Computer Network Lab 9 Assignment: Network Security Analysis Report

Verified

Added on 2022/12/27

AI Summary

This document presents a comprehensive solution for CN Lab 9, focusing on various network security aspects. The assignment addresses five key tasks: the application of Access Control Lists (ACLs) for network traffic isolation, the utilization of Virtual LANs (VLANs) to maintain internet access, the use of the PRTG network monitoring tool, the application of Windows event log monitoring, and the utilization of Wireshark for tracking unusual network traffic. Each task explores the practical implementation and benefits of these technologies in securing and managing network infrastructure. The solution provides detailed explanations, references, and analysis of each task, offering a practical understanding of network security principles and tools. The document uses the student's name and university information, providing a well-structured and informative guide to the subject matter.

Running head: COMPUTER NETWORK
COMPUTER NETWORK
Name of student
Name of university
Author’s note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1
COMPUTER NETWORK
Table of Contents
Task 1:............................................................................................................................2
Task 2:............................................................................................................................2
Task 3:............................................................................................................................3
Task 4:............................................................................................................................3
Task 5:............................................................................................................................4
References......................................................................................................................6

2
COMPUTER NETWORK
Task 1:
The ACL could be used by the organisation for the isolation of the network traffic.
The ACL or Access Control List along with the detail to any file system of computer could
be described as the categories of the authorisations that are involved to any object (Bayesteh
et al. 2014). Any ACL specifies the major system processes or users that are allowed access
to the matters, and whatever kind of operation are permitted on any provided objects. For
each of the entry in any common ACL states any subject as well as the operation. Within
some kinds of the exclusive computer hardware, the access control list offers the rules, which
could be functional to the IP addresses or port numbers that are accessible on any layer 3 or
majorly the host and individually with the categories of the hosts or the networks that have
the permission of using the service (Setapa and Suhilah 2014). Even though it is furthermore
possible for configuring the access control lists founded on the domain names in the network
and this is the questionable idea due to the fact that the individual UDP, TCP as well as the
ICMP headers does not contain the names of domain.
Task 2:
The VLAN could be used for the retain the internet access in the network. The Virtual
LAN could be described as the concept where the devices could be divided logically on the
layer 2 (Liyanage and Gurtov 2014). Commonly the layer 3 devices majorly divides the
broadcast domain but the division of the broadcast domain could be done by the switches by
the proper utilisation of the VLAN. The domain of broadcast is the segment of the network in
which if any devices executes the broadcasting of any packet then all device within the
similar broadcast would receive it. The devices within the similar broadcast domain would
receive majority of the broadcast packet but it is restricted to the switches solely as the
routers does not forward out the broadcast packet (Wang et al. 2014). For the forwarding of

3
COMPUTER NETWORK
the packets to any dissimilar VLAN or the broadcast domain, the inter VLAN routing is
required. With the use of the VLAN, the dissimilar small size sub networks could be created
whose handling is significantly easy than the other VLAN. The advantages of the VLAN are
majorly described as the performance, the formation of the virtual groups, extensive security,
increased flexibility and the cost reduction.
Task 3:
The PRTG network monitoring tool could be utilised for the monitoring of the
network traffic significantly. The PRTG network monitor helps in ensuring that the users
receive the proper notification prior any outages takes place. It significantly upsurges the
network effectiveness by the proper pursuing of the bandwidth and the resource intake. The
PRTG network monitoring software could be discovered as significantly easy to use after the
simplified methods of installation (Solomon, Zungeru and Selvaraj 2016). It major supports
the remote management through the proper utilisation of the web browser or any smart
phone, the several methods of notifying and the multiple location monitoring. The network
monitoring is significantly useful in several organisations in the present times as it helps in
understanding of the network condition and the idea about the data flow could be studied.
The correct monitoring tool not solely ensures that the proper notification is received prior
any outage takes place but it also helps in increasing the network efficiency by the extensive
tracking of the resource consumption and the bandwidth (Adekolu, Khan and Neelam 2014).
The major benefits of the network monitoring tool could be reduced inefficiency and the
downtime, the increased customer satisfaction using the easier and dependable system.
Task 4:
The Windows event log monitoring tool could be extensively used by any
organisation for maintaining the logs of the systems. the infrastructure of any organisation

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4
COMPUTER NETWORK
constantly generates the log data for helping with the improvement with the insight about the
performance, and the monitoring logs within the real time could provide the instant insight
that is required by the organisational IT department (Vaarandi and Pihelgas 2014). The
monitoring, collecting, consolidating and the analysis of the windows Event log information
by the utilisation of the sole tool could help in discovering the root cause of any failure faster.
The event log monitoring tools that provides the required capability for the searching the
windows event could significantly prove to be essential as majority of the optimal benefits to
the users in the terms of the saving of time and the elimination of any extra work. The log
analyser not solely allows the proper searching of the logs but it also helps in building of the
intuitive, out of the box filters for allowing the easily refining of the monitored log data for
assisting with the source of the issues (Joshi, Bista and Ghimire 2014). With the utilisation of
extensive search engine that is embedded with the Log analyser, the users could discover the
Windows Event Log entries of any interest.
Task 5:
Wireshark could be significantly utilised for the tracking of any unusual traffic in the
networks of the organisation. Wireshark is the free open source analyser for the packets in
any network. It is majorly exploited for troubleshooting in any network, the analysis,
software and the development of the communications protocol and the education (Sanders
2017). The wireshark is considered as the cross platform exploiting QT widget toolkit within
present issues for the operation of user interface as well as utilising pcap for the capturing of
packets. The wireshark allows any user to implement the interface controllers in any network
into the uninhibited mode, for allowing the visibility of the complete traffic on the interface,
which comprises of the traffic, which could not be transmitted to the MAC address of the
network interface controller (Chappell 2017). Moreover, when the apprehending is done with
the packet analyser in the uninhibited mode on any port of any network switch, not complete

5
COMPUTER NETWORK
traffic through switch is essentially transmitted to that port wherever the capture is executed
so the apprehending in the uninhibited is not essentially adequate for viewing all the complete
traffic of the network.

6
COMPUTER NETWORK
References
Adekolu, A.M., Khan, H. and Neelam, N., 2014. Network Monitoring.
Bayesteh, A., Yi, E., Nikopour, H. and Baligh, H., 2014, August. Blind detection of SCMA
for uplink grant-free multiple-access. In 2014 11th international symposium on wireless
communications systems (ISWCS) (pp. 853-857). IEEE.
Chappell, L., 2017. Wireshark 101: Essential Skills for Network Analysis-Wireshark Solution
Series. Laura Chappell University.
Joshi, B., Bista, U. and Ghimire, M., 2014, April. Intelligent clustering scheme for log data
streams. In International Conference on Intelligent Text Processing and Computational
Linguistics (pp. 454-465). Springer, Berlin, Heidelberg.
Liyanage, M. and Gurtov, A., 2014. Securing virtual private LAN service by efficient key
management. Security and Communication Networks, 7(1), pp.1-13.
Sanders, C., 2017. Practical packet analysis: Using Wireshark to solve real-world network
problems. No Starch Press.
Setapa, S. and Suhilah, T.P., 2014. An Access Control List for Role-Based System: An
Observation and Recommendation. International Journal of Information and Education
Technology, 4(6), p.468.
Solomon, T., Zungeru, A.M. and Selvaraj, R., 2016, April. Network traffic monitoring in an
industrial environment. In 2016 Third International Conference on Electrical, Electronics,
Computer Engineering and their Applications (EECEA) (pp. 133-139). IEEE.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7
COMPUTER NETWORK
Vaarandi, R. and Pihelgas, M., 2014, October. Using security logs for collecting and
reporting technical security metrics. In 2014 IEEE Military Communications Conference (pp.
294-299). IEEE.
Wang, Z., Wu, J., Wang, Y., Qi, N. and Lan, J., 2014. Survivable virtual network mapping
using optimal backup topology in virtualized SDN. China communications, 11(2), pp.26-37.