PricingBlogAbout Us

BN305 Assignment 2: Secure Network Design & Implementation (VPN)

Verified

Added on  2023/06/11

|14
|1505
|144
Report
AI Summary
This report presents a secure network design and implementation plan for PenCapital, a financial organization requiring enhanced security for sensitive financial data. The proposed solution involves creating a virtual private network (VPN) to connect the headquarters in Sydney with branch offices in Melbourne and Moscow. The design includes physical and logical network layouts, IP addressing schemes for various network components (routers, servers, PCs), and the implementation of VPN services and a firewall DMZ zone. Security features and policies are outlined to protect organizational information, and redundancy and failover plans are discussed to ensure business continuity. The report details the use of SSL VPN gateways for secure remote access and Cisco ASA firewalls for network protection, aiming to provide a secure and scalable network infrastructure for PenCapital.
Document Page
VIRTUAL PRIVATE NETWORK
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Table of Contents
1 Introduction..............................................................................................................................3
2 Network Design........................................................................................................................3
2.1 Physical Design.................................................................................................................3
2.2 Logical Design..................................................................................................................4
2.3 IP Addressing....................................................................................................................5
3 Implementation.......................................................................................................................11
3.1 VPN service Implementation..........................................................................................11
3.2 Firewall DMZ zone Implementation...............................................................................12
3.3 Security Features and Policies........................................................................................12
3.4 Redundancy and Failover Plans......................................................................................13
References......................................................................................................................................13
2
Document Page
1 Introduction
This project aims to build the secure network for a recently established organization called
PenCapital. This organization is deals with sensitive financial information provided by
organization customers. But, it has the concerns about the network risks on organization network
connection. The current network for PenCapital organization does not provide the secure
network. So, the organization CEO was decided to create the secure network to secure the
sensitive financial information they possess the might fall into the hands of their competitors.
This organization has one head quarter offices and it located in Sydney. It also has two branch
offices that are located in Melbourne and Moscow. The head quarter has three servers like
accounting server, email server and web server. These servers are placed on the DMZ zone
network which is protected by the firewall. But, the accounting server is not placed on DMZ
zone. So, it does not provide the security for financial information because all the employees are
work remotely should have access to the accounting server. So, proposed network should be
providing the secure network for an organization [1].
2 Network Design
2.1 Physical Design
The physical Design is shown below [2].
3
Document Page
2.2 Logical Design
The logical Design is shown below [3].
4
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
2.3 IP Addressing
IP addressing for Sydney Head Office is shown in below [4].
Router
The router has the
IP address - 192.168.1.0,
Subnet mask - 255.255.255.248
Default Gateway - 192.168.1.1
E- Mail Server
The E-mail Server has the
IP address - 192.168.1.6
Subnet mask - 255.255.255.248
Default Gateway - 192.168.1.1
Web server
5
Document Page
The Web Server has the
IP address - 192.168.1.7
Subnet mask - 255.255.255.248
Default Gateway - 192.168.1.1
Accounting Server
The Accounting Server has the
IP address - 192.168.1.110
Subnet mask - 255.255.255.248
Default Gateway - 192.168.1.1
Firewall
The firewall has the
IP address - 192.168.1.7
Subnet mask - 255.255.255.248
6
Document Page
Default Gateway - 192.168.1.1
PC- 1
The PC 1 has the
IP address - 192.168.1.108,
Subnet mask - 255.255.255.248 and
Default Gateway - 192.168.1.1
PC-2
The PC 2 has the
IP address - 192.168.1.109,
Subnet mask - 255.255.255.248
Default Gateway - 192.168.1.1
IP addressing for Branch Office - 1 is shown in below [5].
Router
7
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
The router has the
IP address - 192.168.1.0
Subnet mask - 255.255.255.248
Default Gateway - 192.168.1.1
PC – 1
The PC 1 has the
IP address - 192.168.1.103
Subnet mask - 255.255.255.248
Default Gateway - 192.168.1.1
PC – 2
8
Document Page
The PC 2 has the
IP address - 192.168.1.104
Subnet mask - 255.255.255.248
Default Gateway - 192.168.1.1
PC – 3
The PC 3 has the
IP address - 192.168.1.105
Subnet mask - 255.255.255.248
Default Gateway - 192.168.1.1
IP addressing for Branch Office - 2 is shown in below [6].
Router
The router has the
9
Document Page
IP address - 192.168.1.0
Subnet mask - 255.255.255.248
Default Gateway - 192.168.1.1
PC - 1
The PC 1 has
IP address - 192.168.1.100
Subnet mask - 255.255.255.248
Default Gateway - 192.168.1.1
PC – 2
The PC 2 has the
IP address - 192.168.1.101
Subnet mask - 255.255.255.248
Default Gateway - 192.168.1.1
PC – 3
10
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
The PC 3 has the
IP address - 192.168.1.102,
Subnet mask - 255.255.255.248
Default Gateway - 192.168.1.1
3 Implementation
3.1 VPN service Implementation
The VPN implementation uses the virtual private networks technology to offers the
companies a safe and it help to take advantage of the VPN solutions included in windows
operating systems with security options and features [7]. The VPN implementation is given
below.
The VPN implementation is used to encrypt the data from one VPN gateway to the other.
It is used to enables the resources sharing. The VPM implementation requires the following
components like VPN gateway, internal servers, remote host, authentication server and
certificate authority. These are maintaining the user’s information and internal resources. Here,
11
Document Page
we will use SSL VPN gateway to establish the connection between the SSL connection and SSL
VPN gateway and it used to identify the authentication on the remote host.
The VPN implementation is used to provide the security while accessing the user mission
critical information and it requires the less hardware to reduce the number of telephone lines
needed for internet access. It provides the VPN module and it is used to offers the best return on
your investment. The VPN solutions are meets the user requirement and it keeping in minds the
scalability. It ensures the functionality of the specific solution in user production network. It
improves the VPN functionality and scalability to provide the effective network.
3.2 Firewall DMZ zone Implementation
The PenCapital organization uses the Cisco ASA firewalls to integrate the multiple
enterprise class and next generation network security services without sacrificing the network
performance. It provides the security firewall with security zones to protect the organization
financial sensitive information. The Firewall DMZ is used to protect the organization server from
the local intranet [8]. The firewall implementation is shown below.
The firewall implementation aims to establish a controlled link. It is used to protect the
promises the network from internet based attached and it provide the single choke point to
protect the organization network. It allows only authorized traffic to pass the packets. It allows
the network administrators to control, track specific user activity and it provides the increased
management responsibilities to makes the network troubleshooting more easily.
3.3 Security Features and Policies
The PenCapital organization is has the security policies to provide the security features for
an organization. The security policies are used to ensure the security of the network and
computer system in an organization. It is used to clarifies, communicates and translates the
12
Document Page
management position on the security [9]. The security policies are acts as bridge between
security requirements and management objectives. It specifies the mechanism for security and it
provides the baseline for the organization computer system. The security features are used to
protect the organization information and people. It authorizes the staff to investigate; probe and
monitor. It meets the needs of the entire audience of an organization.
3.4 Redundancy and Failover Plans
The network redundancy and network failover plan is requires the access to corporate
resources and reliable network connectivity. The redundancy and failover plans are used to
realize the strategies of solid business continuity and redundancy technologies. The network
failover and redundancy plans are must be considered in the organization. The network
redundancy and failover plan are used describes the uptime and the organization has the goal of a
system to be redundant or have a failover capability [10].
References
[1]S. Singh and A. Thronas, Second line of defense. Richland, Wash.: Pacific Northwest National
Laboratory, 2010.
[2]J. Kurose and K. Ross, Computer networking. Harlow: Pearson Education, 2017.
[3]C. Matei, CCNP Security VPN 642-648 quick reference. Indianapolis, Ind.: Cisco Press, 2012.
[4]M. Greer, VMware vSphere Security Cookbook. Packt Publishing, 2014.
[5]C. Matei, CCNP Security VPN 642-648 quick reference. Indianapolis, Ind.: Cisco Press, 2012.
[6]H. Hooper, CCNP security VPN 642-648 offical cert guide. Indianapolis, IN: Cisco Press,
2012.
13
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
[7]N. Liu, Isotopic compositions of s-process elements in acid-cleaned mainstream presolar
silicon carbide. 2014.
[8]D. Lin, G. Tsudik and X. Wang, Cryptology and network security. Berlin: Springer, 2011.
[9]S. Huang, Network security. [Place of publication not identified]: Springer, 2014.
[10]D. Lin, G. Tsudik and X. Wang, Cryptology and network security. Berlin: Springer, 2011.
14
chevron_up_icon
1 out of 14
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

© 2024   |   Zucol Services PVT LTD   |   All rights reserved.