Network Security and Information Project - FNU University

Verified

Added on 2021/06/17

AI Summary

This project report details a comprehensive network security plan for First National University (FNU). It begins with an introduction to the project's scope, focusing on network redesign, security planning, and technology implementation. The report analyzes network traffic, proposes a new network design, and includes a trade-off model and IP addressing schema. A detailed network security plan is presented, outlining objectives, assumptions, and a thorough risk analysis. Security policies covering communication, network access, workstation use, antivirus measures, DMZ, and extranet access are defined. The project further addresses disaster recovery, business continuity, and access control strategies. Technology implementations are discussed, including DMZ configuration, test plans and results, Radius server setup, and IDS deployment. The report also covers switching and routing protocols, including IEEE 802.11 for RSTP, OSPF, and VLAN configuration. Finally, the project concludes with a summary of the FNU network, business and technical objectives, and a bibliography of cited sources.

NETWORK SECURITY AND
INFORMATION PROJECT
NAME OF THE STUDENT
NAME OF THE UNIVERSITY
AUTHOR’S NOTE

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

INTRODUCTION
• The project report is prepared after the evaluation of the case
study on First National University. A report is prepared
consisting of the concepts used for redesigning the network,
Security planning and the different technologies used for
increasing the security of the network. A work schedule is
followed for proceeding with the network assignment and a
RACI matrix is created for the analysis of the risk and
application of the security control measures for the
development of the network framework.

NETWORK REDESIGN
• Analysis of the network traffic
Application Flow Users Bandwidth
Speed
Quality Of
Service(QOS)
Email Client/Server Staff 25Mbps 4-7 Sec
Web Page Client/Server Customers, Staff 60Mbps 7-10 Sec
HD Image Client/Server Customers, Staff 15Mbps 7-15 sec
Video
streaming
Client/Server Customers 65Mbps 10-15 sec to load
Data Backup Server/Server Staff 750Mbps Depends on the
size

NETWORK REDESIGN (CONTD.)
• Trade-off modelTechnical Trade-Off Percentage
Scalability 20
Availability 20
Network Performance 10
Security 20
Manageability and Usability 5+5
Adaptability and Affordability 10+5
Characterizing the network infrastructure 5
Total: 100

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

NETWORK REDESIGN (CONTD.)
• IP addressing Schema
Subnet Name Needed
Size
Allocated
Size
Address Mask Assignable
Range
Dec Mask Broadcast
Accounts
dept
15000 16382 192.168.0.0 /18 192.168.0.1 -
192.168.63.254
255.255.192.0 192.168.63.255
It
department
15000 16382 192.168.64.0 /18 192.168.64.1 -
192.168.127.254
255.255.192.0 192.168.127.255
Server
Network
15000 16382 192.168.128.0 /18 192.168.128.1 -
192.168.191.254
255.255.192.0 192.168.191.255
management
Department
15000 16382 192.168.192.0 /18 192.168.192.1 -
192.168.255.254
255.255.192.0 192.168.255.255
Backup
network
50 62 192.169.0.0 /26 192.169.0.1 -
192.169.0.62
255.255.255.192 192.169.0.63
DMZ network 50 62 192.169.0.64 /26 192.169.0.65 -
192.169.0.126
255.255.255.192 192.169.0.127

NETWORK REDESIGN (CONTD.)
• Logical Network Design

NETWORK REDESIGN (CONTD.)
• Physical Network Design
Servers Workgroup Switch
Workgroup Switch
Workstations
Workstations
Remote access router
Workgroup Switch
Workstations
Workgroup Switch
Workgroup Switch
Workstations
Dial Up user with VPN client
software
Internet
Cloud
DMZ
Finance
HR
Publishing Manager
Technical manager

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

NETWORK SECURITY PLAN
Scope
• Development of network of the organization for improving the facilities
that are associated with network communication
• Effective as well as proper deployment of the entire operation that
generally favours the implications of the security within the university
• The implications of security is dependent on various types of
innovative technologies as well as implementation of number of
functional activities within FNU.

NETWORK SECURITY PLAN ( CONTD.)
Objectives
• To improve the communication as well as network connection by utilizing new network
designed that is mainly developed with the help of the concept of engineering design
• To determine the security issues and vulnerabilities that are associated with network
design for ensuring the root causes of the various issues.
• To develop proper policies that is quite helpful in improving the security of the entire
network
• To develop plan for network security that must be favourable for the requirements of FNU
• To implement various types of policies

NETWORK SECURITY PLAN ( CONTD.)
Assumptions
• Security assumptions: The security functions that is mainly implemented is mainly dependent on the assumptions,
which are listed below:
• Physical contact with the various devices will not be created
• The security plan that would be implemented will be feasible
• The network related design that would be developed would be helpful in sustaining various network security tools
• External disturbances will not be present within the network communication
• Design assumptions: The network design development would include number of assumptions that are listed below:
• Effective function implementation including network communication related principle
• Needed routers and switches
• Area, which is mainly covered by the routers.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

NETWORK SECURITY PLAN (CONTD.)
Risk Analysis
Identification of the asset and assessment
Individual asset risk analysis
Threats, challenges and vulnerabilities

NETWORK SECURITY PLAN (CONTD.)
Security Policies
• Communication and Email policy
• Network access and Internet policy
• Workstation policy
• Network security policy
• Antivirus policy
• DMZ policy
• Extranet policy