Developing Network Security Policies and Guidelines for ACME

Verified

Added on 2023/04/04

AI Summary

This report details the development of a network security policy for ACME Company, a private company with 120 employees across two divisions: property management and commercial real estate. The company faces challenges including resource misuse and unauthorized access to servers by contractors and salespeople. The proposed security policies include installing and regularly updating a firewall, implementing passwords for wireless access points and devices, and ensuring physical security of networking equipment. For critical sections like enterprise applications and public servers, the report suggests access control and user authentication through unique usernames and passwords, VLAN configuration to restrict server access, and port security to limit device connections. For wireless access points, the recommendation is to use a radius server with WPA2 configuration for authorized device access. The report concludes by recommending the creation of VLANs based on company sections, the implementation of suggested security policies, hiring a security guard for physical security, and adding contractor/salesmen devices to the client authorization list to enhance overall network security. Desklib offers a variety of study tools and solved assignments for students.

Isaac.w
TEMAOS [Company address]
Network security

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Contents
Introduction......................................................................................................................................1
Scope................................................................................................................................................1
Basic Security Policies....................................................................................................................2
Creation of security policies............................................................................................................2
Creating of a Network Equipment Security Guidelines..................................................................2
Conclusion.......................................................................................................................................3
References........................................................................................................................................3

Introduction
This documentation is about network security policy. A security policy governs/takes in charge
of all the security controls in an organization with an interest of protecting the critical assets of
the organization as it offers very detailed and strict directives on the acceptability an
unacceptability on the organization’s resources. In this documentation, we shall refer to the
ACME private company networking as the case study.
Scope
The ACME private company has 120 employees with a space of 2 floors in a multi-story
building in Melbourne city. The parent company further subdivides into two divisions i.e the
property management group and the commercial real estate. The company’s data center is also
into two divisions, the primary datacentre and the secondary datacentre, which are in two leased
racks in two separate multi-tenant datacentres.
 The primary datacentre.
In this rack, contains several servers for storing their data, running the company’s enterprise
applications and managing the company emails. In this division, it hosts a DMZ consisting of the
public HTTP in a virtual server farm.
 The secondary datacentre.
This rack provides full redundancy in the company’s network.
The company has had issues with resource misuse as employees have been using the company’s
email for personal purposes and downloading of inappropriate materials from the internet
(Sanders, Nguyen, and Pascarella, Hewlett Packard Development Co LP, 2016). Apart from the
misuse of the company’s resources, the ACME is facing a challenge. The contractors and the
salespeople have been having access to all the company’s servers and that should not be the case.
The internet also has the access to all the servers despite the high profits the company has been
making and this is a threat to the stability and the future of ACME Company thus the need of
security policies in the company.

Going by the intentions of the company, there is a plan of the company’s expansion to grow by
30-50 employees and this will call for a lease of a third floor which will be a new division called
the Construction Division business unit. In the network expansion to the third floor, the company
wants to mount three wireless LANs on the three floors and move to VoIP (Khan, Baig and
Youssef, 2010).
Basic Security Policies
Apparently, the ACME does not have any working security despite the heavy profits and the size
of the company judging from the number of the employees (Van Ginneken, 2013). Going by the
company’s growth, which will also mean an expansion of the network there are several sections
that will just need some basic security policies at the primary datacentre rack.
At the modem/router, which is, tapping the internet to the ACME network, there is a need to
install a firewall to protect the data flow in and out of the network. The firewall should be
updated regularly to keep full awareness of any malicious texts on the internet and also to control
and grant permissions of the installation of application software in the company’s network.
Among the basic security policies, the wireless access points should have a password too for
authentication purposes (Bharghavan, Demers, Shenker, and Zhang, 2009). All the computers and
the access devices in the company should have a password too. Physical security is also a basic
security policy, which should ensure all the networking devices are intact and safe from wrong
hands, which may expose the configuration of the network.
The sections that very heavily rely on the basic security policy are enterprise applications and
public servers.
Creation of security policies.
Going by the sections named earlier i.e the enterprise application section and the public server
section, the two are very critical in the operation of the company. The policy to employ in these
two we ensure the access control and the authentication of the user i.e the employees.
Starting with the enterprise application, which basically deals with the organization database and
records, each user, should have an account consisting of a unique name and a unique password
(Barclay and O'neill, Computer Security Products, 2013). This will be achieved by creating a list of

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

authorized users in the enterprise system by the system admin and allocating it to the public
network where every user will be logging in using their authentication details. From the
connection of all the public network switch, the switch will be configured in a way that the port
connecting to the servers will only be accessible in a certain VLAN, for instance, say the public
virtual LAN and the servers are given a different IP address.
Creating of a Network Equipment Security Guidelines.
This involves configuring network equipment and devices as a way to ensure secure access into
the network. The configurable devices are the computers, the switch, the server, and the routers
and so on. The devices are used in the network as either for data storage, network expansion, as
access devices and as access points (Ghai, Sharma and Jain, Quantum Security, 2015).
The access of stored data can be secured through switch configuration in which the ports/the
interfaces connecting to the access devices being given access to a certain VLAN under the same
network configuration of the IP. This can also be done through port security in which only the
originally connected port in the switch is given the access.
Wireless access points being the primary targets of attacks, the security of the access point can
be improved through changing the passcode regularly. The complex policy to employ in the
wireless connection is using a radius server together with the WPA2 configuration. This policy
ensures the access of only authorized devices to access the connection. A client list is made each
having a unique name and a passcode and stored in the radius server for each device (client) and
upon keying in the details, the client is granted access.
Conclusion
The above details are explanations of network security through various security policies. I would
recommend the company to create VLANs according to the section or units it consists and
employ the above security policies to ensure network security in the company; this should
include hiring a security guard for physical security. The contractors and the salesmen should
have their devices added to the client authorization list. Upon doing so the company will be
secure.

References.
Barclay, C. and O'neill, V., Computer Security Products, Inc., 2013. Methods and apparatus for creating
and implementing security policies for resources on a network. U.S. Patent Application 13/890,942.
Bharghavan, V., Demers, A., Shenker, S. and Zhang, L., 2009. MACAW: a media access protocol for
wireless LAN's. ACM SIGCOMM Computer Communication Review, 24(4), pp.212-225.
Ghai, V., Sharma, S. and Jain, A., the Quantum Security Inc, 2015. Policy-based physical security system
for restricting access to computer resources and data flow through network equipment. U.S. Patent
9,111,088.
Khan, L.A., Baig, M.S. and Youssef, A.M., 2010. Speaker recognition from encrypted VoIP
communications. digital investigation, 7(1-2), pp.65-73.
Sanders, M.C., Nguyen, J.D. and Pascarella, R., Hewlett Packard Development Co LP, 2016. Redundant
data and power infrastructure for modular server components in a rack. U.S. Patent 7,138,733.
Van Ginneken, W., 2013. Extending social security: Policies for developing countries. Int'l Lab. Rev., 142,
p.277.