Description
Discussion one: Due Jul/ 08
Prior to beginning work on this discussion, read Chapters 2, 6, and 8 in the textbook.
In the past, most network engineers would place a firewall at the perimeter of the network to protect the intranet. Today, the perimeters of networks have become more complex and firewalls have to be strategically placed to protect the digital assets of the organization. Data no longer consists of text documents. It has converged to include video, voice, and text. Malware can be embedded in any type of file, and once it is on the intranet, it can jeopardize the network, impact services, and reduce productivity.
In this discussion, you will address a business problem related to intranet security. For your initial post, you will assess 10 business-critical servers that need to send and accept traffic from the Internet and determine where on the network they should be put. Your organization has a network segmented into two subnets, both of which have a firewall. Subnet One is the Intranet and it connects to Subnet Two using a router. Subnet Two connects to the Internet via a border router. Consider the risks associated with a presence on the Internet, and examine the firewall architecture in order to determine the best placement for each critical server. Explain where you would place each of the critical servers listed below on the network, providing a rationale for your choices. Be sure to include information on how the chosen locations will secure the essential business services provided by each critical server.
Critical Servers
- Web server with home portal
- Customer database server
- Mail server
- Chat server
- Intrusion detection system
- Customer registration server
- Server with marketing campaign material for the organization
- Intranet website
- VPN server
- Mail archive server
Your initial post should be a minimum 300 words long.
Discussion 2: Due Jul/ 08
Almost all of us have some type of Ethernet network at home. Usually, the Internet service provider (ISP) installs a gateway to the Internet at your house, and your network connects to the gateway using a home router. The TCP/IP stack of your intranet computers are configured to use the ISP router as a gateway to the Internet. Many of us also use Wireless Ethernet (IEEE 802.11 standard) to connect to the Internet. .
For this interactive assignment, assess your current home network. (If you do not currently have a home network, you may consider your work network for this assessment.) In a separate document, create a diagram that illustrates your intranet setup and your Internet connection. Consider the potential vulnerabilities of your current network setup as well as your digital resources. Create a second diagram in your document that illustrates an ideal network, including firewall(s) and other controls that would protect your digital resources against hackers. Attach your completed diagram document to your initial post. Within the initial post, explain how the design of the network best suits your needs and typical usage. Additionally, explain how your planned firewall architecture provides better security than your current network setup.
Assignment: Due Jul/12
Prior to beginning work on this assignment, please read Chapters 2, 6, and 8 in the textbook.
Our data infrastructure is constantly being attacked by hackers. Network administrators are being challenged on a daily basis to defend their intranet and other systems on the Internet. As a network administrator for Andrew’s Biometrics Corp (ABC), you face the following problem.
ABC has a series of load balanced Web servers that provide information about the organization, advertise products, process online orders, and allow customers to make payments. These systems need to be protected from denial-of-service attacks. There are many types of firewalls on the market today. Legacy firewalls tend to filter packets based on protocol types or IP addresses. Most recent firewalls can function on top of the application layer of the TCP/IP model and filter packets-based content.
Research a minimum of two industry resources (e.g., National Institute for Standards & Technology [NIST], Institute of Electrical and Electronic Engineers [IEEE], Internet Engineering Task Force [IETF], etc.) on this topic. (Access the MISM Credible Resource Guide (Links to an external site.) for assistance with finding appropriate credible professional resources.) Using the concept of a Demilitarized Zone (DMZ) and relevant diagrams, explain the design of your network and how you would segment it. Examine various firewall types and select the appropriate firewall to best protect the computing infrastructure of ABC. It is critical to manage the traffic in and out from the Internet and protect the internal digital resources, including customer data. Access your virtual lab environment and create a diagram using Visio to visually represent the proposed firewall layout. Include the diagram as an image within your document. (The Visio diagram may be included in your assignment by means of a screenshot pasted into your document prior to submission. Assistance with capturing a screenshot of your Visio may be found at Take-a-screenshot.org (Links to an external site.).)
The Firewall and Filtering paper
- Must be 600-900 words (two to three double-spaced pages) in length (not including title and references pages) and formatted according to APA style as outlined in the Writing Center (Links to an external site.).
Explanation & Answer
View attached explanation and answer. Let me know if you have any questions.
1
Positioning Servers
Student's Name
Institutional Affiliation
Course
Date
2
Positioning Servers
Technological advancements have led to exponential data growth. As organizations adopt
big data, concerns of security have developed. Despite firewalls being used to protect company
data, they have posed vulnerability threats that attackers exploit. As a result, it becomes
fundamental for companies to understand where these firewalls can be placed to safeguard
organizational digital assets. This paper deals with ten critical servers, where they should be
placed, and the reasons for the chosen positions.
Web Server with home portal
As indicated, subnet two is connected to the internet using a border router. The internet
contains the World Wide Web. Web Servers use HTTP (Hypertext Transfer Protocol) to service
client requests. Therefore, Web Servers could be prone to attacks such as malicious bugs. This
would alter its function of displaying web content. As a result, it can be placed in subnet one, the
organization's internal network. This flees it from any malicious data traffic from attackers on the
internet.
Customer database server
The customer database server keeps customer data in a central location. Therefore, any
loopholes in network security would mean the loss of sensitive customer data. Zaeem et al. (2017)
argue that attackers could use confidential information in identity theft. Therefore, the database
server should be placed together with a web application firewall. The web application firewall
averts threats such as SQL injection that could be used to delete data by attackers from the
database.
Mail Server
3
The mail server is responsible for receiving and sending emails using standard email
protocols. This means that it could be a target from attackers who send malicious email links to
users. Upon clicking these links, the users are asked to provide sensitive data without their
awareness. Therefore, the firewalls should be enabled for these critical servers. Placing them in
the network blocks spam, viruses, phishing, and other potential attacks.
Chat Server
This dedicated server is developed to maintain and handle chatting with its users (Singh et
al., 2019). It keeps maps on connections belonging to each user. The...