Wireless Network Security Issues and Solutions: A Case Study Report
VerifiedAdded on 2021/06/18
|17
|5025
|77
Report
AI Summary
This report addresses wireless network security concerns for Rare Vintage Auto Parts Ltd, stemming from vulnerabilities like weak WEP encryption, broadcasted SSIDs, lack of firewalls, and mixed network cards. The methodology involved interviews, network exploitation testing, and analysis of existing documentation. Findings revealed risks associated with data loss, misuse, and attacks. The report details the flaws of WEP encryption, incorrect antenna types, and the dangers of broadcasting SSIDs. Solutions include implementing WPA/WPA2 encryption, using unidirectional antennas, disabling SSID broadcasts, and deploying firewalls and VPNs. Furthermore, the report suggests the implementation of intrusion detection and prevention systems, and network subnetting to improve performance. The report also recommends a Bring Your Own Device (BYOD) policy to enhance security and user accountability.
WIRELESS DEPLOYMENT
By
(Name)
(Course)
(Professor’s Name)
(Institution)
(State)
(Date)
By
(Name)
(Course)
(Professor’s Name)
(Institution)
(State)
(Date)
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Abstract.
This into the network security issues affecting the Rare Vintage Auto Parts Ltd which
supplies spare parts to the automotive industry. The issues include the focus on the wireless
system, links, tills and the deployment of the wireless networks that enabled the
communication and data transfer across the different shops within the city. The issues
realized and discussed in the report as the following: poor network and data encryption, a
wireless network that broadcasts its SSID, the network connection had no firewall nor a
virtual private network, no procedures and policies guiding the network and a mixture of
network data cards among others. The report addresses the solutions to the strengthen the
network security and policies including software and hardware deployment with the Bring
Your Own Device policy.
This into the network security issues affecting the Rare Vintage Auto Parts Ltd which
supplies spare parts to the automotive industry. The issues include the focus on the wireless
system, links, tills and the deployment of the wireless networks that enabled the
communication and data transfer across the different shops within the city. The issues
realized and discussed in the report as the following: poor network and data encryption, a
wireless network that broadcasts its SSID, the network connection had no firewall nor a
virtual private network, no procedures and policies guiding the network and a mixture of
network data cards among others. The report addresses the solutions to the strengthen the
network security and policies including software and hardware deployment with the Bring
Your Own Device policy.
Contents
Abstract................................................................................................................................................2
Introduction.........................................................................................................................................4
Methodology........................................................................................................................................4
Findings................................................................................................................................................5
Deployment of appropriate hardware and software...................................................................13
BRING YOUR OWN DEVICE POLICY....................................................................................13
Privacy expectation........................................................................................................................13
Acceptable use................................................................................................................................13
User acknowledgment and agreement.........................................................................................15
References..........................................................................................................................................16
Bibliography......................................................................................................................................17
Abstract................................................................................................................................................2
Introduction.........................................................................................................................................4
Methodology........................................................................................................................................4
Findings................................................................................................................................................5
Deployment of appropriate hardware and software...................................................................13
BRING YOUR OWN DEVICE POLICY....................................................................................13
Privacy expectation........................................................................................................................13
Acceptable use................................................................................................................................13
User acknowledgment and agreement.........................................................................................15
References..........................................................................................................................................16
Bibliography......................................................................................................................................17
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Introduction.
This report is addressing the concerns raised by the owner, management and personnel of the
Rare Vintage auto spares LTD. These trepidations resulted from a steady drop in the smooth
running of the business that included having a very rude IT administrator that used the
wireless network to access illicit material, Miller, Voas & Hurlburt (2012). The sacking of
the IT administrator has compounded the wireless network issues affecting the company even
after replacement with a non-expert in the field of network security.
The report includes the identified and analysed risks that make the security of the wireless
network system very vulnerable to interference and modification. Using the risk assessment
matrix, the threats and vulnerabilities of the network set up have been accessed and
documented, Thomson (2012). The following are the top ranked security vulnerabilities, a
very weak WEP encryption is being used during connection and data transfer, an incorrect
antenna type with a high power access point and mixture of network card standards.
Methodology.
The following methods were used to collect and analyse the data according to Morrow
(2012).
In-depth Interviews were conducted with more than 30 employees from the different offices
of the company questioned to comment on the wireless connection set up, express their
objections and failings.
Network exploitation testing: the network was tested using the available exploitation tools to
determine the ability to withstand and prevent external or internal attacks.
Access to secondary sources of data such as the deployment files and documents left behind
by the former IT administrator in the data cabinets.
Direct and participatory observation in the daily activities and practices of the employees
while taking notes on the wireless configuration, hardware, software, security policies and
practices and also asking the employees questions relating to the network use.
This report is addressing the concerns raised by the owner, management and personnel of the
Rare Vintage auto spares LTD. These trepidations resulted from a steady drop in the smooth
running of the business that included having a very rude IT administrator that used the
wireless network to access illicit material, Miller, Voas & Hurlburt (2012). The sacking of
the IT administrator has compounded the wireless network issues affecting the company even
after replacement with a non-expert in the field of network security.
The report includes the identified and analysed risks that make the security of the wireless
network system very vulnerable to interference and modification. Using the risk assessment
matrix, the threats and vulnerabilities of the network set up have been accessed and
documented, Thomson (2012). The following are the top ranked security vulnerabilities, a
very weak WEP encryption is being used during connection and data transfer, an incorrect
antenna type with a high power access point and mixture of network card standards.
Methodology.
The following methods were used to collect and analyse the data according to Morrow
(2012).
In-depth Interviews were conducted with more than 30 employees from the different offices
of the company questioned to comment on the wireless connection set up, express their
objections and failings.
Network exploitation testing: the network was tested using the available exploitation tools to
determine the ability to withstand and prevent external or internal attacks.
Access to secondary sources of data such as the deployment files and documents left behind
by the former IT administrator in the data cabinets.
Direct and participatory observation in the daily activities and practices of the employees
while taking notes on the wireless configuration, hardware, software, security policies and
practices and also asking the employees questions relating to the network use.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Findings.
L
I
K
E
L
I
H
O
O
D.
SEVERITY OF RISK.
ACCEPTABL
E
TOLERABLE UNDESIRABLE INTOLERABLE
UNLIKELY Data loss due to
no backup.
Network and
components
misuse due to
no policies
and
procedures.
Network failure
due to no
designated
router.
Network failure
due to no
network
subnetting.
LIKELY Attack due to
no intrusion
detection
system.
Poor
performance
due to mixed
network
cards.
Network failure
due to high
power gain APs.
Attack due to
broadcasting
SSID.
VERY
LIKELY.
Attack due to
lack of virtual
private
network.
Poor
performance
due to
incompatible
antenna.
Data attack due
to no firewall.
Attack due to
poor data
encryption.
1. Wired Equivalent Privacy encryption.
WEP encryption only provides a level of security for the wireless network similar to that of
the wired network, which is very poor and allows for eavesdropping through packet sniffing,
Song (2014). WEP encryption has the following data vulnerabilities:
I. the encryption engine RC4 was not implemented properly in which the IVs
implementation allows the reuse and repetition of the IVs and therefore the repeated
key can be easily hacked using a typical computer since the 40-bit generated keys
used by the wireless network in the company was flawed.
L
I
K
E
L
I
H
O
O
D.
SEVERITY OF RISK.
ACCEPTABL
E
TOLERABLE UNDESIRABLE INTOLERABLE
UNLIKELY Data loss due to
no backup.
Network and
components
misuse due to
no policies
and
procedures.
Network failure
due to no
designated
router.
Network failure
due to no
network
subnetting.
LIKELY Attack due to
no intrusion
detection
system.
Poor
performance
due to mixed
network
cards.
Network failure
due to high
power gain APs.
Attack due to
broadcasting
SSID.
VERY
LIKELY.
Attack due to
lack of virtual
private
network.
Poor
performance
due to
incompatible
antenna.
Data attack due
to no firewall.
Attack due to
poor data
encryption.
1. Wired Equivalent Privacy encryption.
WEP encryption only provides a level of security for the wireless network similar to that of
the wired network, which is very poor and allows for eavesdropping through packet sniffing,
Song (2014). WEP encryption has the following data vulnerabilities:
I. the encryption engine RC4 was not implemented properly in which the IVs
implementation allows the reuse and repetition of the IVs and therefore the repeated
key can be easily hacked using a typical computer since the 40-bit generated keys
used by the wireless network in the company was flawed.
II. A network vulnerability in the RC4 key generation algorithm is easily exploited by
free exploitation tools such as WEPCrack. The exploitation tool analyses data traffic
transmitted through the network by capturing passive data generated. Since the
company’s offices generated lots of data encrypted using the WEP encryption
technology, the attack takes just a few hours.
Mitigation:
I. Out of the box setting up the network routers and access points to enable embedded
security features such as changing default settings.
II. Use of the latest encryption techniques to secure the Wi-Fi such as WPA and WPA2.
III. Setting the wireless security to enterprise mode, enabling stronger authentication
using log in credentials instead of a password.
2. Incorrect antenna type.
The company is using a mixture of different antenna types with the 16dBi Omni-directional
antenna and 6dBi antenna.
The antenna are two different types. The transmitter antenna has a higher gain than the
receiver antenna and therefore receives very poor signals and hence the process of
communication is significantly flawed, Scarfo (2012, November). The broadcasted SSID, the
network’s name enables the public to view the network under the available network’s
window of their mobile devices and connect to the network. With the poor encryption
technique and strategy plus no firewall enabled, individuals with malicious intents are able to
hack into the network and access the data being transmitted, Ghosh, Gajar & Rai (2013). The
attackers are also able to access the network’s SDN and interfere with the network
communication. The Wi-Fi security is not set to enterprise mode and therefore the personal
mode of security allows the users to use a paraphrase to connect to the wireless network. The
paraphrase is saved in the Wi-Fi settings of the user devices and therefore can be accessed
when the mobile device is stolen or lost or through the social hacking process of acquiring the
password.
free exploitation tools such as WEPCrack. The exploitation tool analyses data traffic
transmitted through the network by capturing passive data generated. Since the
company’s offices generated lots of data encrypted using the WEP encryption
technology, the attack takes just a few hours.
Mitigation:
I. Out of the box setting up the network routers and access points to enable embedded
security features such as changing default settings.
II. Use of the latest encryption techniques to secure the Wi-Fi such as WPA and WPA2.
III. Setting the wireless security to enterprise mode, enabling stronger authentication
using log in credentials instead of a password.
2. Incorrect antenna type.
The company is using a mixture of different antenna types with the 16dBi Omni-directional
antenna and 6dBi antenna.
The antenna are two different types. The transmitter antenna has a higher gain than the
receiver antenna and therefore receives very poor signals and hence the process of
communication is significantly flawed, Scarfo (2012, November). The broadcasted SSID, the
network’s name enables the public to view the network under the available network’s
window of their mobile devices and connect to the network. With the poor encryption
technique and strategy plus no firewall enabled, individuals with malicious intents are able to
hack into the network and access the data being transmitted, Ghosh, Gajar & Rai (2013). The
attackers are also able to access the network’s SDN and interfere with the network
communication. The Wi-Fi security is not set to enterprise mode and therefore the personal
mode of security allows the users to use a paraphrase to connect to the wireless network. The
paraphrase is saved in the Wi-Fi settings of the user devices and therefore can be accessed
when the mobile device is stolen or lost or through the social hacking process of acquiring the
password.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Additionally, the transmitter uses an Omni-directional antenna that sends the signal in the 360
degrees’ plane. The receiver therefore receives very low signals and hence the
communication process breaks. Since the antennas are far from each other, the Omni-
directional antenna is not a proper choice because the signals are not concentrated in one
direction and also will be more affected by angles.
Solutions:
I. Installation of uni-directional antennas that concentrates signals towards a receiver.
II. Use of antennas with equal gains, transmission frequencies and signal strength hence
a smooth communication.
III. Reduce physical interference between the transmitters by reducing walls, people,
shelves and using a direct line of access between the transmitter and the signal
receiver.
3. Enabled SSID.
The company uses a wireless WIFI network that has a broadcasted service set identifier. In
the current network configuration, the access points that are routers advertise the capability
information of the network by sending the network’s beacon frames, Gollakota, & Katabi
(2011, April). The broadcasted SSID, the network’s name enables the public to view the
network under the available network’s window of their mobile devices and connect to the
network. With the poor encryption technique and strategy plus no firewall enabled,
individuals with malicious intents are able to hack into the network and access the data being
transmitted. The attackers are also able to access the network’s SDN and interfere with the
network communication. The Wi-Fi security is not set to enterprise mode and therefore the
personal mode of security allows the users to use a paraphrase to connect to the wireless
network. The paraphrase is saved in the Wi-Fi settings of the user devices and therefore can
be accessed when the mobile device is stolen or lost or through the social hacking process of
acquiring the password.
Solutions:
a) The network SSID broadcast should be disabled so that the authorized users can
connect through the company application instead of the device available network’s
list.
b) Apart from hiding the network’s SSID, the dynamic host configuration protocol
should be disabled to reduce unauthorized access to the network by attackers.
degrees’ plane. The receiver therefore receives very low signals and hence the
communication process breaks. Since the antennas are far from each other, the Omni-
directional antenna is not a proper choice because the signals are not concentrated in one
direction and also will be more affected by angles.
Solutions:
I. Installation of uni-directional antennas that concentrates signals towards a receiver.
II. Use of antennas with equal gains, transmission frequencies and signal strength hence
a smooth communication.
III. Reduce physical interference between the transmitters by reducing walls, people,
shelves and using a direct line of access between the transmitter and the signal
receiver.
3. Enabled SSID.
The company uses a wireless WIFI network that has a broadcasted service set identifier. In
the current network configuration, the access points that are routers advertise the capability
information of the network by sending the network’s beacon frames, Gollakota, & Katabi
(2011, April). The broadcasted SSID, the network’s name enables the public to view the
network under the available network’s window of their mobile devices and connect to the
network. With the poor encryption technique and strategy plus no firewall enabled,
individuals with malicious intents are able to hack into the network and access the data being
transmitted. The attackers are also able to access the network’s SDN and interfere with the
network communication. The Wi-Fi security is not set to enterprise mode and therefore the
personal mode of security allows the users to use a paraphrase to connect to the wireless
network. The paraphrase is saved in the Wi-Fi settings of the user devices and therefore can
be accessed when the mobile device is stolen or lost or through the social hacking process of
acquiring the password.
Solutions:
a) The network SSID broadcast should be disabled so that the authorized users can
connect through the company application instead of the device available network’s
list.
b) Apart from hiding the network’s SSID, the dynamic host configuration protocol
should be disabled to reduce unauthorized access to the network by attackers.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
c) Strictly, the network details can be changed regularly after employee termination to
prevent access using the old details for malicious intentions.
4. Access points with high power gains.
To reduce interference, Wi-Fi systems use the principle of increasing the signals strength by
adding power. Since the offices are environments with very high interference due to the many
access points, the Wi-Fi system is high gain access points to increase the signal strength but
this comes with a disadvantage in that it reduces the directional coverage of the Wi-Fi
system, López & Zhou (2008). Additionally, when the access points run on high power and
high gain, the signal strengths become stronger but the devices such as receivers running on
low signal or low power cannot push any data back to the access point and therefore the
communication fails when the data transfer process fails. In such an unfortunate instance as
in the company offices, the access points keep on transmitting but does not receive back data
frames because the receivers are not powerful enough to send back the frames.
Solutions:
a. Use of access points with very low power outputs and low per gains that matches
other devices connected to the network’s power gains in the ranges of 25-50Mw.
b. Use of low power gain access points to increase the area under coverage in that to
reduce the number of access points within the office geographical area.
5. No firewall nor virtual private network.
The internet is the primary framework from which the Rare Vintage Auto Parts Ltd company
operates. It forms the backbone of the enterprise linking the branch offices, cash machines
and mobile devices together to the corporate. However, the linkage exposes the enterprise to
the outside worlds with malicious individuals and attackers. While security mechanisms such
as an antivirus works, it’s not fool proof and hence not a hundred percent secure. The
network lacks the firewall functionality of authentication and prevent unauthorized users
from remote areas to aces the network since the network is broadcasting its SSID, Bulbul, H.
I., Batmaz, & Ozel, (2008, January). Furthermore, the network is used a public network, not
set to private by a virtual private network software that offers additional security by allowing
prevent access using the old details for malicious intentions.
4. Access points with high power gains.
To reduce interference, Wi-Fi systems use the principle of increasing the signals strength by
adding power. Since the offices are environments with very high interference due to the many
access points, the Wi-Fi system is high gain access points to increase the signal strength but
this comes with a disadvantage in that it reduces the directional coverage of the Wi-Fi
system, López & Zhou (2008). Additionally, when the access points run on high power and
high gain, the signal strengths become stronger but the devices such as receivers running on
low signal or low power cannot push any data back to the access point and therefore the
communication fails when the data transfer process fails. In such an unfortunate instance as
in the company offices, the access points keep on transmitting but does not receive back data
frames because the receivers are not powerful enough to send back the frames.
Solutions:
a. Use of access points with very low power outputs and low per gains that matches
other devices connected to the network’s power gains in the ranges of 25-50Mw.
b. Use of low power gain access points to increase the area under coverage in that to
reduce the number of access points within the office geographical area.
5. No firewall nor virtual private network.
The internet is the primary framework from which the Rare Vintage Auto Parts Ltd company
operates. It forms the backbone of the enterprise linking the branch offices, cash machines
and mobile devices together to the corporate. However, the linkage exposes the enterprise to
the outside worlds with malicious individuals and attackers. While security mechanisms such
as an antivirus works, it’s not fool proof and hence not a hundred percent secure. The
network lacks the firewall functionality of authentication and prevent unauthorized users
from remote areas to aces the network since the network is broadcasting its SSID, Bulbul, H.
I., Batmaz, & Ozel, (2008, January). Furthermore, the network is used a public network, not
set to private by a virtual private network software that offers additional security by allowing
secure encrypted connection between the network and remote users and tunnel the data being
transmitted within the network to protect the data from the man-in-the-middle attacks and
eavesdropping or spoofing.
Solutions:
I. A firewall should be defined at the level between the network and the internet and
should be in several layers to control authentication of devices seeking connection to
the network of the company.
II. Access, intranet and extranet virtual private networks with point to point tunnelling
and layer to forwarding protocols should be created within the network to enable
secure connection s between two different devices within the network seeking
connections and data transfer.
III. Intrusion detection systems should be installed and deployed within the network to
monitor traffic and be able to detect suspicious behaviour, activity and provide
security alerts when malicious activity is detected. Advanced Intrusion Detection
systems are more suitable due to the improved functionality in blocking suspicious
traffic and IP addresses.
IV. For long term solutions, intrusion prevention systems should be installed and
deployed to stop attacks and threats before network administrator involvement and
keep reports and logs of the malicious activities.
6. The network or broadcast domain is not subnet for all the devices.
In this type of network connection where all the connected devices use the same
infrastructure subnet, the traffic on the network becomes slow and reduces the networks
performance. In this network infrastructure operating on the same subnet, a broadcasted data
packet is send to every connected device with an entry point even the devices that do not
need the data packet, Lashkari, Danesh and Samadi ( 2009, August). The spamming of all the
devices on the network reduces the devices’ performance and thus the whole network’s
performance. Since the network operates on a single subnet infrastructure, the network is
highly congested with devices, different IP addresses and hence the processes of network
administration and security are reduced.
Resolutions.:
I. Assign unique identification numbers, IP address to each device that is authenticated
to connect to the network.
transmitted within the network to protect the data from the man-in-the-middle attacks and
eavesdropping or spoofing.
Solutions:
I. A firewall should be defined at the level between the network and the internet and
should be in several layers to control authentication of devices seeking connection to
the network of the company.
II. Access, intranet and extranet virtual private networks with point to point tunnelling
and layer to forwarding protocols should be created within the network to enable
secure connection s between two different devices within the network seeking
connections and data transfer.
III. Intrusion detection systems should be installed and deployed within the network to
monitor traffic and be able to detect suspicious behaviour, activity and provide
security alerts when malicious activity is detected. Advanced Intrusion Detection
systems are more suitable due to the improved functionality in blocking suspicious
traffic and IP addresses.
IV. For long term solutions, intrusion prevention systems should be installed and
deployed to stop attacks and threats before network administrator involvement and
keep reports and logs of the malicious activities.
6. The network or broadcast domain is not subnet for all the devices.
In this type of network connection where all the connected devices use the same
infrastructure subnet, the traffic on the network becomes slow and reduces the networks
performance. In this network infrastructure operating on the same subnet, a broadcasted data
packet is send to every connected device with an entry point even the devices that do not
need the data packet, Lashkari, Danesh and Samadi ( 2009, August). The spamming of all the
devices on the network reduces the devices’ performance and thus the whole network’s
performance. Since the network operates on a single subnet infrastructure, the network is
highly congested with devices, different IP addresses and hence the processes of network
administration and security are reduced.
Resolutions.:
I. Assign unique identification numbers, IP address to each device that is authenticated
to connect to the network.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
II. Divide the network addresses into subnet addresses and subnet masks to identify the
network parts that refer to the host and or the subnet using the 32-bit key.
III. Assign the different connected devices to the different subnet masks created to
increase network performance and reduce network lagging.
7. The company has no written network security policies and procedures.
All business enterprises relying on the network infrastructure should have a well-documented
network policy. The written policies create a required precedence on the use and
administration of the information technology assists. The security policies set ought to be
easy to compose, understand and enforce, Wright, & Cache (2015). The security policies are
meant to protect the network and the computers plus the data generated or being transmitted
within the network channels. The security policy document addresses the specific need of the
enterprise network set such as acceptable use of the computers, control and management of
passwords, emails and storage devices and the risk reduction strategies of remote access,
internet and servers. Additionally, the policy and procedure document contains the response
plan in case of an attack, data loss and or improper use of the network and its components.
Mitigation: the company should formulate policies with strict adherence to the rules, laws
and procedures guiding the usage and maintenance of the wireless network and its
components. The policies should be updated regularly to keep up with the tech updates
directed towards securing the network and adherence by the employees and executives.
Additionally, regular training and security awareness programs should be conducted
concerning the advancements in security protocols and techniques such as malwares,
ransomware and exploitation tools stressing on vigilance.
8. The network had no existing designated router and back up router.
The designated router reduces the network traffic and helps to form a channel source of all
the system updates on the network. Without a designated router, the network topology is not
fully described and the slave-master relationship between the routers is not established hence
the data send within the network is not controlled and therefore the different routers on the
network update each other with data packets and “confusion” arises. In any unfortunate
event that the designated router fails, the back-up router takes over on the roles of the
designated router.
network parts that refer to the host and or the subnet using the 32-bit key.
III. Assign the different connected devices to the different subnet masks created to
increase network performance and reduce network lagging.
7. The company has no written network security policies and procedures.
All business enterprises relying on the network infrastructure should have a well-documented
network policy. The written policies create a required precedence on the use and
administration of the information technology assists. The security policies set ought to be
easy to compose, understand and enforce, Wright, & Cache (2015). The security policies are
meant to protect the network and the computers plus the data generated or being transmitted
within the network channels. The security policy document addresses the specific need of the
enterprise network set such as acceptable use of the computers, control and management of
passwords, emails and storage devices and the risk reduction strategies of remote access,
internet and servers. Additionally, the policy and procedure document contains the response
plan in case of an attack, data loss and or improper use of the network and its components.
Mitigation: the company should formulate policies with strict adherence to the rules, laws
and procedures guiding the usage and maintenance of the wireless network and its
components. The policies should be updated regularly to keep up with the tech updates
directed towards securing the network and adherence by the employees and executives.
Additionally, regular training and security awareness programs should be conducted
concerning the advancements in security protocols and techniques such as malwares,
ransomware and exploitation tools stressing on vigilance.
8. The network had no existing designated router and back up router.
The designated router reduces the network traffic and helps to form a channel source of all
the system updates on the network. Without a designated router, the network topology is not
fully described and the slave-master relationship between the routers is not established hence
the data send within the network is not controlled and therefore the different routers on the
network update each other with data packets and “confusion” arises. In any unfortunate
event that the designated router fails, the back-up router takes over on the roles of the
designated router.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Solution:
i. Use of multi-access networks with a link state advertisements functionality to control
the heavy packet traffic that can be generated within the network.
ii. Identification and selection of the router to be used as the designated router and the
second to act as the back-up router in the OSPF multi-access network. The designated
router should be the router with highest router IP address that configures it on the
network. The designated router would therefore be used to generate network link data
packets instead of every router, thus form a master-slave connection and additionally
utilize the network sync of link-state databases.
9. Mixed network cards standards.
The 802.11b network card and the 802.11g card can be used on the same network together,
however, the performance and the encryption of the latest network card running on 802.11g
will reduce to the level of the b network card to allow the slow performance and WEP
encryption. In the company’s network connection with the different data cards, the network
connection functions but the connections speeds and the data transfer speeds is highly
reduced, Zou, Zhu, Wang, & Hanzo (2016). The mixing of the data cards saved the company
the budget during the project design and deployment however, the long-term benefits are not
met.
Solution:
To provide fast data transfer, improved performance and latest security features, an all
802.11g network should be installed. Even though more expensive, the long-term solution to
poor performance due to the mixed g and b data cards is the expensive upgrade to the g data
card network.
10. No enterprise backup and recovery management program.
To protect the business data against the many ways of data losses such as viruses and
ransomware, server mishaps, accidental or intentional data erasure or modification and
network crash. The data backup is a very important aspect of business project design and
deployment however the short term goals of cutting down the budget overshadow it.
Mitigation.
i. Use of multi-access networks with a link state advertisements functionality to control
the heavy packet traffic that can be generated within the network.
ii. Identification and selection of the router to be used as the designated router and the
second to act as the back-up router in the OSPF multi-access network. The designated
router should be the router with highest router IP address that configures it on the
network. The designated router would therefore be used to generate network link data
packets instead of every router, thus form a master-slave connection and additionally
utilize the network sync of link-state databases.
9. Mixed network cards standards.
The 802.11b network card and the 802.11g card can be used on the same network together,
however, the performance and the encryption of the latest network card running on 802.11g
will reduce to the level of the b network card to allow the slow performance and WEP
encryption. In the company’s network connection with the different data cards, the network
connection functions but the connections speeds and the data transfer speeds is highly
reduced, Zou, Zhu, Wang, & Hanzo (2016). The mixing of the data cards saved the company
the budget during the project design and deployment however, the long-term benefits are not
met.
Solution:
To provide fast data transfer, improved performance and latest security features, an all
802.11g network should be installed. Even though more expensive, the long-term solution to
poor performance due to the mixed g and b data cards is the expensive upgrade to the g data
card network.
10. No enterprise backup and recovery management program.
To protect the business data against the many ways of data losses such as viruses and
ransomware, server mishaps, accidental or intentional data erasure or modification and
network crash. The data backup is a very important aspect of business project design and
deployment however the short term goals of cutting down the budget overshadow it.
Mitigation.
i. Installation of back up programs and use of standalone servers for the storage of
important files such as financial reports, client data and supplies details.
ii. Acquisition of disaster recovery software to aid in the data recovery incise of
accidental or intention data deletion or data losses due to ransomware or malicious
attacks.
iii. Ultimately, to solve the whole problems involved with the network security, the
company should consider subscription to an online cloud computing service
provision. With the small employee population of 150 and a limited IT expertise,
cloud computing would be the best solution in the long run since the hardware
requirements are reduced with the computational, storage and security functions are
provided for by the cloud computing vendor such as Amazon Web Services,
Microsoft Azure or the HP enterprise services cloud-compute.
Appropriate counter-measures:
1. Purchase and deployment of Checkpoints’ 730 unified threat management appliance.
To provide convenient networking and security features, the Rare Vintage Auto Parts Ltd
business enterprise should consider purchase Checkpoint 730 hardware appliances UTMs
with virtual software security features.
Considering the features, firewall throughput and additional services, Checkpoint Unified
Threat management system is suggested for the management of the networking and security
requirements of the Rare Vintage Auto Parts Ltd.
The following are the notable features:
i. Firewall, Virtual private network, Application control, Intrusion prevention system,
URL filtering, Anti-spam and Email security.
ii. Firewall throughput of 3Gbps and supports and unlimited number of concurrent users.
iii. Checkpoint 730 is ready out of the box with an upgradable module with a price of
iv. $5662.00 inclusive of all checkpoint appliances.
2. Amazon web service Software as a service yearly subscription $17255.00.
The cloud based computing offers an added advantage for the Rare Vintage Auto Parts Ltd
since the company will not have to incur the additional costs of purchasing on premise server
important files such as financial reports, client data and supplies details.
ii. Acquisition of disaster recovery software to aid in the data recovery incise of
accidental or intention data deletion or data losses due to ransomware or malicious
attacks.
iii. Ultimately, to solve the whole problems involved with the network security, the
company should consider subscription to an online cloud computing service
provision. With the small employee population of 150 and a limited IT expertise,
cloud computing would be the best solution in the long run since the hardware
requirements are reduced with the computational, storage and security functions are
provided for by the cloud computing vendor such as Amazon Web Services,
Microsoft Azure or the HP enterprise services cloud-compute.
Appropriate counter-measures:
1. Purchase and deployment of Checkpoints’ 730 unified threat management appliance.
To provide convenient networking and security features, the Rare Vintage Auto Parts Ltd
business enterprise should consider purchase Checkpoint 730 hardware appliances UTMs
with virtual software security features.
Considering the features, firewall throughput and additional services, Checkpoint Unified
Threat management system is suggested for the management of the networking and security
requirements of the Rare Vintage Auto Parts Ltd.
The following are the notable features:
i. Firewall, Virtual private network, Application control, Intrusion prevention system,
URL filtering, Anti-spam and Email security.
ii. Firewall throughput of 3Gbps and supports and unlimited number of concurrent users.
iii. Checkpoint 730 is ready out of the box with an upgradable module with a price of
iv. $5662.00 inclusive of all checkpoint appliances.
2. Amazon web service Software as a service yearly subscription $17255.00.
The cloud based computing offers an added advantage for the Rare Vintage Auto Parts Ltd
since the company will not have to incur the additional costs of purchasing on premise server
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 17
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.