Premium Essay

Firewall N Vpn

In: Other Topics

Submitted By sastitt
Words 980
Pages 4
Stephy Stitt
Firewall/VPN
Project 1
August 24, 2014

There are a number of risks on our network. Those risks are data confidentiality, data access and network issues. Our network has a router/firewall configuration. All files are kept on the network. The network can be accessed from home. The computers in the lab have direct access to the internet. All of these can invite potential threats at any time.
The network allows potential threats through a router/firewalled device. I am assuming that the firewall has been configured by a default means. This will give hackers the ability to exploit any open ports left open. There will also be the security hole of the router itself if the firewall has not been configured correctly. I am also assuming that the sysadmin passwords have not been changed from their default status.
Second, all data is kept on the network. I am assuming that there is no centralized server or storage for this data. If the data were kept all over the place on workstations or some external drive then this will invite hackers to gain access to all of the data. There was also no mention of this data being secured by passwords or permissions.
Third, the users can access the network from home. This is a huge risk. There is no mention of VPN or other means of secure network entry. There is also no mention that the user’s personal workstations are secure enough to be on the company network. It seems that they are able to remote to any workstation on the network. The idea of no secure remote login invites the threat of hackers being able to gain access at any time with little to no effort.
The first thing I would do would be to address the network issues. The router/firewall should be separated. I would place the firewall outside the network to catch any intrusions. I would also place firewalls on the workstations and servers. I would also

Similar Documents

Premium Essay

Nt1310 Unit 1 Rule Essay

...1.1 VIRTUAL PRIVATE NETWORK: A VPN is a method to connect the office network (for example Private network) from the client systems (for example home Laptop) via public network (for example an Internet). A VPN tunnelling will have the advantages of dial-up connection to a dial-up server, because of the flexibility of an Internet connection and also the ease access of an Internet connection. By using an Internet connection the client can connect to the server or the resource in all over the world, like accessing the office desktop from home through an Internet connection. The computer and the office desktop can communicate at full Internet speed or very high speed if you have an Internet connection as cable or digital subscriber line (DSL). This type of connection works very fast...

Words: 1317 - Pages: 6

Premium Essay

Is3220

...Time 3. What is used by TCP to establish a session between two systems? Three way handshake 4. Which of the following protocols is a connection-oriented protocol that operates at the transport layer of the OSI model and supports reliable connections? TCP 5. Promiscuous mode is most commonly associated with_____________? NIC 6. What are the primary objectives of information security? CIA 7. Personnel should be authenticated and authorized prior to being granted access to company’s information resources. This statement is an example of ________________? Policy 8. What security group is responsible for managing network vulnerabilities and threats? IT Security Staff 9. What network component filters traffic between nodes? Firewall 10. What is the most important consideration when designing a network? Usage 11. What is usually the first activity in the hacking process? Reconnaissance 12. What type of attack might a hacker offer as a service? Spam 13. Which of the IT domains is most vulnerable to social engineering? User Domain 14. What type of attack can result in arbitrary code execution with system-level privileges? Buffer Overflow 15. Name three social engineering techniques? Phishing, Impersonation, Reciprocity, ALL OF THE ABOVE 16. Which domain marks the boundary where the private network meets the public network? LAN to WAN 17. A port scanner is a type of __________________ _________________scanner. Network Vulnerability 18. Which of...

Words: 1169 - Pages: 5

Free Essay

Yeszcxzxxvzxcvxzc

...Cisco Router Guide For teleworkers, small offices, small to medium-sized businesses, and enterprise branch and head offices Cisco Integrated Services Routers: Cisco 860, 880, 890, 1800 (fixed), 1800 (modular), 1900, 2800, 2900, 3800, 3900 Series; Cisco Aggregation Routers: Cisco 7200, 7301, 7304, ASR 1000, 7600, Catalyst 6500 Series Summer 2010 V.6 Cisco Router Guide For Medium-sized Businesses, Enterprise Branches, Head Offices, and the Service Provider Edge This is your guide to Cisco® Services Aggregation Routers and Cisco Integrated Services Routers, the broadest and most versatile portfolio of products for enabling the deployment of multiple advanced services. Cisco is the worldwide leader in networking systems for organizations of all sizes, offering solutions that fully support enterprise-wide deployment of networked business applications. A foundation of the Intelligent Information Network, Cisco routers provide high availability, comprehensive security, integrated wireless, ease of management, and advanced Quality of Service (QoS) for today’s most demanding network services, including IP communications, video, customer relationship management, financial transactions, and other real-time applications. This guide shows how Cisco Services Aggregation Routers and Cisco Integrated Services Routers enable you to meet your current and future needs with modular designs, allowing incremental migration as your business and network requirements change. In this guide,...

Words: 32978 - Pages: 132

Free Essay

Lyt2 Task 2

...culture is able to impact design and usage of mobile devices; and how text and multimedia messaging present new challenges for policymakers. With regard to this proposal, the first article discusses how mobile internet usage in rural areas has lagged behind the rest of the population. The article also points out that while there have been improvements in coverage, the build-out of mobile networks has typically been less extensive than in urban areas. Solution: Mobile/Wireless Internet Its Use: Mobile Internet service could potentially be used in conjunction with site-to-site VPN connections, in order to establish connectivity from the remote locations to the hospital. Application: Mobile Internet hotspot devices could be used to get Internet access in Northeastern Health Services’ remote offices. In conjuction with these hotspots, firewall appliances can be used to establish a site-to-site VPN connection from each of the offices to the hospital’s radiology department. However, because of the lower levels of network build-out in rural areas, there is an increased likelihood of poor network coverage in some or all of these rural locations. DeBeer, M., & Williams, J. D. (2004). Unwiring With Wi-Fi and Cellular Technologies. Behavioral Health Management, 24(1), 18-22. The authors of this article explain the differences between wi-fi and cellular Internet access, and they also discuss the security...

Words: 3957 - Pages: 16

Free Essay

Small Network Proposal

...Small Network Sales Proposal Bill Stewart Strayer University June 11, 2011 My neighbor is starting a small billing business and has asked me to price out and design network for him. He will be starting from scratch and in talking to him about his needs, I have determined that what he wants is the following; he needs a server that will support at least 3 users. Also he wants 2 workstations and 2 laptops. He wants Wi-Fi to connect all of this plus Internet access and multiple email addresses. Also he wants this network to be totally secure as his coming is going to do medical billing procedures. Here are my suggestions to him as described in this proposal. Since this small business is interested in a dedicated server, I am suggesting the HP ProLiant N40L 1P 2GB-U Emb SATA NHP 250GB LFF 150W PS Cube MicroServer. This server will meet all of the client's needs at this point. The price is relatively small and the client will find that this system is easy to operate and it is simple to administer to. Also this small server is designed to make adding drives or peripherals a minimal effort. Obviously the space saving design will make it ideal for a small office. This server is also reliable and it's also is expandable. Its error checking and correction (ECC) memory minimizes the likelihood of memory corruption. This server comes with AMD Turion™ II Neo N40L processor (1.5 GHz, 15W, 2MB) and being RAID 0 and 1, it prevents data loss and ensures around the clock reliability. The...

Words: 2210 - Pages: 9

Premium Essay

Best Practices for Network Security

...Best Practices for Network Security DaMarcus Forney American Military University June 19, 2013 Best Practices for Network Security It's no secret that there are millions of networks around the world. Today, networks are relatively easy to create. A network can be something as simple as two computers or hosts being connected together. They can also be very complex and consists of thousands of different network objects such as routers, servers, printers, and workstations. The Internet has revolutionized the way networks can be used. It has created endless possibilities for network technology as a whole and it's users. The first networks were intranet networks. All of the objects running on a intranet, including the infrastructure itself were locally owned and managed. As more and more information was being stored on intranets the need to secure them became more important. The good thing about intranets is that majority of the threats associated with them are internal, making them easy to secure. This can not be said about external networks such as the Internet. The Internet introduced threats that can reside from anywhere in the world. This put greater focus on network security. Securing networks that have access to the Internet is a never ending job. The sad part about securing a network is that a network will never be 100 percent secure. There will always be risks associated with every type of network. One can reduce those risks...

Words: 2391 - Pages: 10

Free Essay

Simulation

...ekranda log verileri aktif filtreyi uygular şekilde devamlı akar olmalıdır. Örneğin web erişim loglarında haberturk.com 'ları göstermek için bir filtre girilmişse gerçek zamanlı olarak loglarda bu filtreye uyan haberturk.com erişimleri akar şekilde görünmelidir. Örnek 2: "merkez" isimli vpn bağlantısındaki sorun debug edilmektedir. VPN kayıtlarında VPN İsmi=merkez filtresi ile vpn ile ilgili her kayıt canlı olarak izlenebilmelidir. - Canlı akan log izlemede, filtreye uyan yeni bir satır geldiğinde bipleyebilmelidir. (bonus) - Görünüm desteği: Bir log dosyasında bir çok sistem altyapı bileşeni ile ilgili log olabilir. Görünüm(view) ler oluşturularak bunların arabirim kullanıcıya sadece ilgilendiğini görebilmesini sağlayacak şekilde gösterilmesi sağlanmalıdır. Aşağıda tek bir log dosyası (operational) içinde 6 farklı sistem altyapı bileşeninin logu görülmektedir. Örneğinde kullanıcı IDS/IPS görünümünde sadece ilgili logu görebilmelidir. Bu görünümler regexp'ler ile tanımlanabilir. Nov 10 09:58:06 2012 logger: smon: labris-flyng service is not running on yssyk for a while and I am not able to restart it. Mail has been sent to the destek@labristek n oloji.com . Nov 10 10:00:03 2012 logger: FIREWALL: Error in getting AD User List. New user list is much more smaller or zero sized. Will not change aduserlist Nov 10 03:31:38 2012 syslog-ng[2829]: Configuration reload request received, reloading configuration; Nov 10 04:02:04 2012 freshclam[11890]: ClamAV update process started at Sat...

Words: 1026 - Pages: 5

Premium Essay

Capstone Part 2

...Equipment and Hardware When it comes to what hardware and software is needed for our company I completed research for the San Francisco office. What we will need for the office is: • Windows 2008 Server • AMD Quad core Processor • Exchange server for emails and communications • VPN in order to encrypt data and allow clients access through VPN at different locations • Dedicated application server to host the needs of the companies multimedia production • Computers with Windows 8 for daily functions • Label Switch Routers with MPLS protocol to deliver quality service needed to support video, real-time voice and SLAs (Service Level Agreements) • Ethernet cable for connection to network • Firewall to control the in & out network traffic When it comes to the cost I have listed each part with the price: • Windows Server 2008 R2 Enterprise with SP! – 10 CALs = $1391.56 • AMD Opteron Dual-Core 8216 2.4 GHz Processor = $ 815.99 • Microsoft Exchange Server 2010 with a single CAL = $700 for server and $67 for CAL • VPN service router = $229.00 • Dedicated server for multimedia = can be purchased on monthly basis for $183 • Windows 8 Pro = $199.00 • Business series N wireless router and firewall = $400 • Cat6 Ethernet cables = $292.38 Tampa Site Equipment and Hardware For our Tampa site, we will need the equipment and hardware to set up our network infrastructure. We will use hardware in order to meet performance requirements, including flexibility, expandability, and...

Words: 4338 - Pages: 18

Free Essay

Capstone

...WeMakeConnections TTI Multi Campus Network Executive Summary: WeMakeConnections is an up-and-coming networking and infrastructure company; we offer network solutions that are customized to each client, and their specific financial and technical needs. We provide a le82vel of service you would expect from a close friend, not a company. We service all network sizes, large and small, and have worked extensively with existing network upgrades, as well as total network creation. WeMakeConnections offers personalized services to match any budget. In this day and age competition is fierce, and money is tight. That is why we only hire people who love networking; they know what works, what doesn't, and where we can cut waste. That is why WeMakeConnections is the only company that offers a complimentary follow up, one month after your network is complete. We want to make sure you love your network. Each of our eight core employee's graduated from the prestigious ITT Tech, San Diego. Each has a passion for networking, and genuine love for problem solving. From the cabling in the walls to workstations on the desks, a trained professional will be on the job. Based on the request for proposal from TTI, we have created what may be, our masterpiece work. The following pages detail our plan of action for TTI's success, and subsequent expansions. We are confident that our network provides the best return on investment for TTI's four additional campuses, and will be easily scaled to...

Words: 18593 - Pages: 75

Premium Essay

Network Design for Acme Manufacturing

...Running head: NETWORK DESIGN FOR ACME Network Design for Acme Manufacturing Learning Team A: [your team members] University of Phoenix Intro To WAN Technologies NTC/242 Acme Manufacturing Network Design Introduction As a network consultant hired by Acme Manufacturing, the company has asked Team A to develop a new networking design for their expanding business. The description below describes the key steps involved in developing a WAN for Acme Manufacturing. The company has six different buildings in six different locations throughout the world which need to be networked collectively. All the remote locations need to be able to communicate effectively with the main headquarters which is located in Atlanta, Georgia. The two buildings which house the headquarters are located across the street from each other. One building is used solely for corporate operations while the other building is used for staffing the sales and engineering department. Network Topology The best choice for the company would be to use a LAN with routers and Ethernet cables. This is a logical choice because the speeds of the network will be far superior and will help to reduce the total cost of the network. The three distribution buildings are located in Chicago, Phoenix, and New York. It is not feasible to run cabling to theses locations due to cost, so using T3 leased lines to communicate is the recommended method to connect the buildings with headquarters...

Words: 1444 - Pages: 6

Free Essay

Cis 534 - Lab Manual

...CIS 534 - Advanced Network Security Design 1 CIS 534 Advanced Network Security Design CIS 534 - Advanced Network Security Design 2 Table of Contents Toolwire Lab 1:Analyzing IP Protocols with Wireshark ........................................................................ 6 Introduction ............................................................................................................................................. 6 Learning Objectives ................................................................................................................................ 6 Tools and Software ................................................................................................................................. 7 Deliverables ............................................................................................................................................. 7 Evaluation Criteria and Rubrics ........................................................................................................... 7 Hands-On Steps ....................................................................................................................................... 8 Part 1: Exploring Wireshark ............................................................................................................... 8 Part 2: Analyzing Wireshark Capture Information .......................................................................... 12 Lab #1 - Assessment Worksheet...

Words: 48147 - Pages: 193

Premium Essay

Desktop Technician

...Quality Web Design Submitted to: SE571 Principles of Information Security and Privacy Submitted: September 21, 2011 Executive Summary This report was commissioned to inspect and recommend solutions for Quality Web Designs (QWD) hardware equipment and software security concerns. QWD is a small local company concerned about the continual losses of hardware by employees travelling and stationary. The review of software solutions for the company revealed that they were lacking in several areas, the backup and recovery process, as well the lack of an antivirus solution. Hardware solutions were described as weak and require upgrade from the controls at the home and remote offices as well as the equipment that travels with employees to remote locations and on the road. With the commission of this report improvements would minimize the risks associated with these holes in security. Introduction Quality Web Design offers a variety of services such as web hosting, virtual addressing, and marketing just to name a few. The company was founded in 1995 and has over 50 years technical and business experience between the two partners. Based out of Connecticut, the company has made a worldwide positive impression with its site structure ease of access and clientele. The company has made an outstanding reputation for itself in the local community, by helping with local establishments businesses and churches as shown on their web site, in a small town setting. This assessment will...

Words: 1578 - Pages: 7

Free Essay

Cis175 It Consult

...measures 56’ x 36’ giving DesigntIT over 2000 square feet of dedicated space. This new space contains four cubicles, one executive office, one server room, one reception desk, and one conference room and allows DesignIT to hire two full time designers and a receptionist. As stated in the Request for Proposal (RFP) issued by DesignIT, the design must incorporate the following considerations: * Relocation of three servers configured as follows: * One (1) Web Server – Microsoft IIS Server * One (1) File Server- Microsoft Server 2008 * One (1) Server – Server 2008 Small Business Server Furthermore, DesignIT has stated the design must also include the following deliverables: * High speed internet access * Firewall * Antiviurs/Malware protection * Six (6) computers * Three (3) color laser printers * Wireless access for portable devices A critical first step in designing a network to meet DesignIT’s requirements is designating the network topology. A network topology is both the logical and physical layouts of the network. Physical topology is related to the physical aspects of the office space and the requirement to provide network distribution to the various offices, reception area, server room, and conference room. Related to the physical topology is the...

Words: 731 - Pages: 3

Premium Essay

Computer Security

...PA r T O N e Foundations of Network Security Fundamentals of Network Security 2 Firewall Fundamentals 43 VPN Fundamentals 79 Network Security Threats and Issues 111 CHAPTer Fundamentals of Network Security 1 C OMPUTER NETWORK SECURITY is very complex. New threats from inside and outside networks appear constantly. Just as constantly, the security community is always developing new products and procedures to defend against threats of the past and unknowns of the future. As companies merge, people lose their jobs, new equipment comes on line, and business tasks change, people do not always do what we expect. Network security configurations that worked well yesterday, might not work quite as well tomorrow. In an ever-changing business climate, whom should you trust? Has your trust been violated? How would you even know? Who is attempting to harm your network this time? Because of these complex issues, you need to understand the essentials of network security. This chapter will introduce you to the basic elements of network security. Once you have a firm grasp of these fundamentals, you will be well equipped to put effective security measures into practice on your organization’s network. While this textbook focuses on general network security, including firewalls and virtual private networks (VPNs), many of the important basics of network security are introduced in this chapter. In Chapters 1–4, network security...

Words: 16205 - Pages: 65

Premium Essay

Global Pharmaceutical Industry

...SA SERIES SSL VPN APPLIANCES PRODUCT LINE PRESENTATION Submitted by: RADIUS Consulting Ghana Limited AGENDA 1. SSL VPN Market Overview 2. SSL VPN Use Cases 3. Access Control and AAA 4. End-to-End Security 5. Junos Pulse 6. Secure Meeting 7. Business Continuity with SSL VPN 8. Hardware, Management and High Availability 2 www.radiusconsultingghana.com Copyright © 2010 Juniper Networks, Inc. www.juniper.net BUSINESS CHALLENGE: GRANT ACCESS VS. ENFORCE SECURITY Maximize Productivity with Access...  Allow partner access to applications (Extranet portal)  Increase employee productivity by providing anytime, anywhere access (Intranet, E-mail, terminal services) …While Enforcing Strict Security  Allow access only to necessary applications and resources for certain users  Mitigate risks from unmanaged endpoints  Customize experience and access for diverse user groups (partners, suppliers, employees)  Enable provisional workers (contractors, outsourcing)  Enforce consistent security policy  Support myriad of devices (smartphones, laptops, kiosks) …And the Solution Must Achieve Positive ROI  Minimize initial CAPEX costs  Lower ongoing administrative and support OPEX costs 3 www.radiusconsultingghana.com Copyright © 2010 Juniper Networks, Inc. www.juniper.net THE SOLUTION: JUNIPER NETWORKS SA SERIES SSL VPN APPLIANCES Mobile User – Cafe  Secure SSL access to remote users from any device or location  Easy access from Web-browsers – no client software to manage...

Words: 3503 - Pages: 15