Network Security and Information Project - FNU University

Verified

Added on  2021/06/17

|25
|1745
|28
Project
AI Summary
This project report details a comprehensive network security plan for First National University (FNU). It begins with an introduction to the project's scope, focusing on network redesign, security planning, and technology implementation. The report analyzes network traffic, proposes a new network design, and includes a trade-off model and IP addressing schema. A detailed network security plan is presented, outlining objectives, assumptions, and a thorough risk analysis. Security policies covering communication, network access, workstation use, antivirus measures, DMZ, and extranet access are defined. The project further addresses disaster recovery, business continuity, and access control strategies. Technology implementations are discussed, including DMZ configuration, test plans and results, Radius server setup, and IDS deployment. The report also covers switching and routing protocols, including IEEE 802.11 for RSTP, OSPF, and VLAN configuration. Finally, the project concludes with a summary of the FNU network, business and technical objectives, and a bibliography of cited sources.
tabler-icon-diamond-filled.svg

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
NETWORK SECURITY AND
INFORMATION PROJECT
NAME OF THE STUDENT
NAME OF THE UNIVERSITY
AUTHOR’S NOTE
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
INTRODUCTION
The project report is prepared after the evaluation of the case
study on First National University. A report is prepared
consisting of the concepts used for redesigning the network,
Security planning and the different technologies used for
increasing the security of the network. A work schedule is
followed for proceeding with the network assignment and a
RACI matrix is created for the analysis of the risk and
application of the security control measures for the
development of the network framework.
Document Page
NETWORK REDESIGN
Analysis of the network traffic
Application Flow Users Bandwidth
Speed
Quality Of
Service(QOS)
Email Client/Server Staff 25Mbps 4-7 Sec
Web Page Client/Server Customers, Staff 60Mbps 7-10 Sec
HD Image Client/Server Customers, Staff 15Mbps 7-15 sec
Video
streaming
Client/Server Customers 65Mbps 10-15 sec to load
Data Backup Server/Server Staff 750Mbps Depends on the
size
Document Page
NETWORK REDESIGN (CONTD.)
Trade-off modelTechnical Trade-Off Percentage
Scalability 20
Availability 20
Network Performance 10
Security 20
Manageability and Usability 5+5
Adaptability and Affordability 10+5
Characterizing the network infrastructure 5
Total: 100
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
NETWORK REDESIGN (CONTD.)
IP addressing Schema
Subnet Name Needed
Size
Allocated
Size
Address Mask Assignable
Range
Dec Mask Broadcast
Accounts
dept
15000 16382 192.168.0.0 /18 192.168.0.1 -
192.168.63.254
255.255.192.0 192.168.63.255
It
department
15000 16382 192.168.64.0 /18 192.168.64.1 -
192.168.127.254
255.255.192.0 192.168.127.255
Server
Network
15000 16382 192.168.128.0 /18 192.168.128.1 -
192.168.191.254
255.255.192.0 192.168.191.255
management
Department
15000 16382 192.168.192.0 /18 192.168.192.1 -
192.168.255.254
255.255.192.0 192.168.255.255
Backup
network
50 62 192.169.0.0 /26 192.169.0.1 -
192.169.0.62
255.255.255.192 192.169.0.63
DMZ network 50 62 192.169.0.64 /26 192.169.0.65 -
192.169.0.126
255.255.255.192 192.169.0.127
Document Page
NETWORK REDESIGN (CONTD.)
Logical Network Design
Document Page
NETWORK REDESIGN (CONTD.)
Physical Network Design
Servers Workgroup Switch
Workgroup Switch
Workstations
Workstations
Remote access router
Workgroup Switch
Workstations
Workgroup Switch
Workgroup Switch
Workstations
Dial Up user with VPN client
software
Internet
Cloud
DMZ
Finance
HR
Publishing Manager
Technical manager
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
NETWORK SECURITY PLAN
Scope
Development of network of the organization for improving the facilities
that are associated with network communication
Effective as well as proper deployment of the entire operation that
generally favours the implications of the security within the university
The implications of security is dependent on various types of
innovative technologies as well as implementation of number of
functional activities within FNU.
Document Page
NETWORK SECURITY PLAN ( CONTD.)
Objectives
To improve the communication as well as network connection by utilizing new network
designed that is mainly developed with the help of the concept of engineering design
To determine the security issues and vulnerabilities that are associated with network
design for ensuring the root causes of the various issues.
To develop proper policies that is quite helpful in improving the security of the entire
network
To develop plan for network security that must be favourable for the requirements of FNU
To implement various types of policies
Document Page
NETWORK SECURITY PLAN ( CONTD.)
Assumptions
Security assumptions: The security functions that is mainly implemented is mainly dependent on the assumptions,
which are listed below:
Physical contact with the various devices will not be created
The security plan that would be implemented will be feasible
The network related design that would be developed would be helpful in sustaining various network security tools
External disturbances will not be present within the network communication
Design assumptions: The network design development would include number of assumptions that are listed below:
Effective function implementation including network communication related principle
Needed routers and switches
Area, which is mainly covered by the routers.
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
NETWORK SECURITY PLAN (CONTD.)
Risk Analysis
Identification of the asset and assessment
Individual asset risk analysis
Threats, challenges and vulnerabilities
Document Page
NETWORK SECURITY PLAN (CONTD.)
Security Policies
Communication and Email policy
Network access and Internet policy
Workstation policy
Network security policy
Antivirus policy
DMZ policy
Extranet policy
Document Page
NETWORK SECURITY PLAN (CONTD.)
Disaster recovery and Business Continuity
Business Impact Analysis
Insurance Consideration
Incident Response Team
Physical safeguard
Incident response procedure
Restoration procedures
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
NETWORK SECURITY PLAN (CONTD.)
Network security access control
Security strategy
Specific recommended Controls to mitigate the risks
uncovered
Document Page
NETWORK SECURITY PLAN (CONTD.)
Residual risks
Ref No. Description Severity Probability Mitigation
Strategies
Residual Plan
#9540021 Attacks on password Major Likely Reduce The risk can be
mitigated with the
help of biometric
passwords.
#9540022 Exploitation of trust Moderate Possible Transfer The sensitive data
must be properly
managed.
#9540023 Redirection of port Minor Unlikely Accept The hardware must be
successfully handled.
#9540024 Man-In-The-Middle
Attacks
Moderate Likely Avoid Implementation of
security measures
would be helpful in
resolving risks.
#9540025 Social Engineering
Attack
Minor Rare Exploit Should be generally
used for system
benefit.
Document Page
TECHNOLOGY IMPLEMENTATIONS OF
SECURITY
NETWORK SECURITY- DMZ ZONE
Resources Used
DMZ is mainly configured on router for establishing of DMZ
zone. It needs to be work out configured as per the rules of
DMZ firewall. Various other kinds of resources are needed for
DMZ zone on firewall, Servers.
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
TECHNOLOGY IMPLEMENTATIONS OF
SECURITY (CONTD.)
NETWORK SECURITY- DMZ ZONE
Test Plan Implementation
For the proper implementation of test plan the network should be configured in such a way that
various firewall devices are installed in the network. There large number of tools for network
configuration which is mainly used for analysing or checking various kinds of vulnerabilities which
are present in the network and after that proper kind of testing of network must be done.

Test Results and Analysis
For proper analysis of result of test, it has been concluded that various kinds of networks can be
kept secured from various kinds of external agents and so the vulnerability of the system should be
kept secured from various kinds of solution for network.
Document Page
TECHNOLOGY IMPLEMENTATIONS OF
SECURITY (CONTD.)
Network security- Radius server
Resources Used
The ultimate resource which has been used for maintaining
and running of radius in various system is all about
understanding the various requirement of the system and as
per that server must be chosen.
Document Page
TECHNOLOGY IMPLEMENTATIONS OF
SECURITY (CONTD.)
Test Plan Design
It mainly describes the various kinds of schedules,
approaches, resources and other kinds of scope which is
needed for the activity. It also adds up some of the features
which are needed for testing large number of activities. The
activity mainly comprises of test and design which is needed.
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
TECHNOLOGY IMPLEMENTATIONS OF
SECURITY (CONTD.)
Network Security – IDS
Used Resources
Although a large number of methodologies and tools are available at present, the widespread
fundamentals are considered to be important in every kind of security configuration.
Enterprise makes use of IDS (intrusion detection system) and various kinds of associated
firewall. Firewall is mainly used for controlling large number of departments and incoming
traffic depending on large number of policies and procedure. Under the provided network IDPS
has come into action for providing host for the traffic. This has come into action of undertaken
measures of proactive measures for large number of blocks and attacks of log.
Implementation of Snort, Honeypot and other kind of software identification for flow of
network traffic which is used for identification of various kinds of vulnerability in the network.
Document Page
TECHNOLOGY IMPLEMENTATIONS OF
SECURITY (CONTD.)
Design of test plan
First stage is all about implementation of single terminal in
which a category is launched by single kind of service or
equivalent logics. The next kind of phase is all about intruder
multiple kind of terminal.
Document Page
PROTOCOLS AND QUALITY OF SERVICE
REQUIREMENTS
The Quality of Service of the system can be acquired if a particular engineering is taken
after and the design would incorporate the accompanying:
The Quality of Service recognizable proof and checking strategies keeping in mind the
end goal to facilitate the Quality of Service from the conclusion to-end between the
system components.
Quality of Service inside the single system component
Lastly, the Q
uality of Service arrangement, administration, and the capacities identified with
bookkeeping to control and regulate all the conclusion to-end movement that would be
in the system of the college.
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
SWITCHING AND ROUTING PROTOCOLS
SELECTION
Switching protocol
IEEE 802.11 for RSTP is used for the design and including fast union for eliminating the congestion of various
tree from VLANs. The port quick summon is utilized for the sending the information bundles quicker. The uplink
quick order is utilized for interfacing two switches on the appropriation layer and if the connection gest down
the traversing tree convention helps in making a connection with the other switch associated in the system.
The IEEE 802.1 Q is utilized for the making of VLAN and dynamic trunk convention is connected for the
arrangement of the VLAN labels.
Routing protocol
The OSPF convention is utilized for making a connection between the distinctive switches and send and get the
information parcels in the system by means of the most brief way. The directing convention is utilized for
keeping away from the circles in the switch and expanding the adaptability in the system. There are diverse
other steering convention, for example, RIP, IS-IS and EIGRP that can be utilized for making a directed
convention in the system.
Document Page
CONCLUSION
To start with area of the presentation gives a diagram of the FNU. In this segment a
reasonable and brief depiction about the association has been given which
additionally incorporates the different business spaces, the issues in the system and
what are the activities that are to be taken so as to address every one of the issues
and this for the most part incorporates the new suggested segments for the new
system that will be outlined. The business objectives and the specialized objectives
has additionally been given in this report. The specialized report has been gone for
supporting the different business exchanges and this for the most part incorporates
the versatility, accessibility, and execution of the system, security of the system,
reasonability, convenience, flexibility and moderateness of the systems.
Document Page
BIBLIOGRAPHY
Cam-Winget, N., Popa, D., & Hui, J. (2017). Applicability Statement for the Routing Protocol for Low-Power and Lossy
Networks (RPL) in Advanced Metering Infrastructure (AMI) Networks.
Haseeb, S., Hashim, A. H. A., Khalifa, O. O., & Ismail, A. F. (2017, November). Network Function Virtualization (NFV) based
architecture to address connectivity, interoperability and manageability challenges in Internet of Things (IoT). In IOP
Conference Series: Materials Science and Engineering (Vol. 260, No. 1, p. 012033). IOP Publishing.
Hu, R., Hu, W., & Chen, Z. (2015, November). Research of smart grid cyber architecture and standards deployment with
high adaptability for Security Monitoring. In Sustainable Mobility Applications, Renewables and Technology (SMART), 2015
International Conference on (pp. 1-6). IEEE.
Khaturia, M., Belur, S. B., & Karandikar, A. (2018). TV White Space Technology for Affordable Internet Connectivity. In TV
White Space Communications and Networks (pp. 83-96).
Sinkkonen, H. M., Puhakka, H., & Meriläinen, M. (2018). Adolescents’ internet use in relation to self-esteem and
adaptability in career decision-making. British Journal of Guidance & Counselling, 1-14.
West, D. M. (2015). Digital divide: Improving Internet access in the developing world through affordable services and
diverse content. Brookings Institution.
chevron_up_icon
1 out of 25
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]