Monday, December 9, 2019
Write an Essay about Network Security Evaluate And Review
Question: Identifying network assets and estimate their value. Identifying organisation assets and how there are associated with network assets. Identifying possible threats and vulnerabilities. Estimating the probability (i.e. risk) of each threat exploiting a vulnerability. Determining the security measures that can be taken against each vulnerability and threat. Developing a cost benefit analysis focusing on the balance between the required costs to increase security and the value added to the network. Proposing a series of procedures that will increase the current security of the network. Introducing a policy that must be adhered to by network users. Answer: Introduction This report aims to evaluate and review the current security plan of the mentioned company and also to develop a new plan with wide technology in order to increase communication overseas. There is a company named as party Accessories Ltd. (PAL) which transacts in the wholesale buying, and selling, of conventional and specialised party accessories, including food, beverages, props, decorations, and bespoke accessories according to the customers requirements, including those that are cross-cultural in nature. PAL is currently using LAN to communicate with its employees regarding stock planning, distribution and support but due to its increasing revenue and business overseas PAL wants to change its network security plan from LAN to WAN. In this report we are going to review its current LAN which is based on a security design which is consistent with the current context in which the company operates and PCs connected to it and going to develop a plan to maintain its security in future when it will be extended into a WAN. (a) Evaluate how the companys current LAN is kept secure. PALs Current LAN Security The following steps had been taken in order to ensure the securities of current LAN for the company PAL. Source:Cisco, 2015, Network Security, Available: https://www.isoc.org Wireless Access Points have been encrypted This step has been taken to secure all the sensitive information to be recorded by any unethical user. If wireless network are wide open any trained user could gather all the traffic on the website and perhaps record it. Many times it has been reported that people mess with MAC addresses. Thus to stop all this the company is using WAP2 encryption. WAP2 is extreme enhanced encryption technique (Adeyinka 2015). SSID Hidden PAL is having its obscure IDs i.e. rather than using real information names like party accessories or foods beverages it uses innocuous like router 1 or wireless that makes the data hidden and unknown to unethical person (Adeyinka 2015). Web Server has been put on DMZ PAL does not have its own local web server because it was a big sinkhole to the security of the sensitive information on web. So PAL has used a router with DMZ (Adeyinka 2015). Regularly Scanned for Exploits PAL is using Qualys.com to regularly check for any exploitation against its web server. Also domain registry is regularly checked and passwords are usually revised within 3 months. Web Content is not updated using FTP or any other insecure method so passwords cannot be directly accessed (Avolio 2013). Using VPN To access the LAN on webserver PAL uses SoniWall VPN. Regular off Site Back Ups PAL makes sure that it maintains multiple copies of the business data which is related to the key customer. PAL use to store information in more secured devices such as it burn DVDs and keeps it safe. Also it uses eVault, an online storage vendor, which ensures safety of data in case of fire tec (Avolio 2013). Operation Security The network's operations are quite often mapped against the organisation's operations and therefore it is necessary to establish a secure environment for the network that will guarantee minimum disruption for the organisation. This point has been kept in mind while designing security. User security A network is as secure as its users allow it to be. This means that unless there are some measures in place to ensure that the users are properly trained, have the appropriate background and follow policies, it is likely to affect the network's stability. This domain is concerned with the introduction of the necessary procedures that will guarantee that the users of a network and the organisation's personnel in general are not adversely affecting the network's security. System security Networks include significant numbers of computer systems that are used as access points to the network's resources and transmitted information. This domain is concerned with a number of issues relating to the enhancement of security at system level with steps such as controlling user access, authenticating users, assigning privileges, ensuring file integrity, backing up of data, process monitoring, maintaining log files, etc. Infrastructure security The network's infrastructure has also been protected by introducing the proper tools and establishing adequate security mechanisms. This domain is concerned with the use of firewalls, server security, securing network transmissions, preventing and detecting intrusions. (b) Discuss the potential impact of the proposed WAN network design. Potential Impact of Proposed WAN There are always several risks that are associated with every Network Security plan whether it is LAN, WAN or any other technique. All the different types of risks involved or if attacked then have their significant impact on the organization both in commercial environment and the social environment. While changing connection from LAN to WAN the trust of its users i.e. organizations employees and customers could be affected for a number of reasons. Data Credibility Using large network in place of LAN could result in unauthorized access of data. Also the original data could be tampered. In case the customers are giving their credit card details etc. the lack of trust is understandable. Their business information could even be revealed to other competitors (Adeyinka 2015). Personal Trust It is entirely intriguing to examine how the strategy is seen by the system clients. An essential idea is close to home trust as it influences the way people are utilizing the system. There are two sides in individual trust. On one hand, clients must be sure that they can take after the strategy and use system assets in a successful and secure way. Then again the association must be equipped for believing its clients and representatives, implying that it is exceedingly far-fetched for human blunder to be the cause or a security break (Avolio 2013). Commercial trust The part of trust is important for the way the association is seen by its stockholders. The association must convince all clients that it is fit for securing its system and that it considers security important. A trusted association is one that puts resources into its security approach to upgrade the system security and set up a typical objective towards fulfilling security prerequisites. Specialized trust A third point of view identifies with the innovation used to set up a safe system. Trust in the innovation depends not just on the ability of procedures, devices and instruments to enduredangers but on the defence of decision made. It is imperative to settle on the right choices taking into account an unmistakable method of reasoning with regards to select the most suitable innovation to convey for the system's security (Avolio 2013). Law enforcement involvement It is quite likely for the organisation to be liable according to a number of acts (e.g. Data Protection Act) and other legislation that governs the way information is handled. In the event of an attack the organisation is responsible for the impact on information held and transmitted as it should have in place the necessary security measures. Technical trust A third perspective of trust relates to the technology used to establish a secure network. Confidence in the technology used depends not only on the capability of techniques, tools and mechanisms to withstand threats but also on the justification of choice made. It is important to make the right decisions based on a clear rationale when it comes to selecting the most suitable technology to deploy for the network's security. A security policy is likely to document the procedure that must be followed before such decisions are made. Access to systems The way computer systems and network hosts are accessed should be discussed in detail in the network security policy. It is necessary for users to be aware of their responsibilities as well as common threats that may become real if they neglect their duties. Accessing systems may involve specific procedures that must be followed such as authentication, or even the establishment of a routine when using network systems. For example setting up passwords of certain difficulty, updating access details, logging out after using a host, etc. (c) Discuss the current and common threats to network security and their impact. Source: eTutorials, 2015, Security Threats, Available: https://etutorials.org/Networking/wn/Chapter+8.+Wireless+Network+Security+Protecting+Information+Resources/Security+Threats/ Threats An organizations network is vulnerable to many threats;PAL is currently connected through LAN topology and the threats which can possibly occur during this topology are Firewalls may not be fully configured Firewalls are a staple of the system security diet. In a decent system outline, a venture ought to ensure its frameworks with both system and host firewalls. In any case, very frequently those firewalls are not legitimately arranged and may even be incapacitated for "transitory" testing that never is by all accounts wrapped up. Authentication of Network Users may fail There are no proper authentication techniques in LAN topology which can identify that, whether the user on the network is authorized or legal or not. Wireless Encryption Techniques are weak WEP technique is fundamentally weak and flawed and is not a best method to be relied upon to secure a wireless network.` Threats Impact There are a number of concerns that relates to the impact of threats on productivity. Failing to properly configure firewalls creates a foothold for the exploitation of other vulnerabilities. System Failure Chances are there that some parts of the network may stop working after attack, or their performance might be reduced. Even the system can fail. At times recovery could take longer time and by the time Company has to operate at low levels. Individuals or entire departments could be affected(Addison 2014). Data Loss Data is often the important target during an attack. If online data has been hacked it could still be handled but if database is attacked disruption could be much time consuming. The main concern is if accuracy has been tampered, it would be very difficult to identify the part of data being tampered. Loss of Goodwill Customers may lose trust in the organization and indirectly it will result in reduced customer and business. (a) Discuss the design considerations and how the new network security solution can be designed and evaluated. Design Considerations and their Evaluation To design a new network security solution we have segmented the tasks which have to be addressed at both technical and operational level. The main considerations that have to be used are as follows: Use of WPA2 The network of PAL will be secured using WAP2 which provides a security certification program. WAP2 protocol uses encryption ley technique to secure wireless access points (Addison 2014). Trunk Design The bandwidth for PAL will be designed considering users need along with security threats considerations to ensure that communication is not affected when channel is used by multiple users (Addison 2014). No Network Loops It ensures that STP has not created any loop hole. Use of STP means that cheapest route has been identified in the direction of the node from the trees root bridge. Other routed have been blocked so the traffic will follow desired path (Adeyinka 2015). MAC not used as it can be easily spoofed as they are not encrypted. Use of TCP/IP protocol In this an IP address is allotted to every node that it could use for a specific amount of time. ARP takes the IP address from node and translated it to its physical address (Gary and Greg 2007). Using LSS LAN segmentation segregation will be used to differentiate different types of users which will provide added security. Using Route Maps Route Maps will be maintained for PAL as it will notify if there is any traffic out of control and should be acted upon. (b)Discuss the methods used to design the new network security solution and produce a specification of the technologies to be used in the design. Methods and Their Specification to design network security plan for PAL The techniques which have been designed to secure PAL network and their specification is as follows Using Passwords Every account will be secured using a password and to avoid easy passwords which could be guessed using social engineering it would be mandatory to use some special character in the password. Also users will be asked to change their passwords frequently, within 6-8 months. To ensure this that users change their password regularly there will be a set minimum and maximum age of the password after which old password will no longer be valid (Gary and Greg 2007). Encrypting messages Cryptographic machines will be used for encrypting messages on the network. There are two types of these encrypting algorithms available. The algorithms that will be used for PAL are as follows; Symmetric key algorithms - these calculations depends on the utilization of the same key for both scrambling and decoding the message. These techniques are alluded to as private key encryption as the key utilized must stay private (Gary and Greg 2007). There are a few symmetric key calculations, including Data Encryption Standard A 56 bit key is used in this algorithm. Fixed length is vulnerable to an attack. AES It could use different bit sizes as 128, 192 or 256. And thus making it very difficult for an attacker to hack the key. Asymmetric Key Algorithm - these calculations depend on the utilization of a coordinated pair of keys to encode and disentangle the message. These strategies are called open key (or open/private key) encryption as one of the coordinated pair of keys is freely known. The additional key is set aside privately The key algorithm which has been used for PAL is Digital Signature Standard that uses a four part public and private key (Gary and Greg 2007). (c)Produce an actual network security policy Network Security Policy of PAL Different Companies have different needs but security policies are more or less same for all (Gary and Greg 2007). The need of a security policy for PAL is to access where the companys security stands. Also determine the roles and responsibilities of different users (Addison 2014). Structure of security Policy The existing structure of PALs security policy has been kept in mind while designing new policy. The new structure is as follows: To identify the sponsors of the company and all those who will be affected by the policy. To identify the actions that has been permitted for systems assets. To identify current technology in use and steps taken to ensure security of users data. To identify what actions should be permitted to authenticated users in the campus area to use the network resource. To identify the measures that will be acted upon in case security has been attacked. Security Concerns of PAL The network administrator of PAL will be responsible for the maintenance of steady operations in the network even if there is an attack. Physical structure and environment will be looked after by the security officer. Hardware issues will be handled by the IT support officer. Issues that are related to user groups, access resources and responsibilities will be handled by user group administrators. Security Breach incident reporting and necessary procedure after that will be followed by incident response officer. The effect of policy applied will be measured by the human resource officer. Phases in handling Security Incident To determine the reason why incident occurred To ensure incidents those are similar are debilitated. To reduce the impact of occurrence. Access the harm to the system. To deal with the actions to recover the system. (a)Discuss the network security implementation considerations and clearly show how these follow from the network security design. Network Security Implementation Considerations When it is required to commit information security while introducing it into a network, some considerations must be kept in mind while performing. PAL has considered following concepts while implementing its network design. Confidentiality All the PALs confidential information and data has been kept personal and can only be accessed by the authorized users. To keep it confidential information has been stored in form of data packets. To ensure that the data is safe and only being accessed by the authorized user it carefully checks Users authentication and identity Appropriate system host configuration Keys has been properly encrypted Networks component have proper configuration Integrity In addition to unauthorized access, illegal modifications and alterations to PALs data is also a big threat. Hence integrity is the important factor of design. To integrate the information PAL has established a system that consists of distinct user groups and privileges that result in vigorous monitoring as well as controlled facility. Availability The availability of information at all time is must otherwise it could affect PALs operations severely. The measures which are taken could only ensure to prevent attacks but it could not guarantee it. Also a backup system by capturing images of the data has been implemented in order to recover from failure without much disruption. Along with this PAL has used redundant systems and segmentation of network techniques so that data could be retrieved in no time and operations are healthy. Accountability This is the important concept while considering network security as it identifies which user is accountable for which task. The technique used for this is Authentication and Identification mechanism that not only checks the identity of user who is performing some action but also authenticates whether the user is same person or not who it claims to be (Gary and Greg 2007). The several mechanisms used for this are password implementation, providing access cards to the users, fingerprint reader. Network Risk Management To implement the network security designs so that all the considerations are achieved following measures have been taken. Source: https://www.technologysecurity.org User Authentication and Encryption Implementation PALs network design encryption technique is - using a key between the receiver and the sender. A unique key is selected by the source and sent to its destination. The unique key will be encrypted by the previous transmission encryption code to retain 100% security. The key will be transmitted by secured communication medium(Marcel 2007). Two types of keys will be used Temporary keys which will only be valid for a session between the receiver and the sender Permanent Key for the exchange of key itself. Kerberos This mechanism is to check the accountability concept discussed in the consideration section. This helps against the extortions like (Marcel 2007) A user may act as different user by getting access to some different host A systems host may act as distinct host by altering the workstations system address. In addition to user and passwords Kerberos uses TGS (Ticket Granting Server) to authenticate the user. This is done in following manner (Angusand Alan 2012). Some user sign in to workstation system and request for some service. Every time any user sign in, a request ticket generates and go to AS. Another ticket issues with session key by Authentication Server. The client sends a particular administration request to TGS relying upon the administration needed A conceding ticket is issues with session key by the Granting Server. The Authentication Server checks about the client existence in record and makes a ticket allowing a session key along with a ticket. Key inferred by the client's secret key is utilized to encode the outcomes. The workspace stimulates the client for secret key which has been used to unravel approaching messages. After that the workspacesends authenticator which contains the client name, system deliver and a ticket to Ticket Granting Server. The client sends request to server for particular administrations. The server furnishes the client by server authentication. The server confirms authenticator match with the ticket and allows access to the administration. Secure Socket Layer (SSL) To verify against the multiple threats available for the PALs website online and its important data PAL uses SSL. It is a two layer protocol and it provides security to the high level protocol like HTTP which is used to transfer data amongst clients and server. This works through two main concepts SSL Connection SSL Session OSI models transport layer services are provided by SSL Connection and it also supports peer to peer relations while to communicate between client and server, SSL Session is used. Firewall Implementation To control and sift the system communications firewall is used. The technology that has been used is full network coverage using single firewalls and dual firewalls. In this technology there is separate network segmentation done which should be reached as of outer side. Entire network infrastructure is being protected by these firewalls (Kaufman, Radia and Speciner 2012). Stakeholders Training Every measure taken in account is only feasible when users know how to use them well according to the plan. Hence users of the network security system, administrators, developers, organization management and security personnel, all must be trained by executives on how to perform the new management plan (Marcel 2007). VPN Implementation The significance of keeping up a private system is high for PAL as it gives key advantages to its clients. All the more particularly, a private system permits the making of a mystery region that is not imparted to unapproved clients. There is additionally the likelihood for remote clients to keep the same work design by joining the private system and in addition associating a few remote areas together (Kaufman, Radia and Speciner 2012). The fundamental explanation behind the formation of a simulated private system is that a significant number of sorts of system activity that streams over the Internet is completely open to interference and it is workable for individuals to screen all data trades that might be bringing pace with Web mail, Web movement, FTP and telnet. The arrangements given by SSH and HTTPs as previously talked about are useful however are restricted at specific applications (Marcel 2007). The advantages of utilizing a VPN are generally against the likelihood of listening stealthily and can be outlined as follows: Systems activity is encoded. Distantsiteischecked before association. (a)Describe the process of managing a network security solution. Managing Network Security So far in this report we have discussed various measures that are going to be used by PAL against several network threats. Along with its design and implementation part, management of the strategy is must so that network is completely secured (Kaufman, Radia and Speciner 2012). There are a series of action PAL is going to maintain in order to ensure sufficient level of security (Angusand Alan 2012), By making sure that all the functions are updated. By making sure tasks are aligned to user responsibility. By making sure physical safety methods are taking place. Authentication is being performed or not By checking data integrity PAL has a management team that check a 3 level process in order to ensure that security is properly managed. The first level is checking operations that are being performed on web that whether they are vulnerable. The second level is checking the configuration of the network component and some specific systems, whether it is proper or not The third and final level checks that whether the resources are properly handled or not and if still there is any threat or risk which is unknown. Network Crisis Management To ensure that if some crisis occurs in the network, it causes minimum disruption to the data and other components, PAL has appointed a separate team who will look after the crisis and in case any crisis or disaster occurs the team will take the following steps ( Addison 2014). Team will first look into the type of crisis and will respond accordingly Next, it will include the necessary roles along with their responsibilities and will try to recover the network crisis. Next, it will try to recover the lost data or will check if the data has been altered or tampered. After recovery, it will ensure that affected processes resume smoothly. At last, it will make sure that policies have been applied to the specific scenario. Making right decisions is necessary while implementing recovery plan, so team will list out the preparations first that will be needed according to the problem, and them the plan will be tested for its feasibility and success ( Addison 2014). (b)Describe the process of analysing network security policies and practices. Security Policies Analysing Process There are certain objectives that have been maintained by PAL in the new security policy design which governs the network andinformation on the network (Marcel 2007). The objectives are Risk Management to identify the possible threats and to keep ready the security measures in case the threat occurs Stable Organization Management, to ensure that a recovery plan is ready in case any incident occurs. Acquiescence with acts, regulations and legislation that will govern network use, risks related to security and recovery mechanism deployment. Strategy Establishment, to recover the PAL from network failure when a controlled position is maintained. Various Measures to ensure accessibility, information integrity and confidentiality of information of PAL( Addison 2014). Security Policy Development Tasks The important tasks which were kept in mind while developing security policy for PAL are: PALs all those assets that need security supportidentified. The, all the risks associated with these assets identified. All assets with distinct information were defined. Best approach towards authentication identified. Access controls for different users on different information defined Monitoring process, auditing process and testing process introduced. An explanation for how to use a particular procedure or a policy Audit of Security Policy Before introducing the new security policy of PAL the audit is based on(Licosta 2014): Sign-in Sign-out Information: identifying no. of failed attempts as well as successful attempts. Also if there is any common pattern. Resource Accessing: identifying no. of failed attempts as well as successful attempts to resource access. Also how these resources have been used, and how they have been filtered. Remote access - comprisingendeavours for increasing remote access characterized by various clients and the gadgets whose access is required. Action on resources - comprising activities of different benefits running from heads to essential client levels. Network occasions - running from beginning, closing down, establishments, reconfigurations, and so forth. After the strategy is conveyed, the system overseer must guarantee that clients agree to it and take after specific strategies. A portion of the obligations of the system directors might incorporate (Angusand Alan 2012). putting in new programming updating working frameworks and applications examining for vulnerabilities looking into approach for significance and relevance assessing logs checking for client consistence Observing occasions, and so on. (c)Describe the process of recommending potential change management. Managing Change To replace old security policy in a network with the new policy is very important task and had to be managed seriously. There should a perfect clear management plan according to which significant changes will be introduced in PALs network (Licosta 2014). A number of factors have been monitored that are needed for a change of network which are as follows: To access the effect of modifications on accuracy, availability, integrity and confidentiality. To identify the change source. To ensure that an active methodology has been followed which ensures tractability everywhere in the network where the changes will be implemented. Before making changes to any department sufficient agreement has been taken from the organization. All the risks to be considered while making changes. All the roles of different employees of PAL have been collaborated in order to apply the changing process and it has been well defined as a series of steps which are as follows (Angusand Alan 2012). Gathering all the requests that have been made to change. Ensuring the current status of the network before introducing any change. Determining how the change has affected the organization as it could even become very complex. Obtaining Approval- whatever change has been planned according to the requirement it has to be approved by the legal authorized person before introducing it into the network Testing the change: To test whether the new changes are working properly in the network and are not causing any disturbance. Documenting Changes References Adeyinka, O., 2015. Internet Attack Methods and Internet Security Technology," Modelling Simulation. AICMS. Second Asia International Conference vol.,no., pp.77-82. Warfield M., 2014, Security Implications of IPv6, Internet Security Systems White Paper, documents.iss.net/whitepapers/IPv6.pdf. Marin, G.A., 2015, "Network security basics," Security Privacy, IEEE, vol.3, no.6, pp.68- 72. Landwehr, C.E. and Goldschlag, D.M., 2007, "Security issues in networks with Internet access," Proceedings of the IEEE, vol.85, no.12, pp.2034-2051 Licosta, A., 2014 "Virtual private network." Wikipedia, The Free Encyclopaedia. UTC. Wikimedia Foundation, Inc. https://en.wikipedia.org/w/index.php?title=Virtual_private_networkoldid=222715612 Tyson, J., 2012, How Virtual private networks work, Available: https://www.howstuffworks.com/vpn.htm. Wilfred, D., 2011, British Standard Institution, BS7799: A Code of Practice for Information Security, British, Standard Publication, London. Frederick, M., 2009, National Communications System, Public Switched Network Security Assessment Guidelines, National Communications System publication. Scott, P., 2008, Group, Guide for Developing Security Plans for Information Technology Systems, NIST Special Publication 800-18. Stoneburner, G., 2011,Risk Management Guide. Draft Rev, NIST Special Publication ,800-30, 2001. Avolio, M., 2013, Information Systems Audit and Control Foundation, Control Objectives for Information and Related Technology (COBIT), 3rd Edition. Rachel, R., 2015, Office of Information and Instructional Technology, Information Technology Security Guidelines.Gaithersburg, MD, National Institute of Standards and Technology. Wright, J., and Harmening, J., 2009, Computer and Information Security Handbook Morgan Kaufmann Publications Elsevier Inc p. 257 Ullal, A., 2015, A Role-Based Trusted Network Provides Pervasive Security and Compliance, senior VP of Cisco, Inc p. 768. Dave, D., 2011,Network monitoring/Intrusion Detection Systems (IDS), University of Washington. Kaufman, C., Radia, P.,and Speciner, M., 2012,Network Security: PRIVATE Communication in a PUBLIC World, Prentice-Hall. ISBN. Marcel, D., 2007,Security of the Internet (The Froehlich/Kent Encyclopedia of Telecommunications). vol. 15., New York, pp. 231255. Gary H., and Greg, K., 2007, Security Monitoring with Cisco Security MARS, Cisco Press. Addison, k., 2014, Self-Defending Networks: The Next Generation of Network Security, Duane DeCapite, Cisco Press. Dale, T., and Greg A., 2013, Security Threat Mitigation and Response: Understanding CS-MARS , Cisco Press. Greg, A., 2011, Securing Your Business with Cisco ASA and PIX Firewalls, Cisco Press. Angus, W., and Alan, Y., 2012,Network Infrastructure Security, Springer.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.