ACME Company Network Security: Policy Framework and Guidelines

Verified

Added on 2023/03/30

AI Summary

This report provides a comprehensive network security policy for ACME Company, a private company with 120 employees across two divisions: property management and commercial real estate. The company plans to expand its workforce and physical space, necessitating a robust network security framework. The report identifies key sections of a basic network policy, including acceptable use, email and communication, anti-virus, identity, password, encryption, remote access, wireless LAN, VPN, extranet, internet access, and physical device policies. It details specific security policies such as internet usage and anti-virus measures, emphasizing employee responsibilities and guidelines for protecting company assets. Furthermore, the report outlines network equipment security guidelines for routers, switches, and VPN remote access, including configurations for file security, switch security measures, router administrative access, and intrusion detection prevention. The aim is to inform staff and network users on the network requirements for protecting various assets and to provide guidelines for auditing, configuring, and acquiring audit computer networks and systems.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: ADVANCED NETWORK SECURITY
ACME COMPANY: ADVANCED NETWORK SECURITY
(Student Name)
(Class Name)
(Tutor’s Name)
(Date)

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

ADVANCED NETWORK SECURITY 2
Executive summary
ACME Company is a private company that is located in a two floor building with 120
employees. The company has two divisions which are the property management group and the
commercial real estate. The company profits is around one million dollars annually. The
organization intends to grow the number of staff members between 30 to 50 employees. In
addition, the organization intends to lease a 3rd floor which is to be located in the main office.
Also, the company plans to move to VoIP so as to eliminate the separate PABX systems which
the company has been using for their existing phone system. The company also plans to provide
wireless network access across its three floors building.
Task 1: Sections of the basic network policy
A network policy is a set of constrains, settings and conditions which allow one to designate
who is authorized to connect to the organization network and the circumstances which pone
cannot or can connect. Some organization view network policies as rules where each rule has a
set of settings and conditions (Kotenko & Skormin, 2017). This means that a network policy
needs to have several key sections which addresses potential issues for network access, device
access, users, and other areas. Some of the key sections which should be included in a basic
network policy are
 Introduction
 Acceptable use policy
 E-mail and communication activities
 Anti-virus policy
 Identity policy
 Password policy

ADVANCED NETWORK SECURITY 3
 Encryption policy
 Remote access policy
 Wireless LAN policy
 VPN (Virtual Private Network) policy
 Extranet policy
 Internet Access policy
 Physical organization device policy (Bradley, 2016)
Task 2: Security policies
The major aim of a network policy is inform organization staff and network users on the
network requirements for protecting various assets. Usually network assets includes various
forms which are servers, passwords, or documents. The policies lay guidelines for auditing,
configuring, and acquiring audit computer networks and systems (Hathawa, 2014).
Internet usage policy
Internet usage policy is used to provide organization employees with the guidelines and
rules about the use of internet access. This policy specifically assists in protecting both the
employee and the business. The employees needs to be ware on the serious repercussions that led
to fewer security risks for the organization.
The use of internet by all the employees of ACME Company is encourages and permitted
where each use supports objectives and goals of the organization. Nevertheless access to the
internet though ACME router is a privilege therefore all the employees needs to adhere to the
company’s polices that concerns internet usage. The company employees’ needs to use the wide
area network responsibility and productively. The wide area network is limited to job-related
activities only; personal use is not allowed. The installation of applications and software is

ADVANCED NETWORK SECURITY 4
strictly prohibited and all the emails sent through the ACME Company’s email system ought not
to contain content which seem to be offensive. Posting or even sending discriminatory messages
on the internet is also deemed to be unacceptable. Lastly, using the internet to perpetrate some of
fraud.
Anti-virus policy
Anti-virus aids the company staff in carrying out their activities. The anti-virus policy is
specifically designed in giving out direction and guidance on minimizing the risk of virus
infection. All the company staff needs to be aware of their responsibilities in respect to
safeguarding the availability, integrity, and confidentiality. All the company staff need to have an
antivirus software which have to be configured and installed by the company IT services. Every
computer needs to be installed with an anti-virus before being connected to the organization
network. A company needs to avoid the transfer of information using floppy disk, USB or CD.
Also there is no need to starting up an organization computer using floppy disk unless one is
instructed by the Company IT staff. In case one finds suspect virus on one computer one needs to
contact the IT staff immediately.
Task 3: Network Equipment Security guideline
The policy guidelines are related to the main devices which are the routers and switches
VPN remote access
a) Providing the CISCO VPN client on all the external hosts
b) Configuring the corporate router for the remote access IPsec VPN connections
Configuration of file security
a) Securing CISCO IOS image and the configuration files
b) Backing up devices running config files to a TFTP server

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

ADVANCED NETWORK SECURITY 5
c) Backing up the IOS images to a TFTP server
The organization switch security measures
a) Disabling switch default passwords
b) Disabling all the unused switch ports
c) Encrypting all the switches with the highest level of encryption that is currently available
d) Configuring the company database administrative user with a secret password and level
16
e) All the company switches needs to be disabled with the HTTP server
f) Configuring the VTY passwords
g) Configuring port security
h) Configuring a centralized authentication with RADIUS and AAA
i) All the switches will disabled with telnet access
j) All the switches will be enabled with loop guard, BPDU guard, and PortFast.
The company router administrative access
i. Enabling a secret password
ii. Configuring an SSH sever
iii. Disabling telnet services
iv. Configuring the syslog support on all the edge routers
v. Enabling a HTTP secure server
vi. Disabling all those services which are unnecessary
vii. Configuring the company router with static routing between the Internet service
providers and the edge routers
Intrusion detection prevention

ADVANCED NETWORK SECURITY 6
1. Configuring the ZPF on all the edge routers
2. Configuring the Cisco IOS IPS on the internal and external interfaces (Strebe, 2006)
References
Bradley, T. (2016). Essential Computer Security : Everyone's Guide to Email, Internet, and
Wireless Security. Rockland: Elsevier Science.
Hathawa. (2014). Best Practices in Computer Network Defense: Incident Detection and
Response. IOS press.
Kotenko, I., & Skormin, V. A. (2017). Computer network security : 5th International. New
York: Springer Press.
Strebe, M. (2006). Network Security JumpStart: Computer and network security basics. New
York: Hoben Press.