" COURSE CODE AND TITLE;ASSIGNMENT TITLEPROJECT NAMEALL TEAM MEMBER NAMESFACULTY MENTOR’S NAMECLIENT’S NAME & ORGANIZATION.Table of Contents1. Abstract ................................................................................................................................................ 22. Introduction ......................................................................................................................................... 23. Client Requirements ........................................................................................................................... 44. Stockholder Perspectives .................................................................................................................... 55. Analysis ................................................................................................................................................ 76. Discussion............................................................................................................................................. 97. References .......................................................................................................................................... 128. Appendices ......................................................................................................................................... 12Appendix B:Work Breakdown Structure ............................................................................................... 14Appendix D:Cost of the Project ............................................................................................................... 171 1. AbstractThe existing network and IT infrastructure of Arab Bank fully studied. For havingbetterscalability, security and to manage the future growth. A complete new network design isproposed. For improving the data security and keeping the IT and network environment verysafe,a detailed security plan isdesigned. Based on the various interviews clear technicalrequirements were obtained from the client and the potential stack holders. The requirementswere studied fully and ensured the proposed network design and security plan are satisfying allthe requirements.Effective Time line plan and sub dividing the entire project into different slicesand doing each slice once by one is done.Existingthreats, risks were investigated. Theimportance of effective backup plan and DR plan were discussed. Businesscontinuationtechniques were discussed.2. IntroductionThe Arab bank is having lot of expansion plans. The existing IT infrastructure is not sufficient tomatch with the future expansions. The existing infrastructure is not well secured. So The Arabbank asked my professional service to improve the exiting IT infrastructure as well as improvethe security of their IT infrastructure. The goal of this project is to provide Infrastructure upgradedesign and suggest a suitable security plan for Arab bank. The risk of threats and vulnerabilitiesare increasing day by day in the banking networks. These threats can affect the customer retainability of the banks and reduces its performance.The personal data of the customer must beconfidential to achieve this effective network security is required.The security should ensureprotection from minor threats to major threats of both existing and upcoming ones.The need forthe network security with respect to the banking side is due to the traditional mishandling of the2 transaction. To overcome all these hindrances an effective network system must be developedprotecting the upcoming data breaches followed by the detection of intrusion policy.The following persons were involved in this project.Name Role Group PhotoOur task is to mainly design a network infrastructure with high reliability, security, scalabilityand improved performance. The security should not disturb the existing process of the ArabBank. The objectives goals can be divided in to the following: 1. improving the network infrastructure using the new design 2. Security plan without affecting the processes 3. Real time implementation to ensure its robustness3 3. Client RequirementsWe conducted 5 interviews with the client by email, skype and by phone. We did notconduct any interviews/meetings without the client. After each and every meeting the detailedMinutes of the Meeting were circulated among the participants. The client gave the followingrequirements to us. We delivered the following understandings to the clients and they acceptedour understanding of the requirements.? In the current situation with respect to growth the Arab bank is lagging behind inthe network security. ? The network security is more important because the confidentiality of thecustomers must be preserved to retain them.? In the growing technologies network breaches are plentiful in the banking sectors.It also leads to misuse of the transactions and improper disclosures.To preventall these and ensure uninterrupted functioning of the banking process the networkinfrastructure and network security is important. ? This project ensures a secure network infrastructure for the Arab bank by provingthe existing designs and the security plans.? In our project we have used secure network for the bank better than the existingnetwork by improvising the VLANs, Routing Protocols, WAN, WLAN andnetwork security.? Considering the Arab Banks in Middle East, it has various branches spread overthe region. The infrastructure with regarding to the network is spilt into the three:Headquarter, Branches and Backups. The headquarters located at the middle of4 the region has the mainframe computer with System Networks Architecture(SNA) for the Automated Teller Machines (ATM). ? Flexible LAN and WAN connections are used for inter connecting the branches.The draw back in this system design is that still they use IPX/SPX communicationbetween their branches and has to rely on the support of external vendor for theprocessing. The processes are solely dependent on the IPX/SPX, SNA and ICTfor the network infrastructure services. ? The complexity in the ICT infrastructure is high.This becomes a hindrance forthe business growth and reduces the sustainability.These types of systemsrequire very high maintenance making the investment of the bank high in thenetwork section. ? The growth of the bank including new branch opening is considered as 30% perannum. But the sustainability of the current network is very low that it cannotcompensate the growth of the bank for more than 3 years. ? Our project mainly concentrates on these issues in the infrastructure side and thereimprovising the network security as discussed above.4. Stockholder PerspectivesWe discussed about the project requirements and the customer expectations with all thestakeholders involved. Most of the stockholders got clear understanding of the technologies theyare expecting in the project and they gave the outline of the commercial output of the askedtechnologies. We presented our understanding, our plan of action details to the stock holders andall the stock holders are happy with our understanding of the work and our plan of action. The5 same are presented below. We needed to provide a network design and a security plan to theclient. Technical aspects of the deliverables are discussed with all the stack holders and finalized.Initially few stack holders are not interested in going to IT upgrade and Security PlanImplementation. The gave cost as a major reason. With the help of the other stake holders weconvinced the doubting stakeholders and make them understood the importance of the netnetwork design and security plan.Few stack holders were not interested in going for an industry standard, well researched, wellsecured network design. They said any ordinary cheap network design is OK for them. Few stackholders faced lot of problems in understating the technical words in the network design andsecurity plan. We along with the in-house technical engineering helped them to understandeverything so that they can go for well calculated business reason.Few stack holders asked for in-house backup. We explained them the importance of remotebackup. Few stack holders just rejected the DR idea saying that it is not at all necessary. All mostall the stockholders did not agree with the cost of the project. They said that the project is verycostly and the costly project may give or may not give any benefits to them. Few stack holderssaid what they got at the time is sufficient. Few stack holders refused to have separate serverroom for keeping the IT Infrastructure servers. We brought lot of case studies to them andfinalized the following setup for keeping the main servers and important network components inthe server room.6 5. Analysis5.1 Network DesignThe network design includes designing of the Local Area Networks (LANs), Virtual Local AreaNetworks (VLANs), Wide Area Networks (WANs) and Virtual Private Network (VPNs). For this design, we take into account the following:1. The network traffic generated by the host can be from servers, their backup devices,ATMs and the clients 2. The suitability of the existing WAN links3. The suitability of the existing WAN frame works4. The suitability of the existing LAN links5. Necessities for the VLANs6. The devices used like routers and switches in the corresponding site or location 7. The allocation of IP address for the main network devices and the sub networks8. Traffic separation by using sub-netting with IP address distribution 7 9. Positioning and selection of firewall strategies such as single firewall, dual firewall andstateful packet filter 10. Proxies11. Network Address Translation/Port Address Translation12. Dematerialized Zones (DMZs)13. The planning routers and their routing tables14. Lists for controlling the firewalls15. Device allocation and the network topology diagramThe detailed network diagram showing LAN design and WAN design are shown in Appendixsection5.2 Network Security planThe network security plan got the following: 1. The importance of the security plant and its outline2. The areas of the organization in which the plans are applied and outline of it.3. The assumptions made while preparing the security plan and documentation of those4. The clear and brief statements about the security plan. 5. The analysis of the current threats, vulnerabilities and challenges faced while designing thesystem along with the shortcomings in the existing system with respect to the organization risks6. The policies followed for the protection from expected network security attacks7. Recovery from the disasters and their respective business continuity plans8. The strategies followed for maintain the security policies8 9. The other risks such as the cost of migration to the new system, usage of newer technologyand educating them to the clients and users.10. The recommended resources and their cost including the maintenance5.3 Security Technology ImplementationFor the implementation of the security technology the following procedures must be followed:1. Procedures for the data back up and the recovery. 2. Secure the data handled by the staff by using the Work At Home procedures (WAT)3. The actions like accessing, sharing, downloading and uploading the data must be performedby using proper authentication systems for secured data handling.4. The prevention of spam emails is more significant5. The various protocols such as FTP, HTTP, SMTP, DHCP, DNS must be improved in terms ofthe robustness in terms of the authentication, control for the domains, load balancing in the database and other specialized actions.6. The network security includes the dematerialized zones, improved firewalls, Cryptography,encryption and usage of proxies.7. Framing of the security policies 6. DiscussionThe clients asked new IT and Network infrastructure design to match their future growth and toimprove the security of the entire IT and Network infrastructure. We delivered IT and NetworkDesign document with Detailed Security Plan document.9 Initially we divided the work into three levels. The work breakdown structure is shown inAppendix section.Level 1 is the main objective to be achieved i.e. Network Security andNetwork Security Planning. This major Level is divided into five level 2 tasks. Initiation,Planning, Design and Submission, Security plan proposal and Closure. All these Level 2 tasksare subdivided into various level 3 tasks. Understanding the client requirements and conductingsuitable literature review became the initial level 2 tasks.Like this Network design layoutplanning, security policy planning, Task scheduling, Project approval became the planning level2 tasks. Handing over the network designing document is the main activity in Design andth submission Level 2 activity. Security plan proposal and security plan submission became the 4level 2 activity. Project closure is the final level 2 activity. Foe effective time management The project is divided is into five different phase executed in thethree different periods as shown in the time management chart. The first phase of the projectionis the initiation phase which involves the case study, literature survey, objective planning clientrequirement analysis and the objective finalization. The second phase starts at the middle ofperiod and must be completed at the middle of period 2. The second phase is the planning phasewhich involves thedesigning the network layout, planning the security policies, Task scheduling,conducting client review meetings and getting approval for the project. The third phase is thedesign and execution which is completed in the period 2. The analysis phase is begun in themiddle of period 2 and completed in the middle of period 3. The fourth phase involves analysisin the aspects of Risks, operation, cost and client requirements. The project is closed in thirdperiod with correction of bugs and improvisation of the existing system. While deciding the cost of the project, we found out that the servers, wireless access points,network components took the major portion of the cost of the project. The software cost became10 very negligible when compared with hardware costs. The detailed cost analysis is shown inAppendix Section. As a part of the project we gave a risk management plan too. We discussedabout Leaking the customer details and employees details,unauthorized access to the executivedata of the bank,Mishandling the network transactions,network hacking and network attacks,databreaching,data loss due to disasters,attacks of malicious software and virus in our riskmanagement plan. The common sources of the risks like hackers , Failure of IT service, Prolongedpower failure, Earthquakes, Fire, Cyclones&Floods, Terrorist attacks are discussed. We gave DR Planbyand explained the importance of the disaster recovery plan in preventing the above mentioned risks.an efficient disaster recovery policy and business continuity plan. The technical risks can beovercome by the strong network security policies. The risks caused by natural factors can bedodged by following backup procedures under emergency situations with a strong businesscontinuity plan. It should ensure the loss to the organization is minimized to the extreme range.The overall cost to the organization should be covered under the claimable amount from theinsurance for the natural disaster. If the loss is due to technical risk the organization should havea backup plan to redeem the cost invested in it. While executing the network design and securityplan project we faced few problems. The major problem faced was inadequate data. We couldnot get sufficient data to do the project well. The existing network design was not fullydocumented. The security policies were not at all introduced. Some end users refused to go forvery basic security policy upgrades like windows update, enabling antivirus, enabling windowsfirewall, closing unnecessary open ports, uninstalling the unnecessary software applications andetc. Initially the clients did not understand the importance of proper backup and disaster recoveryplan. They thought that major disasters won’t happen to UAE. We explained the importance ofbackup and DR, with the help of lot of case studies. The client is not interested in having thirdpart expert support and also in having HP, Microsoft vendor support. The client thought that by11 having a very good technical team they can manage all the issues. Again with the help of lot ofcase studies we helped the client in understanding everything and finished the project verysuccessfully.7. ReferencesRussell, D. (1989).The principles of computer networking. Cambridge: Cambridge UniversityPress.S.K. Kataria, S.K. (2014). Principles of Computer Networks, Orange Books, IndiaPeterson,(2011), Computer Networks-A System Approach, n.dStallings, Williams, (2013), Cryptography and Network Security: Principles and Practice,n.dHeng, S., Wright, R., & Goi, B. (2010). Cryptology and network security. Berlin: Springer.8. AppendicesAppendix A: Proposed network design document12 WAN network Design13 Local LAN network DesignAppendix B:Work Breakdown StructureLevel 1 Level 2 Level 3Network Design & Network 1.1 Initiation 1.1.1 Case Study Security Planning 1.1.2 Literature Survey1.1.3 Objective Planning1.1.4 Client Requirement Analysis1.1.5 Objective finalization14 1.2 Planning 1.2.1 Network design layout1.2.2 Security Policy Planning1.2.3 Task Scheduling1.2.4 Client Review Meetings1.2.5 Project Approval1.3 Design and 1.3.1 Network DesigningSubmission 1.3.2 Handover1.3.3 Designing Security Plan1.3.4 Hand over1.3.5 Disaster Management1.4 Security Plan Proposal 1.4.1 Risk Analysis1.4.2 Operational Analysis 1.4.3 Client Process Analysis1.4.4 Cost Analysis1.5 Closure 1.5.1 Bug correction1.5.2 Update systems1.5.3 Documentation1.5.4 Project ClosureAppendix C: Time Management15Period 1 Period 2 Period 3Phase I Initiation Phase II Planning Phase III Design & Execution Phase IV AnalysisPhase V ClosureThe project is divided is into five different phase executed in the three different periods as shownin the time management chart. The first phase of the projection is the initiation phase whichinvolves the case study, literature survey, objective planning client requirement analysis and theobjective finalization. The second phase starts at the middle of period and must be completed at16 the middle of period 2. The second phase is the planning phase which involves thedesigning thenetwork layout, planning the security policies, Task scheduling, conducting client reviewmeetings and getting approval for the project. The third phase is the design and execution whichis completed in the period 2. The analysis phase is begun in the middle of period 2 andcompleted in the middle of period 3. The fourth phase involves analysis in the aspects of Risks,operation, cost and client requirements. The project is closed in third period with correction ofbugs and improvisation of the existing system. Appendix D:Cost of the ProjectThe cost of the project involves the cost of the hardware components required for the networkingfor the networking. Most of the components can be reused from the existing network models.The software cost is negligible with respect to network security and they are going to be modeledbased on the requirements of the clients. Component Specification CostServer HP Proliant ML310e Gen 8 4,999AEDServerSwitches Cisco WS-C3750G 1300 AEDWireless Access PointsCisco WAP4410N 535AEDRouters Cisco Linksys E1200 249AED17 Firewall CISCO ASA Security 3400 AEDAPPLIANCE FIREWALLHardware components for - 3000 AEDInternet ConnectionDomain Registration Etisalat (.net.ae) 150 AEDThe components mentioned in the above table are to create a prototype model of the plannednetwork for testing the security policies. The prototype model is tested for operational analysiswithout affecting existing system of the bank. After ensuring the performance reliability thecomponents of the existing system can be reused according to the design for reducing the cost ofinvestment for the new network design and its security policy18 "