Developing A Network Security Plan (PDF)
Added on 2021-05-31
14 Pages6430 Words23 Views
|
|
|
Network Security Plan
Introduction
The paper mainly focusses on the organization “The First National University (FNU)
which is one of the education institution. It is found that due to absence of proper network
system, the organization wants to implement proper security related measures so that the
security issues that the organization faces can be properly resolved. The plan of network
security is mainly deployed in order to make sure that wide area network of the university
must be effectively deployed. The organization mainly have 10 campus in the metropolitan
cities and other 5 campuses with other regional areas. Thus, effective communication is quite
essential for the organization. Moreover it is found that due to deployment of WAN
connection have creates more challenges for the organization due to complex ICT
infrastructure, exhaustion of resources as well as due to the security challenges. It is found
that the implications of the various security related functions would be quite beneficial for
effective communication network as well as network connection. It is found that would
generally helpful in protecting the entire network from information extraction as well as from
external infiltration. The security related challenges like authorization, authentication,
IDS/IPS is quite helpful for easing the entire implications for the security functions which are
generally utilized by the FNU.
Scope
The scope of the project are as follows:
Development of network of the organization for improving the facilities that are
associated with network communication
Effective as well as proper deployment of the entire operation that generally
favours the implications of the security within the university
The implications of security is dependent on various types of innovative
technologies as well as implementation of number of functional activities within
FNU.
The project implications mainly include proper systematic deployment of various
types of security policies that generally helps in forming appropriate design of the
network
Utilization of various policies of network security implementation
Objectives
The project is mainly developed in order to improve the fcailities of network
connection within the orgnaization that would generally form proper deployment of
organizational operations which will mainly favour the proper security related implications
within FNU. The project objectives are listed below:
To improve the communication as well as network connection by utilizing new
network designed that is mainly developed with the help of the concept of engineering
design
To determine the security issues and vulnerabilities that are associated with network
design for ensuring the root causes of the various issues.
To develop proper policies that is quite helpful in improving the security of the entire
network
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Introduction
The paper mainly focusses on the organization “The First National University (FNU)
which is one of the education institution. It is found that due to absence of proper network
system, the organization wants to implement proper security related measures so that the
security issues that the organization faces can be properly resolved. The plan of network
security is mainly deployed in order to make sure that wide area network of the university
must be effectively deployed. The organization mainly have 10 campus in the metropolitan
cities and other 5 campuses with other regional areas. Thus, effective communication is quite
essential for the organization. Moreover it is found that due to deployment of WAN
connection have creates more challenges for the organization due to complex ICT
infrastructure, exhaustion of resources as well as due to the security challenges. It is found
that the implications of the various security related functions would be quite beneficial for
effective communication network as well as network connection. It is found that would
generally helpful in protecting the entire network from information extraction as well as from
external infiltration. The security related challenges like authorization, authentication,
IDS/IPS is quite helpful for easing the entire implications for the security functions which are
generally utilized by the FNU.
Scope
The scope of the project are as follows:
Development of network of the organization for improving the facilities that are
associated with network communication
Effective as well as proper deployment of the entire operation that generally
favours the implications of the security within the university
The implications of security is dependent on various types of innovative
technologies as well as implementation of number of functional activities within
FNU.
The project implications mainly include proper systematic deployment of various
types of security policies that generally helps in forming appropriate design of the
network
Utilization of various policies of network security implementation
Objectives
The project is mainly developed in order to improve the fcailities of network
connection within the orgnaization that would generally form proper deployment of
organizational operations which will mainly favour the proper security related implications
within FNU. The project objectives are listed below:
To improve the communication as well as network connection by utilizing new
network designed that is mainly developed with the help of the concept of engineering
design
To determine the security issues and vulnerabilities that are associated with network
design for ensuring the root causes of the various issues.
To develop proper policies that is quite helpful in improving the security of the entire
network
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
To develop plan for network security that must be favourable for the requirements of
FNU
To implement various types of policies
Assumptions
The main aim of the project is to improve the facilities of network communication
within the organization of FNU for proper as well as effective deployment of entire
operations that generally favours the security related implications within the university. The
network design that is created generally involves factors like:
Security assumptions: The security functions that is mainly implemented is mainly
dependent on the assumptions, which are listed below:
Physical contact with the various devices will not be created
The security plan that would be implemented will be feasible
The network related design that would be developed would be helpful in sustaining
various network security tools
External disturbances will not be present within the network communication
Design assumptions: The network design development would include number of
assumptions that are listed below:
Effective function implementation including network communication related principle
Needed routers and switches
Area, which is mainly covered by the routers.
Risk Analysis
Asset Identification and Assessment
The risk analysis is done with the help of the method which include risk
identification, risk assessment and risk classification. The organization “FNU” would
generally require proper risk analysis in order to determine the risks that are associated with
the network by analyzing the fact that whether the risks that are identified would create
negative impact on the organization or not. The risks that are associated with FNU will
generally be classified with the help of challenges, threats as well as vulnerabilities. The risks
that are identified are quite harmful and thus they can create negative impact on the existing
communication of the University.
Identification of the Asset and Identification of the risk
Physical Assets
The physical threats of the FNU include the various hardware of the ICT infrastructure that
had been deployed at the University. The physical asset analysis would be based on the
division of the work structure in the four sites of FNU. The physical assets would involve the
various hardware and tools required for setting the network structure of the organization. The
dual monitors staff 2000 PCs, headsets, webcams, 20 networked Laser Printers, 50 computer
labs with 1200 Desktop PCs and 50 printers, VoIP video phones are present at each of the
Headquarters (main campus) of FNU. Each of the Metro and Regional campuses have
Desktop 250 PCs, 4 networked Laser Printers, 10 computer labs with 240 PCs and 10
printers. The Operation site and backup has desktop 250 PCs, 4 networked Laser Printers, 10
computer labs with 240 PCs and 10 printers. All these acts as the physical assets for the
university as they are the tangible components bought for setting the network infrastructure.
The physical asset would also comprise of the land area for which the campuses of the
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
FNU
To implement various types of policies
Assumptions
The main aim of the project is to improve the facilities of network communication
within the organization of FNU for proper as well as effective deployment of entire
operations that generally favours the security related implications within the university. The
network design that is created generally involves factors like:
Security assumptions: The security functions that is mainly implemented is mainly
dependent on the assumptions, which are listed below:
Physical contact with the various devices will not be created
The security plan that would be implemented will be feasible
The network related design that would be developed would be helpful in sustaining
various network security tools
External disturbances will not be present within the network communication
Design assumptions: The network design development would include number of
assumptions that are listed below:
Effective function implementation including network communication related principle
Needed routers and switches
Area, which is mainly covered by the routers.
Risk Analysis
Asset Identification and Assessment
The risk analysis is done with the help of the method which include risk
identification, risk assessment and risk classification. The organization “FNU” would
generally require proper risk analysis in order to determine the risks that are associated with
the network by analyzing the fact that whether the risks that are identified would create
negative impact on the organization or not. The risks that are associated with FNU will
generally be classified with the help of challenges, threats as well as vulnerabilities. The risks
that are identified are quite harmful and thus they can create negative impact on the existing
communication of the University.
Identification of the Asset and Identification of the risk
Physical Assets
The physical threats of the FNU include the various hardware of the ICT infrastructure that
had been deployed at the University. The physical asset analysis would be based on the
division of the work structure in the four sites of FNU. The physical assets would involve the
various hardware and tools required for setting the network structure of the organization. The
dual monitors staff 2000 PCs, headsets, webcams, 20 networked Laser Printers, 50 computer
labs with 1200 Desktop PCs and 50 printers, VoIP video phones are present at each of the
Headquarters (main campus) of FNU. Each of the Metro and Regional campuses have
Desktop 250 PCs, 4 networked Laser Printers, 10 computer labs with 240 PCs and 10
printers. The Operation site and backup has desktop 250 PCs, 4 networked Laser Printers, 10
computer labs with 240 PCs and 10 printers. All these acts as the physical assets for the
university as they are the tangible components bought for setting the network infrastructure.
The physical asset would also comprise of the land area for which the campuses of the
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
university is spread. Although the location would not be effected by the network
vulnerabilities and threats.
Non-Physical Assets
The non-physical threats of the FNU include the various software, network, cost, and network
storage of the ICT infrastructure that had been deployed at the University. The nonphysical
asset analysis would be based on the division of the work structure in the four sites of FNU.
The non-assets would involve the various virtual tools and elements required for setting the
network structure of the organization. The nonphysical assets like 500 Windows 7 operating
system, one network attachment storage for local storage, and 100Base-TX Switched
Ethernet is present at the each of the Metro and Regional campuses. The nonphysical assets
like 1200 Windows 10 operating system, one network attachment storage (NAS) for local
storage, and 100Base-TX Switched Ethernet is present at the each of the Headquarters (main
campus). The Operations site comprises of 500 Combination of Windows and Linux servers
as Operating systems along with tools like file, web, mail, DHCP, DNS, Authentication,
Blackboard, Domain Controllers, Database, SAN, Load Balancing and video streaming
servers as the nonphysical assets. The learning management and student information systems,
ERP services, investments in sites, and networking principles also act as the non-physical
assets of FNU.
Risks
Individual Asset Risk Analysis
: The individual asset risk analysis is based on the development of the effective risk
assessment for the network connection operations of FNU. The individual risk analysis would
be based for the deployment of the activities favouring the identification of the risk factors.
The various risk factors would be analysed based on the implication of the effective
development of the network design and using network monitoring tools for forming the major
glitches in the network. The probable risk factors for the network connection deployment at
FNU are exposure of the key university applications and services to external individuals due
to the cloud deployment, inappropriate access and use of resources, unauthorised and
malicious internal and external network attacks, and network redundancy. All these issues
would result in forming the major problems for the implementation of the network
connection for the FNU. The issues would result in forming the direct and indirect impact on
the physical and nonphysical assets of FNU. The risk factor would form the issues in
management of the communication for the FNU and it would result in forming the major
issues for the management of the various locations on a single network connection.
Risk Summary
The probable risks of the network implementation are exposure of the key university
applications and services to external individuals due to the cloud deployment, inappropriate
access and use of resources, unauthorised and malicious internal and external network
attacks, and network redundancy. The migration of the key applications and operations would
result in making the data and information available on the cloud platform that can be
accessed from any location resulting in possibility of data misuse and modification. The
possibility of unauthorised and malicious internal and external network attacks is another
major factor that would form the issue in the development of the effective network. The
attacks would result in making the system unable to work and process the query. The attacks
not only make the network slow and sluggish, but it also forms the issues of data interception
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
vulnerabilities and threats.
Non-Physical Assets
The non-physical threats of the FNU include the various software, network, cost, and network
storage of the ICT infrastructure that had been deployed at the University. The nonphysical
asset analysis would be based on the division of the work structure in the four sites of FNU.
The non-assets would involve the various virtual tools and elements required for setting the
network structure of the organization. The nonphysical assets like 500 Windows 7 operating
system, one network attachment storage for local storage, and 100Base-TX Switched
Ethernet is present at the each of the Metro and Regional campuses. The nonphysical assets
like 1200 Windows 10 operating system, one network attachment storage (NAS) for local
storage, and 100Base-TX Switched Ethernet is present at the each of the Headquarters (main
campus). The Operations site comprises of 500 Combination of Windows and Linux servers
as Operating systems along with tools like file, web, mail, DHCP, DNS, Authentication,
Blackboard, Domain Controllers, Database, SAN, Load Balancing and video streaming
servers as the nonphysical assets. The learning management and student information systems,
ERP services, investments in sites, and networking principles also act as the non-physical
assets of FNU.
Risks
Individual Asset Risk Analysis
: The individual asset risk analysis is based on the development of the effective risk
assessment for the network connection operations of FNU. The individual risk analysis would
be based for the deployment of the activities favouring the identification of the risk factors.
The various risk factors would be analysed based on the implication of the effective
development of the network design and using network monitoring tools for forming the major
glitches in the network. The probable risk factors for the network connection deployment at
FNU are exposure of the key university applications and services to external individuals due
to the cloud deployment, inappropriate access and use of resources, unauthorised and
malicious internal and external network attacks, and network redundancy. All these issues
would result in forming the major problems for the implementation of the network
connection for the FNU. The issues would result in forming the direct and indirect impact on
the physical and nonphysical assets of FNU. The risk factor would form the issues in
management of the communication for the FNU and it would result in forming the major
issues for the management of the various locations on a single network connection.
Risk Summary
The probable risks of the network implementation are exposure of the key university
applications and services to external individuals due to the cloud deployment, inappropriate
access and use of resources, unauthorised and malicious internal and external network
attacks, and network redundancy. The migration of the key applications and operations would
result in making the data and information available on the cloud platform that can be
accessed from any location resulting in possibility of data misuse and modification. The
possibility of unauthorised and malicious internal and external network attacks is another
major factor that would form the issue in the development of the effective network. The
attacks would result in making the system unable to work and process the query. The attacks
not only make the network slow and sluggish, but it also forms the issues of data interception
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
and forgery. Anyone would be able to change the existing data forming the issues in the
alignment of the operations for FNU. The DDoS attacks is an example for the attack on the
network that would result in harming the operations of the activities. Network redundancy is
related to the traffic issues in the network that can be caused from deliberate and accidental
reasons.
Threats, Challenges and Vulnerabilities
Threats
The threats in network connection can result in forming the issues in the deployment of the
network from external factors. The threats in network can be divided into four variants
namely external threat, internal threat, structured threat, and unstructured threat. The
unstructured threats to the network would include the inexperienced individuals using
password crackers and shell scripts. These two can be used for hacking into the easily
decrypted password protection and extract information. The structured threats involve the
inclusion of the threat of exploitation of the scripts and codes forming the major influence in
the development of the activities. The advanced hackers and cyber criminals would include
the use of advanced hacking methods for forming the major influence in the application
development. The external attacks would result in making the system unable to work and
process the query. The attacks not only make the network slow and sluggish, but it also forms
the issues of data interception and forgery. Anyone would be able to change the existing data
forming the issues in the alignment of the operations for FNU. The DDoS attacks is an
example for the attack on the network that would result in harming the operations of the
activities. The internal attacks are the person specific attacks caused by the person working in
the network gaining the authentication. The individuals might extract the information from
the network by gaining the access to the network and use it for personal use.
Challenges
The challenges of the network are the various issues that would be generated for the
deployment of the network connection. The implementation had been facing the issue of
complex ICT infrastructure, large exhaustion of the resources, and the security issues. The
probable risk factors for the network connection deployment at FNU are exposure of the key
university applications and services to external individuals due to the cloud deployment,
inappropriate access and use of resources, unauthorised and malicious internal and external
network attacks, and network redundancy. All these issues would result in forming the major
problems for the implementation of the network connection for the FNU. The major
challenges of the project are Password attacks, Trust exploitation, Port redirection, Man-in-
the-middle attacks, Social engineering, and Phishing.
Vulnerabilities
The vulnerabilities in the network connection can be identified as the specific ‘soft spots’ or
internal weaknesses that can result in the occurrence of the network risk occurrence. There
are many reasons due to which the network issues can be raised and it includes the probable
factors of the design or implementation errors of FNU. The technological vulnerabilities that
might impact the network development security functions are operating system weaknesses,
TCP/IP protocol weaknesses, and network equipment weaknesses. The configuration that
might impact the network development security functions are use of easy passwords that can
be deciphered easily, Unsecured user accounts, unsecured default settings, and misconfigured
internet services. The security policy weaknesses that might impact the network development
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
alignment of the operations for FNU. The DDoS attacks is an example for the attack on the
network that would result in harming the operations of the activities. Network redundancy is
related to the traffic issues in the network that can be caused from deliberate and accidental
reasons.
Threats, Challenges and Vulnerabilities
Threats
The threats in network connection can result in forming the issues in the deployment of the
network from external factors. The threats in network can be divided into four variants
namely external threat, internal threat, structured threat, and unstructured threat. The
unstructured threats to the network would include the inexperienced individuals using
password crackers and shell scripts. These two can be used for hacking into the easily
decrypted password protection and extract information. The structured threats involve the
inclusion of the threat of exploitation of the scripts and codes forming the major influence in
the development of the activities. The advanced hackers and cyber criminals would include
the use of advanced hacking methods for forming the major influence in the application
development. The external attacks would result in making the system unable to work and
process the query. The attacks not only make the network slow and sluggish, but it also forms
the issues of data interception and forgery. Anyone would be able to change the existing data
forming the issues in the alignment of the operations for FNU. The DDoS attacks is an
example for the attack on the network that would result in harming the operations of the
activities. The internal attacks are the person specific attacks caused by the person working in
the network gaining the authentication. The individuals might extract the information from
the network by gaining the access to the network and use it for personal use.
Challenges
The challenges of the network are the various issues that would be generated for the
deployment of the network connection. The implementation had been facing the issue of
complex ICT infrastructure, large exhaustion of the resources, and the security issues. The
probable risk factors for the network connection deployment at FNU are exposure of the key
university applications and services to external individuals due to the cloud deployment,
inappropriate access and use of resources, unauthorised and malicious internal and external
network attacks, and network redundancy. All these issues would result in forming the major
problems for the implementation of the network connection for the FNU. The major
challenges of the project are Password attacks, Trust exploitation, Port redirection, Man-in-
the-middle attacks, Social engineering, and Phishing.
Vulnerabilities
The vulnerabilities in the network connection can be identified as the specific ‘soft spots’ or
internal weaknesses that can result in the occurrence of the network risk occurrence. There
are many reasons due to which the network issues can be raised and it includes the probable
factors of the design or implementation errors of FNU. The technological vulnerabilities that
might impact the network development security functions are operating system weaknesses,
TCP/IP protocol weaknesses, and network equipment weaknesses. The configuration that
might impact the network development security functions are use of easy passwords that can
be deciphered easily, Unsecured user accounts, unsecured default settings, and misconfigured
internet services. The security policy weaknesses that might impact the network development
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Network security Assignment PDFlg...
|25
|1745
|28
Network Security: Threats and Countermeasureslg...
|24
|6349
|50
Project Management: Implementation of Network Systemlg...
|17
|2412
|135
DATA COMMUNICATION AND NETWORKS - OVERVIEWlg...
|10
|1877
|18
System Implementation Project Plan Assignmentlg...
|11
|1378
|57
Development of Network Infrastructure: Project Managementlg...
|17
|3010
|336