Wednesday, May 6, 2020
Security Concerns and Policy Enforcement Patrician LLC
Question: Describe about the Security Concerns and Policy Enforcement for Patrician LLC. Answer: Scenario: Patrician LLC is working on developing wireless transmission technology. Now the company wants to transfer headquarter and operational unit to Tucson, Arizona and wants to shift in the new building in Cheyenne, Wyoming. The research and development department of Patrician LLC is working on secure microburst technology. The team members are not living in the Cheyenne, Wyoming. The company is located in two buildings of three floors. The design of the network connection has to be created to maintain the proper connection of 32 mbps throughput between the two buildings. The data-centre should be placed on the third floor in the connection of 100 computers. The company is divided into four major sub-divisions which are named as headquarters or administration, sales or customer support, research and development, and information technology. The members of the research and development who are not residing in the city can also be able to connect to the primary data centre. The network design should take file server, external sales server, corporate web servers, database web servers should be taken into consideration. In this paper, we will recommend the solution to convert the system into wireless a. Topology of the network: Topology of the VPN setup: Hardware Support for the network: Transmission Media: Twisted pair cable and fiber optic cable is used for network connection Repeaters: Repeaters works by receiving the electronic signals. The next step is to clean the signal and retransmit the signal to the higher level. Hub: The multiple devices in the network are connected by using the Hub with the help of the cable. Switches: Different devices are connected to switch by using the ports. Bridges: Bridges divide the network into parts to manage the traffic which helps in controlling the congestion. Routers: The communication device which is used to connect two different networks is known as Routers. The routers work by distributing the incoming data to its destination. Wireless routers are used for providing: wireless connection. Gateway: The interface which uses different protocols to connect the network is known as gateway. Modem: The modulation and demodulation of the signal is carried out by Modem. a. Cabling Details: The medium is required for communication between devices. The medium is classified as metallic wires within cables, fiber optic cable, and wireless transmission. The topology diagram gives the detail of cabling where it is needed in the proposed network. Physical Topology: The physical topology diagram gives the clear perspective view of the physical location of the ports, intermediary devices, and installation of the cable. The actual cabling and transmission of data is represented though the physical topology. It represents the physical layout of the network. Logical Topology: The logical topology gives the detail view of devices, IP address scheme and ports. Logical topology gives the detail view of communication between the devices placed on the computer network. This topology also comprised of the network protocols which gives the clear perspective view of movement or flow of the data. Type of Connection for 32 Mbps connection Wired local area network is completely replaced by the wireless technology. The wireless radio frequency communication helps in connecting the research and development department of Patrician LLC with headquarter for exchanging relevant information. For the success of the project, the reliability should be maintained main database of the office. Wireless sensor technologies are should be applied within the firm to provide reliable connection with the main stream of the organization of Patrician LLC. The Proposed solution is based on the principles of outdoor wireless networking technologies. It helps in providing links to the research department members with the primary data centre of the organization which is located in Cheyenne, Wyoming. It helps in providing the 32 mbps of the throughput and the data can be exchanged faster between the nodes. The staff of the main office can share resources among themselves. It is better than the traditional network because it provide connectivity with the members who are sited at a distance from the main office. For providing connection between two buildings which are 1000 miles apart involves the placement of bridges, access point, routers, and integrated directional antennas. Wiring Closet The main office and the research and development department are connected wirelessly. The implementation of the wireless networking involves the placement of bridges, access point, routers, and integrated directional antennas. Every nodes should have relevant distance between them With the help of signal strength detector, the optimal position of the wireless devices can be measured. The placement of the robotic cameras which have the capability of TCP/IP should be placed on the top of wireless devices to align the direction of the antennas. The equipments which are needed to connect the two buildings are Alarm system, Ethernet router, patch panels, and wireless access points. These equipments are placed at the top of the building. There will be one wiring closet on each floor of the building. Wireless Technologies: The proposed solution to Patrician LLC problem of converting the system into wireless technology is IEEE wireless radio frequency communication standard. It provides communication between the nodes even if they are widely spread. The signal can be forwarded in multiples of time to provide similar information to every site. Every node is capable of sending and receiving signals. This solution helps in overcoming the physical constraints which comes in the exchanging of message over the network. VPN Setup for the servers: Remote access VPN: This helps in connecting user with the corporate private network. The encrypted connections are maintained between the users and the private network. Intranet VPN: The connection between the branch offices can be implemented by intranet VPN. This makes possible LAN to LAN connection into single network. Extranet VPN: This will provide connection between research and development department with the primary data centre. Logical security Measures: Internet Protocol Security: IPSec helps in securing the transfer of information between the layers of OSI. It provides the facility of authentication, integrity of data, and encryption services for modifying the data. Authentication header and encapsulated security payload are the part of the security mechanism of IPSec. The purpose of the authentication header protocol is to provide authentication of the source and IP packet integrity. The header of the authentication header protocol contains the information such as hash value of the data and sequence number. Encapsulated security payloads provide confidentiality to data, data privacy, authentication to the source and communication between the peers. Symmetric encryption algorithms are used for providing data privacy in encapsulated security payload. Point to point tunneling protocol: It is used by the remote user to access the virtual private network of the organization. The PPP session is maintained by using the non TCP/IP protocol. The PPTP uses protocols named as extensible authentication protocol, Handshake authentication protocol, password authentication protocol, and point to point encryption protocol. Layer 2 tunneling protocol: L2TP is used for encapsulating the point to point protocol. It is used for sending of the frame over the network. By using this protocol, one tunnel is capable of multiple connections. Security measures to stop attackers: Hackers keep an eye on the client machine to take the control of the machine. The Man in the middle is focused on changing the information sent between the communicating devices. The firewalls should be used to strengthen the VPN connection. The intrusion detection and prevention system should be recommended to increase the efficiency of monitoring the system. Installation and updating of anti-virus should be done periodically. Without authentication VPN connection should not be established. Digital certification support should be provided for authentication into virtual private network. Transport layer security and secure socket layer are the cryptographic protocols which are used for providing security to the communication and data transfer on the internet. For ensuring the security to the transmission of data, Leak detection and prevention, information leak prevention, and content monitoring and filtering are used. The attack of virus can be stopped by installing the antivirus pro gram on each computer system, use of firewalls, isolation from the affected drives, scanning of the system regularly, and updating of the virus definition. Penetration testing can be used to find the vulnerabilities. It should be used regularly for internal and external audits. Physical Security VPN hub and Spoke topology: In this topology VPN routers are known as spokes which communicate securely with the primary data centre of the organization. A secured tunnel is maintained between spoke and the hub. In the case study of patrician LLC, the four departments are connected to the primary data centre so the VPN tunnel should be maintained between the departments and the data centre. By using this topology, the staff member can access the primary data center of the main office. VPN Mesh topology: The communication can be securely carried out by using the VPN router among the different nodes. The signal can be forwarded in multiples of time to provide similar information to every site. The VPN mesh topology is relevant for connecting four different departments of the organization. The company is divided into four major sub-divisions which are named as headquarters or administration, sales or customer support, research and development, and information technology. Three VPN tunnels will be used for securing the communication between different sites. Direct transmission of the data can takes place between any two communication sites. Connection of Remote user: Access Point: The device which is used to link the wired LAN with wireless network is known as Access point. PC card: The laptop user can connect to the wireless network by making use of PC card. PCI adapter: The desktop user can connect to the wireless network by making use of PCI adapter. It provides communication between the nodes even if they are widely spread. The signal can be forwarded in multiples of time to provide similar information to every site. Every node is capable of sending and receiving signals. Verification of the security measures: In the initial phase, the compatibility of the resources is checked in the wired or wireless network. The next phase focuses on the limit of the equipments with respect to the distance and time. The final phase works in testing the bandwidth in different climatic condition. Justification: Virtual Private Network is the secure mechanism for connectivity between different LANs and remote users. IPSec and PPTP protocols are used for securing the network. This paper focus on the secured communication which takes place between different departments of Patrician LLC and remote site which is named research and development department. The connection between the branch offices can be implemented by intranet VPN. This makes possible LAN to LAN connection into single network. The communication can be securely carried out by using the VPN router among the different nodes. The signal can be forwarded in multiples of time to provide similar information to every site. The wireless transmission technology provides flexibility to the networking of the nodes. The result of the proposed solution helps in monitoring the traffic over the network, security, reduction in the interference, and integration of the data. The proposed solution to Patrician LLC problem of converting the system in to wireless technology is IEEE wireless radio frequency communication standard. It provides communication between the nodes even if they are widely spread. References: Stines, M. (2014). Remote Access VPN - Security Concerns and Policy Enforcement (1st ed.). Retrieved from https://www.sans.org/reading-room/whitepapers/vpns/remote-access-vpn-security-concerns-policy-enforcement-881 Michael, A. (2013). Connecting Remote Offices by Setting Up VPN Tunnels (1st ed.). Retrieved from https://www.cisco.com/c/dam/en/us/td/docs/routers/csbr/app_notes/rv0xx_g2gvpn_an_OL-26286.pdf Cader, Y. (2008). VPN SECURITY (1st ed.). Retrieved from https://www.infosec.gov.hk/english/technical/files/vpn.pdf Brilakis, I. (2007). Long distance wireless networking for site office data communication (1st ed.). Retrieved from https://www.itcon.org/data/works/att/2007_9.content.07653.pdf Singh, A. (2014). Research Issues a nd Challenges of Wireless Networks A (1st ed.). Retrieved from https://www.ijarcsse.com/docs/papers/Volume_4/2_February2014/V4I2-0175.pdf Abhinaya, V. (2014). Case Study on Comparison o f Wireless Technologies in Industrial Applications (1st ed.). Retrieved from https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.428.9307rep=rep1type=pdf Shourbaji, I. (2012). An Overview of Wireless Local Area Networks (1st ed.). Retrieved from https://arxiv.org/ftp/arxiv/papers/1303/1303.1882.pdf Bisht, N. (2015). Analytical study of different network topologies (1st ed.). Retrieved from https://www.irjet.net/archives/V2/i1/Irjet-v2i120.pdf
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.