Network addressing and security
Technical requirements
There is need to subnet the existing network using a 192.168.3.0 network and it will involve 8 subnets and 25 hosts on each subnet.
Proposed subnet
Subnet | Network Address | Host Address Range | Broadcast Address |
Subnet Mask: 255.255.255.0 | |||
Classroom 1 (First Floor) | 192.168.3.0 | 192.168.3.1 – 192.168.3.30 | 192.168.3.31 |
Classroom 2 (First Floor) | 192.168.3. 32 | 192.168.3.33 – 192.168.3.62 | 192.168.3.63 |
Classroom 1 (Second Floor) | 192.168.3. 64 | 192.168.3.65 – 192.168.3.94 | 192.168.3.95 |
Classroom2 (Second Floor) | 192.168.3.96 | 192.168.3.97 – 192.168.3.126 | 192.168.3.127 |
Admissions (Second Floor) | 192.168.3.128 | 192.168.3.129 – 192.168.3.158 | 192.168.3.159 |
Student Computer Lab | 192.168.3.160 | 192.168.3.161 – 192.168.3.190 | 192.168.3.191 |
Library | 192.168.3.192 | 192.168.3.193 – 192.168.3.222 | 192.168.3.223 |
Wi-Fi Network | 192.168.3.224 | 192.168.3.225 – 192.168.3.254 | 192.168.3.255 |
Firewall implementation
Technical requirements
There is a need to determine whether the information on the network should be allowed to proceed or not and to go ahead to find out if the various solutions when it comes to securing the data. Moreover, there are needs to define the security requirements in detail before settling on a solution. Don't use plagiarised sources.Get your custom essay just from $11/page
Proposed network security hardware
The firewall is will ensure that the network is secure by analyzing the data that passes back and forth in the network and it goes ahead to determine whether the information should be allowed to proceed [3]. This helps in finding a firewall solution that meets the campus needs in terms of network security. Firewalls are a good security mechanism used to protect networks from intruders. The firewall should also prevent unwanted network traffic from the applications involved. Moreover, there is a need for researching the solutions that match the specified needs. This is later followed by installation, configuration, and maintenance of the firewall.
Some of the proposed firewalls are ;
- Packet fillers; these conduct a check on the data packets coming brought the router [3].
- Circuit level gateways; this firewall is meant to verify the transmission control protocol(TCP) handshake[3].
- Proxy firewalls (application level gateways); these firewalls provide proxies for certain applications.
The network will make use of a host-based intrusion detection system to monitor important operating system files [1].
Justification
A host-based firewall has the following advantages;
- They are able to collect audit trails.
- Host-based solutions can develop an understanding of user behavior which will enable it to fight user attacks.
- They are effective against removable media
DMZ implementation
DMZ which stands for, a demilitarized zone is a buffer between the internet and an organization’s internal network. A DMZ will be implemented by placing it behind a firewall [1].
Justification
It isolates part of the network from the rest for the purpose of public use.
Physical security measures
Physical security measures that can be employed include the use of CCTV cameras. This will guard against intrusion.
Justification
This is effective since it is possible to keep track of the various users of the network. It makes it easy to identify an intruder and take necessary action against the person.
Additional security measures
Additional security measures that can be implemented include; use of strong passwords which are important online security. Introducing a multi-factor authentication to guard against social engineering attacks to the network [5]. The system can also be constantly monitored for intrusion. If a potential security breach is detected, then an alarm is generated. It is also important to ensure the network is encrypted using the proxy firewalls [5].
Justification
This method will help safeguard the system against social engineering attacks such as phishing emails [2]. This will prevent emails from getting intercepted in transit, making it harder to target the system.
This affirms confidence that the UMUC is secure and will not be liable from the problems arising from the personal use of devices in the two buildings.
References
[1]Ostfeld, A., & Salomons, E. (2008). Sensor network design proposal for the battle of the water sensor networks (BWSN). In Water Distribution Systems Analysis Symposium 2006 (pp. 1-16).
[2]Bao, S. D., & Zhang, Y. T. (2006, April). A design proposal of security architecture for medical body sensor networks. In Wearable and Implantable Body Sensor Networks, 2006. BSN 2006. International Workshop on (pp. 4-pp). IEEE.
[3]Coskun, S., Ozgur, L., Polat, O., & Gungor, A. (2016). A model proposal for green supply chain network design based on consumer segmentation. Journal of Cleaner Production, 110, 149-157.
[4]Guihaire, V., & Hao, J. K. (2008). Transit network design and scheduling: A global review. Transportation Research Part A: Policy and Practice, 42(10), 1251-1273.
[5]Fielding, R. T., & Taylor, R. N. (2000). Architectural styles and the design of network-based software architectures (Vol. 7). Doctoral dissertation: University of California, Irvine.