Network Security Strategies Report for AUST Technologies

Verified

Added on 2019/10/31

AI Summary

This report focuses on developing network security strategies for AUST Technologies, a software company. It addresses the increasing threats posed by evolving technologies and the importance of protecting sensitive data. The report covers various aspects of network security, including confidentiality, privacy, accuracy, and availability. It explores different types of network attacks, ethical considerations, and secure network architecture. Furthermore, it discusses the implementation of network security applications like antivirus software, firewalls, encryption, and intrusion detection systems. The report aims to provide AUST Technologies with a comprehensive understanding of network security measures to protect its network from various threats and ensure secure remote network administrations and video conferencing. The report emphasizes the need for a proactive approach to network security, considering both hardware and software solutions to protect the network from malicious attacks and data breaches.

Network Security
Submitted By
Course
Professor
Date

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Executive Summary
Securing network in an organization is an essential job that must be genuinely considered when
planning a system network. It can be characterized as the strategies as well as methods that needs
to be considered by network administrator in order to provide better protection from the various
types of threats or to avoid unauthorized access to the network. With the increase in awareness of
innovation, chances of hacking increasing day by day. Therefore, it is very important to
investigate the data in regards to new assaults and make proper steps to save the system from
malevolent type of attacks. The effect of these network issues on the organization are
inadmissible to any type of business whether small or large as well as to their clients. The main
requirement for addressing these risks to the network is imperative to the IT security approaches
and methodology. There must be IT department in every business. In order to plan security,
design the network as well as train the entire staff, various inputs, policies and agreements would
be required. The main objective of report is to discuss these strategies to protect the network
from various threats. A network strategy needs to be developed in AUST technologies, so that it
can be easy to implement security measures within the organization’s network. By implementing
strong, secure measures in the organization’s network, it will enable organization to get secure
remote network administrations and video conferencing. This report is about the strategies that
needs to be developed and various hardware and software that must be installed in the network to
protect the system from various types of threats. (Rice & Rahman, 2012).
2

Table of Contents
1. Introduction.............................................................................................................................................3
1.1 Problem.............................................................................................................................................4
1.2 Purpose..............................................................................................................................................4
1.3 Project Scope.....................................................................................................................................4
1.4 Project Objective...............................................................................................................................4
2. Literature Review....................................................................................................................................4
2.1 Network Security...............................................................................................................................4
2.1.1 Confidentiality............................................................................................................................5
2.1.2 Privacy -.....................................................................................................................................5
2.1.3 Accuracy -...................................................................................................................................5
2.1.4 Availability -...............................................................................................................................5
2.2 Network Attacks................................................................................................................................5
2.3 Importance of Network Security........................................................................................................5
2.4 Ethical, Social Consideration..............................................................................................................6
2.4 Secure Network Architecture.............................................................................................................6
2.4 Network Security Applications..........................................................................................................7
2.4.1 Installation of Antivirus Software -.............................................................................................7
2.4.2 Firewall Installation....................................................................................................................7
2.4.3 Encryption..................................................................................................................................8
2.4.4 Intrusion Detection System (IDPS).............................................................................................9
2.4.5 Authorized Access....................................................................................................................10
2.4.6 Auditing & Accounting............................................................................................................10
2.5 Expansion of Business using these Technologies............................................................................10
3. Conclusions...........................................................................................................................................11
4. Recommendations.................................................................................................................................12
5. References.............................................................................................................................................13
3

1. Introduction
AUST Technologies is the software company that develops as well as modifies software
applications in order to gain practical experience in data and system security field. AUST
technologies is working on various IT projects that includes developing software applications in-
house or to modify other applications in concurrence with large organizations. The scope of
AUST tech is very limited in the advancement of various IT applications. The main objective of
the organization is to extend its business in following years to different branches inside ICT, and
to all parts of Australia as well as other countries. The other best alternative for the AUST tech
can be to enhance the business into giving progressing data and system security administrations
to organizations that mainly operate their business online. It will require dealing with the online
security of those associations; security of their sites and customer databases. The main business
which can be included in these activities are gambling associations, pharmaceuticals or
hospitality associations.
Managing network security is the main concern for AUST tech for a wide range of
circumstances and is vital as the developing utilization of web across the world. There is very
basic security requirement for small businesses whereas for large businesses may require very
high maintenance as well as propelled software and hardware to keep noxious attacks from
hacking or any other malicious attack. Various strategies will be required in order to implement
new security patterns. The Network Security is continually advancing, because of traffic
development, utilization patterns and the consistently changing risk. This report is to provide a
reflection on various security concerns and how these threats can be protected. (Gaigole & Prof.
Kalyankar, 2015).
1.1 Problem
The main problem is the emerging new innovation which is most prone the attack of hackers. By
hacking the data, hackers can get entire information of the organization and that will affect the
economy of the nation on large extent.
4

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1.2 Purpose
The main purpose of the report is to develop new strategies for securing the entire network of the
organization.
1.3 Project Scope
The research on the securing the network either LAN or WAN will concentrate on various
threats, challenges, and implementing strategies for implementing various security measure for
securing the database.
1.4 Project Objective
The main objective of network security strategy evaluation structure are:
 To create digital protection policies and capacities;
 To accomplish digital flexibility;
 To decrease cybercrime;
 To help industry on digital security;
 To secure important data frameworks
2. Literature Review
2.1 Network Security
A network in IT can be defined as the combination of various lines that are used to connect
various systems whether in an organization or across the world. Therefore, it can be arranged by
different factors that includes longitude, interconnection, administration as well as its design.
Network security is the process of securing network from various types of risks whether internal
or external and is provided to meet the association's security mechanism. Secured network helps
to provide secure network. It helps to provide various security measurements for securing the
network. The main object of network security is to make confidentiality, trusteeship as well as
integrity and also being continually accessible. Three main goals of network security are as
following:
2.1.1 Confidentiality - Network security guarantees that the confidential information must be
accesses by unauthorized users.
2.1.2 Privacy - It guarantees the data which have been gathered as well as saved by individuals
must be available by them.
5

2.1.3 Accuracy - It guarantees that information and various applications are permitted to make a
change just on a particular methodology. The accuracy of network system also guarantees that
function keeps running in the right way and must be saved from unauthorized access.
2.1.4 Availability - It guarantees that the framework works rapidly and does not avoid
authorized clients means the information must be available to right user at right time whenever
user needs it. (Roozbahani & Azad, 2015).
2.2 Network Attacks
The network attack can be in many structures, including dynamic system attack to unencrypted
network traffic on sensitive data; passive assaults like observing unprotected system exchange to
decode feebly encoded movement and getting validation data; abuse by insiders, Denial of
service (DDoS), etc. Physical attack mainly affects the hardware components, Reconnaissance
attacks are unauthorized access that affect vulnerabilities of the network. Denial-of-service
(DoS) is an endeavor to make a machine or system asset inaccessible to its expected clients.
Because of low memory abilities and constrained calculation assets, the devices are defenseless
against asset enervation attack. (Abomhara & Koien, 2015).
2.3 Importance of Network Security
If the systems in the internal or external network are infected, these systems can contaminate
other systems and can make everybody helpless. Therefore, digital cleaning is about securing
data around us in order to stop the infection of other systems. Eg: Bots or zombie systems that
are cyber threats. Hackers look for an opportunity for infecting and contaminating the systems as
well as register with a zombie force that taints various machines, and enhance the ability to get a
large number of users.
It is quite possible to hack the infected network. Digital security must be mutual duty. Web
organizations and physical vendors can do their part by ensuring the security of their systems and
banking and payment frameworks. Government can teach the pubic and implement hostile to
digital criminal laws. Organizations can ensure that they have solid security forms set up that
includes ensuring their workers utilize strong passwords and everybody can assume an essential
6

part by securing the devices as well as being certain that our passwords must be unique and
strong to be guessed. (Magid, 2014).
2.4 Ethical, Social Consideration
Association needs to adapt to significant ethical issues. These are: Privacy and individual data,
Freedom of discourse in the internet, Intellectual property and Cybercrime. Protection is the
claim of people to be allowed to sit unbothered, free from observation or obstruction from
different people or associations that includes the state. Also, social and cultural issues needs to
be considered. (Tiwary, 2011).
2.4 Secure Network Architecture
As we know that network architecture incorporates hardware, software, links, protocols, and
topologies. Hence, it is the need of the organization to secure each component of network for
having reliable data communication. If not, the integrity of networking framework will be
damaged. The following three factors need to be focused while designing AUST's network:
• The client ought to get the best reaction time as well as throughput. If response time is
minimized, it incorporate minimizing delays amongst transmission as well as receipt of
information and this is necessary for intuitive sessions among the client applications. Throughput
can be defined as the process of transmitting large information per unit of time.
• The information that is transmitted in the designed network having minimum cost for the path,
and other variables like its reliability must not be disturbed.
• Reliability ought to be expanded to guarantee appropriate receipt of all information. System
dependability incorporates the capacity not exclusively to deliver error free information, yet in
addition to recover from errors or lost information. The system's analytic framework ought to
have the capacity to find segment issues and maybe isolate the defective part from the system.
(Sharma, 2014).
2.4 Network Security Applications
After the detection of network threats and the threat type that have been recognized which hit the
organization's network, there will be requirement of implementing security strategies in the
7

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

organization. Associations have a broad selection of advances, extending from Antivirus
software to committed system security devices like firewalls and interruption discovery
frameworks, to give assurance to every network system.
2.4.1 Installation of Antivirus Software -
This software comes with many system and can help to protect the system against various types
of threats like virus, malicious activity etc. It needs to be updated on regular basis. It depends on
a tremendous system of clients to give early notices of virus, so that remedy could be produced
and disseminated rapidly. With the updated database of viruses that are being produced every
month, this is the main point that the virus database is stayed up with the latest. Legitimate
hostile to anti-virus package merchants will distribute the most recent cures on their Web
destinations, and this package can incite clients to intermittently gather new information. System
security arrangement ought to stipulate that all PCs on the system are stayed up with the latest
and are secured by a similar hostile to anti-virus. Hackers frequently make moving beyond the
anti-virus software their first step. (Pareek, 2012).
2.4.2 Firewall Installation
Firewall can be defined as the device that is used to analyze data communication in between two
systems or two networks and then firewall checks that the data which is exchanged between
systems follows the protocols or prettified model. It is coordinated approach between that
frameworks in the event that they take after the prettified model or not. If not, it stops the data.
This device is helpful to minimize the unauthorized and malicious attack to the network. Its
execution impacts the system security and firewall execution that depends on the breaking point
of firewall. At the point when firewall confine is high, it provides better execution. In order to
physically store the network, it is like a protective layer that is created between network and the
external world. As a result, the firewall repeats the system at the purpose of section with the goal
that it can get and transmit the authorized information immediately. (Tharaka, & Silva, 2016).
8

Taken from (Tharaka, & Silva, 2016).
2.4.3 Encryption
Encryption is among the most significant strategy for mitigating system security issues. If secure
data is kept in heap, it can be possible to save data from hackers. In order to protect data, data
encryption forms as that of SSL or VPN, and have ability to protect the data in the database. It
will be better option to protect the data among the application server and also the database
server. The processes that can be used to secure data are - solidifying techniques, patches,
security programming installation and by following the guidelines of the merchant. This
sensitive data must be governed by network administrator on regular basis. It can be performed
on volume level as well. (Hexatier, 2016).
9

The above figure shows the encryption process in a network.
Taken from (The ICT Lounge, n.d).
2.4.4 Intrusion Detection System (IDPS)
Intrusion Detection System is the hardware application that is utilized for checking the system
and ensuring it from any type of intruder. As the internet is progressing very quickly, various
new innovations in programming has been raising. The key point of this system is to screen the
system advantages for recognize any type of unacceptable behavior in the network. The Intrusion
Prevention System (IPS) is used to secure the network from any such type of threat that monitors
network traffic in order to identify and to save weakness misuses. Two types of IPS systems are
there - Network (NIPS) and Host (HIPS). These mainly monitors the network to take action
accordingly. (Dr. Vijayarani & Ms. Sylviaa, 2015).
10

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Various locations for IDPS in a network are as shown in figure.
Taken from (Insecure Lab, 2014).
2.4.5 Authorized Access
Controlling access to sensitive data is most essential technique among all. It helps to protect
information from unauthorized read and write operations. This process is to take control on the
strategies made for the data communications as well as to take control on other objects. If access
control is effectively controlled then the risk of affecting the database security on various servers
will also be minimized. (Malik & Patel, 2016).
2.4.6 Auditing & Accounting
Auditing is the process of analyzing the configured network from internal as well as external
perspective. Accounting is the method to maintain the auditing for various activities of the user
on network. Responsibility as well as auditing will help to ensure the database integrity which
will help to have the characterized access to the database. When a user has figured out how to
check effectively and to get the access to an asset, these types of activities must be monitored by
the framework, and their status ought to be in audit trail documents. (Malik & Patel, 2016).
2.5 Expansion of Business using these Technologies
System security has turned into a prerequisite for AUST tech. organization as the maximum
work is dependent on Internet. The clients, merchants and business accomplices presumably
11

anticipate the surety about the data they share with this organization. These security advances let
AUST framework avert known assaults and adjust to new risks, staff, clients and business
accomplices who can be certain that their data remains secure. The strong network security
ensure the surety of AUST's confidential data like all the credit card details, financial details that
must not be accessed by any other unauthorized person. After implementing the above network
technologies, business accomplices will feel surer to share the information like sales forecasting.
Likewise, similar advances that keep interlopers out can give your accomplices secure access to
data on the network, and will cooperate more adequately.
These network practices lets the staff to safely access the important information on the network.
It will help to make staff more productive as they will concentrate on their jobs instead of doing
paper work. It will help to make better access to internet as well as their e-mails. These practices
will enable the organization to include new services as well as applications without disturbing
the performance of network. Adopting a proactive strategy to protect data guarantees the
business stays up and running when it should be. Setting up a strong, secure system will enable
organization to include propelled highlights like secured remote systems administration or voice
as well as video conferencing. (Cisco, n.d).
3. Conclusions
This report is a reflection that takes high level perspective of network security as well as Internet
risks, underlining the eminent changes and innovative development. In any case, we should not
overlook that network crime is not harmless. Eg: ransomware keeps individuals out of their
systems, holding cherished family photographs for ransom, commandeering incomplete
compositions for books, as well as blocking access to tax return files, banking records, and other
profitable archives. It was not ensured that after paying ransom, the hackers will release
padlocks. Directed attack take significant licensed innovation from organizations, and an
information break can shred an association's reputation―even debilitating its survival. Digital
protection claims are developing in quantity as well as cost, tax premiums significantly higher. In
other words, cybersecurity issues undermine national security as well as financial development,
which eventually influences every one of us. (Symantec, 2016).
This proposed network framework is feasible with versatile infrastructure. It likewise gives a
diagram of the accepted procedures in relieving the known assaults and proposal on the best way
12

to anticipate reoccurrence assaults. With propels in innovation, nobody is protected from an
assault by hackers. It is an easy task for hackers to pick up control of a machine on the Internet
that has not been enough secured. Organizations contribute the important part of their finance in
securing their data, since the loss of key information is a threat to the business. The innovation in
the advancement of systems, network communication provides the hackers to hack the network.
Hence, by implementing these technologies into the network data can be protected.
4. Recommendations
Setting up as well as maintaining a structure that gives confirmation for data security techniques
are lined up with and can support the business which is most important. While choosing one of
these techniques, guaranteeing that the program gives the capacity to utilize a risk based
approach and empowers the groups to recognize and explore adequately and react rapidly. It is
necessary to control unauthorized access, analyze the providers and temporary workers and in
addition representatives, and realize what main users are doing with organization information.
AUST's greatest resource is likewise the main threat. The trained users should be security front
edges, regardless the organization will need the innovation as the last point of safeguard.
Observing user action will help to recognize unauthorized behavior and check client activities
are not abusing security methodology. The internal risks can be undetected.
Backing up the records may appear like sound judgment, however any association that has been
hit with ransomware like Petya or Wannacry– will disclose that it is so critical to guarantee this
best practice. It is vital for association to have a full back up of all of information from an
essential security cleanliness imminent, as well as to battle developing assaults. Training to users
for digital security is the best practices. Training ought to incorporate how to: perceive a
phishing email, make and maintain passwords, stay away from unsafe applications, guarantee
profitable data is not taken out from the organization notwithstanding other significant client
security dangers. By having a response plan of time will enable to close any vulnerabilities,
constrain the harm of a breach, and enable the organization to remediate viably. These activities
can help the organization to protect their sensitive information effectively.
These associations need to begin with an exhaustive data security auditing process directed by an
external auditor party who has particular involvement in the assembling and computerization
space. They ought to organize remediation measures in view of the result of that auditing. Each
13

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

robotic device that is associated with the Web ought to be password secured. Human stewardship
of robot needs to be kept up at an abnormal state consistently for the future. (Vialina, 2016).
5. References
Abomhara, M. & Koien, G., M. (2015). Cyber Security and the Internet of Things:
Vulnerabilities, Threats, Intruders and Attacks. Journal of Cyber Security, Vol. 4, 65–88.
doi: 10.13052/jcsm2245-1439.414. Retrieved from
-https://www.riverpublishers.com/journal/journal_articles/RP_Journal_2245-
1439_414.pdf
Advancing Cyber Resilience Principles and Tools for Boards. World Economic Forum (2017).
Retrieved from
-http://www3.weforum.org/docs/IP/2017/Adv_Cyber_Resilience_Principles-Tools.pdf.
Chopra, A. (2016). Security Issues of Firewall. International Journal of P2P Network Trends and
Technology (IJPTT) – Volume 22 Number 1 January 2016. Retrieved from -
http://www.ijpttjournal.org/2016/volume-22/IJPTT-V22P402.pdf
Devi, P., A. & Laskhmi, S., R. (2013). A Study on Network Security Aspects and Attacking
Methods. International Journal of P2P Network Trends and Technology- Volume3Issue2-
2013. Retrieved from -http://www.ijpttjournal.org/volume-3/issue-2/IJPTT-
V3I2P406.pdf.
Dr. Vijayarani, S. & Ms. Sylviaa, M. (2015). Intrusion Detection system - a study. International
Journal of Security, Privacy and Trust Management (IJSPTM) Vol 4, No 1, February
2015. Retrieved from - http://airccse.org/journal/ijsptm/papers/4115ijsptm04.pdf
Gaigole, M., S. & Prof. Kalyankar, M., A. (2015). The Study of Network Security with Its
Penetrating Attacks and Possible Security Mechanisms. International Journal of
Computer Science and Mobile Computing, Vol.4 Issue.5, May- 2015, pg. 728-735.
Retrieved from - http://www.ijcsmc.com/docs/papers/May2015/V4I5201599a46.pdf
Internet Security Threat Report. Symantec (2016). Retrieved from -
https://www.symantec.com/content/dam/symantec/docs/reports/istr-21-2016-en.pdf
14

Intrusion Detection system. Insecure Lab (2014). Retrieved from - http://www.insecure.in/ids.asp
Magid, L. (2014). Why Cyber Security Matters To Everyone? Retrieved from -
https://www.forbes.com/sites/larrymagid/2014/10/01/why-cyber-security-matters-to-
everyone/#3e2347cc5a71
Malik, M. & Patel, T. (2016). Database security - attacks and control methods. International
Journal of Information Sciences and Techniques (IJIST) Vol.6, No.1/2, March 2016 .
Retrieved from - http://aircconline.com/ijist/V6N2/6216ijist18.pdf
Pareek, R. (2012). Network security: an approach towards secure computing. Journal of Global
Research in Computer Science, Volume 2 No (7), July, 2011, 160-163. Retrieved from -
https://www.rroij.com/open-access/network-security-an-approach-towards-secure-
computing-160-163.pdf
Rice, L., E. & Rahman, M. (2012). Non - profit organizations' need to address security for
effective government contracting. International Journal of Network Security & Its
Applications (IJNSA), Vol.4, No.4, July 2012. Retrieved from
-https://arxiv.org/ftp/arxiv/papers/1512/1512.00067.pdf.
Roozbahani, F., S. & Azad, R. (2015). Security Solutions against Computer Networks Threats.
Int. J. Advanced Networking and Applications Volume: 07 Issue: 01 Pages: 2576-2581.
Retrieved from -http://www.ijana.in/papers/V7I-1.pdf
Section 8.8 - Encryption. The ICT Lounge (n.d). Retrieved from -
https://www.ictlounge.com/html/encryption.htm
Security Best Practices for Migrating your Database to the Cloud. Hexatier (2016). Retrieved
from -http://www.hexatier.com/security-best-practices-for-migrating-your-database-to-
the-cloud/
Sharma, A. (2014). Managing the Organizational Network Security. International Journal of
Innovations in Computing (ISSN : 2319-8257) Vol. 2 Issue 4. Retrieved from -
https://scholar.harvard.edu/files/lingayas/files/anamika_research_peper2.pdf
Tharaka, S., C. & Silva, R., L., C. (2016). High Security Firewall: Prevent Unauthorized Access
Using Firewall Technologies. International Journal of Scientific and Research
15

Publications, Volume 6, Issue 4, April 2016. Retrieved from -
http://www.ijsrp.org/research-paper-0416/ijsrp-p5278.pdf
Tiwary, D., K. (2011). Security and ethical issues in IT: an organization's perspective. International
Journal of Enterprise Computing and B International Journal of Enterprise Computing and
Business Systems. Retrieved from - http://www.ijecbs.com/July2011/45.pdf
Vialina, B. (2016). Robots present a cyber risk. Retrieved from -
https://www.csoonline.com/article/3139448/security/robots
What You Need to Know about Network Security. Cisco (n.d). Retrieved from
-https://www.cisco.com/c/en_sg/solutions/small-business/products/security-small-
business-main-page/security-primer.html
16