Technology Implementation of Security Controls.
Added on - 13 Sep 2019
Technology Implementation of Security ControlsOverviewFNU is a higher educational organization for long distance learning. This is the first educationalorganization providing online courses in the country. The university runs online training and courses; itrequires a network infrastructure of very high performance to provide Quality of Services to the endusers.Network Requirements:1.Improvements with issues in online assignment submissions.2.Implementation of bring your own device policy by adhering wireless network in the campus.This enables the students to work on their own laptops, tablets, notebooks and smartphones.3.With WAT it will allow users (students and staff members) to access network facilities fromtheir homes.4.Security measures must be taken to safeguard data from the hackers.5.Providing Quality of Services to the network users both at on-campus and off-campus.The university provides off-campus distance learning and hence must be available at any time for itsdistance learners. Moreover, it requires the student’s on-campus to submit their assignments online;hence availability of network is very important at that part as well.FNU must also provide Bring Your Own Device and Work AT Home policies in the network for moreusability in the network. These policies are highly needed at the university since it is affecting theusability of the network. Once more and more personal devices can be connected to the network, it willaffect in overall students learning process.FNU needs to implement a secure wireless network which safeguards student’s login credentials, files,and other important assets. Moreover, it may restrict the intruder getting into the network byfacilitating strict security measures. Authentication will also need once BYOD and WAT policies discussedabove are implemented in the network to filter illegal activities. The other security measures should alsobe taken to protect important files in the server.Security Controls for Wireless Network:
1.Centralized Authentication2.Authorization3.CryptographySecurity Controls for BYOD:1.Device Fingerprinting2.Desktop / Application VirtualizationCentralized AuthenticationObjectiveBeing a large network, FNU needs to employ authentication schemes to make the network secure andprotect it from outside users. The centralized authentication is required since students and staff may login from their devices also and in that case, logging in every time for different devices will create an extraoverhead. Hence, centralized authentication should be employed in the system. There are differentprotocols for authentication; the one that will be used for FNU’s network is a LDAP Protocol.LightweightDirectory Access Protocol (LDAP) is a directory server that allows grouping of users in the network andassigns different authorities to them. The directory server, LDAP stores username, full names, telephonenumbers and email addresses of the users.Resources UsedMinimum hardware requirements:Processor: Quad core 2GHz.10GB Space for database6GB RAMMinimum Software Requirements:Windows OS 7 or aboveWindows Server 2012 R2SSL/TLS librariesDeveloping the control
Description of the SystemSoftware :Language: Java 7Platform: NetBeans 7.4Hardware:OS: Windows 8RAM: 4GBHDD: 500GBProcessor: Intel i5
Block DiagramFigure1Block Diagram of Network for LDAPConfiguration of the systemConfiguration guide for setting upLDAPon SSLThe complete steps are divided into 2 major sections:1.Make a Virtual Windows Server in Azure2.Setup LDAP on SSL1.Make a Virtual Windows Server in AzureAdd AD LDS in Virtual Machine ldapstestClick on Start --> Server Manager --> Add Roles and Features. Click Next.