (DMZ)
and Dokdo in South Korea. International Journal of Tourism Research, 17(2), pp.151-160.
Jo, J., Jang, H., Lee, K. and Kong, J. (2015). SDN-Based Intrusion Prevention System for
Science DMZ. The Journal of Korean Institute of Communications and Information Sciences,
40(6), pp.1070-1080.
Kim, J. (2014). Jeungsan Thoughts and DMZ World Eco-peace Park - Universal Redesign for
the Foremost Leading Country centering on Korea -. The Journal of Daesoon Academy of
Sciences, 24(1), pp.97-144.
Ko, M., Ko, J. and Kim, H. (2015). Appearance Patterns of Freshwater Fish in Western DMZ
Adjacent Areas, Gyeonggi-do, Korea. Korean Journal of Ecology and Environment, 48(1),
pp.38-50.
Lee, S. and Kim, S. (2015). Proceeding Strategies for Establishing of the DMZ World Peace
Park for the Laying of the Foundation for Unification. Journal of Digital Convergence, 13(4),
pp.9-24.
Li, F., Yang, J., An, C., Wu, J. and Wang, X. (2014). Towards centralized and semi-automatic
VLAN management. International Journal of Network Management, 25(1), pp.52-73.
47

Patulak, A., Purwadi, J. and Herlina R., T. (2015). IMPLEMENTASI METODE USER
CENTERED DESIGN DALAM PERANCANGAN APLIKASI PEMBELAJARAN VLAN &
INTER-VLAN ROUTING. Jurnal Informatika, 11(1).
Schoofs, A., Ruzzelli, A. and O’Hare, G. (2011). VLAN auditing for preliminary assessment of
after hours networked equipment electricity wastage. Energy, 36(12), pp.6910-6921.
Shin, H., An, J., Kim, S., Heo, T., Kwon, Y., Lee, Y. and Yoon, J. (2015). Vascular PLANts of
Hak Reservoir Valley in Korea DMZ Area. Korean Journal of PLANt Resources, 28(4), pp.475-
486.
TANIMOTO, S. (2005). A Proposal of Various IP Mobility Services to Apply the Mobile VLAN
in the Ubiquitous Environment. IEICE Transactions on Communications, E88-B(7), pp.2743-
2755.
Young Song, J. (2016). DMZ Cultural Center: The Role of Shared Space in the Korean
Peninsula Crisis Centro Cultural DMZ: El rol del espacio compartido en la crisis de la península
coreana. Dearq Revista de Arquitectura / Journal of Architecture, (18), pp.56-67.
Barhoom, T. and Elrayyes, E. (2014). Model for Strengthening Accuracy through Detection of
Anomalous Firewall Policy Rules. International Journal of Innovative Research in Computer
and Communication Engineering, 02(12), pp.7116-7124.
Brucker, A., Brügger, L. and Wolff, B. (2014). Formal firewall conformance testing: an
application of test and proof techniques. Software Testing, Verification and Reliability, 25(1),
pp.34-71.
Caro, L., Papadimitriou, D. and Marzo, J. (2009). Enhancing label space usage for Ethernet
VLAN-label switching. Computer Networks, 53(7), pp.1050-1061.
Chintalapudi, K. and Varma, P. (2016). A Study on Home Office Firewall. IJARCCE, 5(12),
pp.13-17.
Hwang, D., Lee, B. and Yeom, D. (2013). Is the firewall consistent? Gedanken experiments on
black hole complementarity and firewall proposal. Journal of Cosmology and Astroparticle
Physics, 2013(01), pp.005-005.
48

Joshi, P. (2016). Implementing Firewall using IP Tables in Linux. International journal of
Emerging Trends in Science and Technology.
K, A. and B, S. (2014). Auto Finding and Resolving Distributed Firewall Policy. IOSR Journal
of Computer Engineering, 16(5), pp.93-97.
Khan (2013). A Quantitative Analysis of Firewall Impact on Critical Data
Communication. Journal of Basic & Applied Sciences.
LI, Q. (2008). Design and implementation of network firewall system based on Godson
CPU. Journal of Computer Applications, 28(6), pp.1372-1375.
Liao, Q., Li, Z. and Striegel, A. (2011). Could firewall rules be public - a game theoretical
perspective. Security and Communication Networks, 5(2), pp.197-210.
Meddeb, A. (2012). On building multiple spanning trees and VLAN assignment in metro
ethernet networks. Networks, 61(3), pp.263-280.
SinghArneja, P. and Sachdev, S. (2015). Detailed Analysis of Antivirus based Firewall and
Concept of Private Cloud Antivirus based Firewall. International Journal of Computer
Applications, 111(4), pp.16-23.
TANG, Y. (2009). Rule matching mapping algorithm for firewall based on rule decomposion
mapping. Journal of Computer Applications, 29(11), pp.2969-2971.
WANG, J. and DU, F. (2009). Research of matrix bloom filter in virus filtering firewall. Journal
of Computer Applications, 29(11), pp.2939-2941.
49