User Account

All Pages

Analyse requirements for internal and external security

Assignment Help Computer Networking
Reference no: EM132314704

Assessment Task 1

Description:

This assessment task is essentially the first part of the overall assessment in this unit. This task is followed by subsequent/progressive tasks leading to the major task of installing and managing a complex network. As such, it is critical that these tasks are undertaken in a prescribed order and in conjunction with learning sessions. Consider the following business scenario and complete the given tasks.

Scenario

ABX is a Legal and Accounting firm with approximately 200 local and international clients ranging from large businesses with complex financial and legal needs to individuals with a modest financial holding. In line with business and statutory requirements there is a formal set of organisational procedures for keeping data secure, confidential and safe. The IT Department has been relatively stable for about six months since the last major upgrade, but some key staffs have moved on and a number of systems admin tasks have built up. The company has two offices; a 3-story, freestanding headquarters building and a suburban branch office.

At the HQ, there’s a cafeteria and conference room on the ground floor, Legal on the second floor and Accounting on the first floor. There is an open plan work environment, with at least two closed offices on each floor for senior management. There is a workstation in the reception area and in each closed office, and four workstations in the conference room. Individual workstations are scattered around the open plan office to meet business needs.

Until now the HQ and other two offices have had their independent networks. However, with a focus on aligning resources and expanding the client base, the company has decided to set up a Virtual Private Network (VPN) linking HQ to suburban offices. The network will also allow some of the employees to work from home and access company’s network from remote locations.

You have been given the task to design a network design for the company including;

Hardware requirements

Software requirements

Network security requirements

You task will be to;

Conceptualise and design a network topology for all three sites (3x) identifying all the equipment and protocols

Research vendor sites for product/equipment specifications and recommend appropriate equipment

List and articulate network services to be provided

Identify requirements for implementing the network solution

Analyse requirements for internal and external security

Ensure that you provide information sheets/specifications of equipment downloaded from vendor sites.

Links/references to the sites visited should also be clearly mentioned.

Compile all the required information and convert into a service proposal (word processed), with your trainer/assessor playing the role of the client.

Assessment Task 2

Part A: Configure Cisco Routers for Syslog, NTP, and SSH Operations

Description:

In this task, you will be configuring Cisco Routers for Syslog, NTP, and SSH Operations. Based on the topology diagram and plan completed in Assessment Task 1, you will be required to install and connect at least two of the planned networks.

A sample network diagram is provided below. You may use it as it is in your network design. However, the task context and requirements will apply to any topology used. Accordingly, the given addressing table may be changed according to your network topology. Same equipment labels must be used where possible.

The network topology shows three routers. You will configure NTP and Syslog on all routers. You will configure SSH on R3. Network Time Protocol (NTP) allows routers on the network to synchronise their time settings with an NTP server. The NTP Server is the master NTP server in this lab. You will configure the routers to allow the software clock to be synchronized by NTP to the time server. The Syslog Server will provide message logging in this lab. You will configure the routers to identify the remote host (Syslog server) that will receive logging messages.

R2 is an ISP connected to two remote networks: R1 and R3. The local administrator at R3 can perform most router configurations and troubleshooting; however, since R3 is a managed router, the ISP needs access to R3 for occasional troubleshooting or updates. To provide this access in a secure manner, the administrators have agreed to use Secure Shell (SSH).

You will use the CLI to configure the router to be managed securely using SSH instead of Telnet. The routers have been pre-configured with the following:

Enable password: ciscoenpa55

Password for vty lines: ciscovtypa55

Static routing

Part B: Configure a Network for Secure Operation

Description:

Consider the following network diagram. This topology is provided as a sample, which will be replaced by your own topology developed in Assessment Task1. You may use it as it is in your network design. However, the task context and requirements will apply to any topology used. Accordingly, the given addressing table may be changed according to your network topology. Same equipment labels must be used where possible.

Task

In this comprehensive practice activity, you will apply a combination of security measures;

Secure the routers with strong passwords, password encryption and a login banner

Secure the console and VTY lines with passwords

Configure local AAA authentication

Configure SSH server

Configure router for syslog

Configure router for NTP

Secure the router against login attacks

Configure CBAC and ZPF firewalls

Secure network switches

In the topology, R1 is the edge outer for the Company A while R3 is the edge router for Company B. These networks are interconnected via the R2 router which represents the ISP. You will configure various security features on the routers and switches for Company A and Company B. Not all security features will be configured on R1 and R3.

The following pre-configurations have been made:

Hostnames on all devices

IP addresses on all devices

R2 console password: ciscoconpa55

R2 password on VTY lines: ciscovtypa55

R2 enable password: ciscoenpa55

Static routing

Syslog services on PC-B

DNS lookup has been disabled

IP default gateways for all switches

Assessment Task 3

Description:

This summative task combines all the work done is Assessment Tasks 1&2. In this final task, you will use the topologies installed in Assessment Tasks 2 (part A&B) to finalise your integrated network comprising multiple network services. Ensure that when setting up the network, you resolve the interoperability issues. For the purpose of this task, you trainer/assessor will play the role of your supervisor and provide inputs and advice where needed.

In this task, you will be required to install and test a Virtual Private Network (VPN) using SSH and PPP. Ideally, you will use SSH to create a tunnel connection, and then use PPPD to run TCP/IP traffic through it.

Security is very important for a VPN. Ideally, you should be disallowing all passwords and instead do all authentication on the network via SSH's public key authentication system. Accordingly, you will need to configure SSHD.

Note: There might be alternative ways to create a VPN (e.g. IP Sec, PPTP, CIPE). Discuss your plan with your trainer/assessor and obtain prior approval for your implementation. VPN design may also depend on the equipment available in the lab.

Task

Ensure that you address the following requirements;

1. Check and install cabling and associated components

2. Install and configure servers, routers, switches or other devices to provide internet protocol (IP) addressing, routing, name resolution, and the required network services

3. Give each remote office a class C network range to allow them to expand as necessary (e.g. Reserve the 192.168.10.0 and 192.168.11.0 nets)

4. Reserve another class C (e.g. 192.168.40.0) to allow each employee/client their own internal IP

5. Set routes on the Cisco such that traffic headed to these reserved nets goes to your VPN server (e.g. 192.168.40.254)

6. Name the external interface of the server vpn.company.com, and the internal vpninternal.company.com

7. Analyse and resolve interoperability issues

8. Rectify networking and security conflicts arising from integrating services

9. Install and use appropriate network management tools to evaluate network performance

10. Once the VPN setup is completed, set a VoIP service using a CISCO DSL VoIP router (Enable PPPoE on the router's web-based setup page)

11. Test network functionality

12. Write a brief report on your network design, network services, functionality, and security aspects.

Reference no: EM132314704

Questions Cloud

What does swot stand for : BSBWOR501 Manage Personal Work Priorities and Professional Development-Macquarie University-Australia- Develop an action plan to put strategies into action.
Explain how tata steels approaches to csr : Macquarie University-Australia-BSBSUS501 Develop Workplace Policy and Procedures for Sustainability-Explain how Tata Steel’s approaches to CSR and its priority.
Application of programming in java : ITC538 - Programming in Java - Charles Sturt University - Write a Java program to solve the problem presented below. You may assume that the user will always
Prepare a website proposal to mr richards : ICTWEB507 Customise a Complex ICT Content Management System -Macquarie University-Australia-Identify and download an appropriate open-source system.
Analyse requirements for internal and external security : ICTNWK529 Install and Manage Complex ICT Networks -Macquarie University-Australia-Analyse requirements for internal and external security.
Assess hardware requirements for the new os : ICTSAS518-Macquarie University-Australia-Install and Upgrade Operating Systems-Consult with your supervisor and finalise the OS required to be installed.
Prepare a cash flow statement for harrys harware : BUACC 5930-Accounting Concepts and Practices-Federation University Australia-Prepare a Cash Flow Statement for Harrys Harware for the year ended 30 June.
Prepare a powerpoint presentation based on the reading : MGNT803 - Organisational Behaviour and Management - University of Wollongong - Record a verbal narration to accompany each slide of the presentation
Voltage Transfer Characteristic : Assignment - Need step by step solutions for all questions. Terminal Voltages and Currents (3. Terminal Voltage and Currents)

Reviews

len2314704

5/31/2019 4:35:24 AM

The following assessment criteria will be used for marking this assessment task. Ensure that you have addressed all of the criteria in your work; ? Connected all the equipment and assets as per the network topology ? Network topology is according to assumed branch/company locations a ? Separate topologies are developed for each site with an explanation of how these networks integrate and align ? Hardware devices are accurately identified and installed based on the network requirements ? Checked and secured all the cabling ? Essential network services including internet protocol (IP) addressing, routing, name resolution, are verified and tested ? Set up and named the VPN as required ? The network is fully functional ? Tested network protocols, connectivity and resolved issues, if any, including interoperability issues ? Provide the required class C network ranges for branches offices and individual employees ? Used the available network management tool to evaluate and test network performance ? Captured and analysed network performance data ? Implemented network and security policies as defined ? Tested network security and optimised settings, if needed

Write a Review

Computer Networking Questions & Answers

  Networking and types of networking

This assignment explains the networking features, different kinds of networks and also how they are arranged.

  National and Global economic environment and ICICI Bank

While working in an economy, it has a separate identity but cannot operate insolently.

  Ssh or openssh server services

Write about SSH or OpenSSH server services discussion questions

  Network simulation

Network simulation on Hierarchical Network Rerouting against wormhole attacks

  Small internet works

Prepare a network simulation

  Solidify the concepts of client/server computing

One-way to solidify the concepts of client/server computing and interprocess communication is to develop the requirements for a computer game which plays "Rock, Paper, Scissors" using these techniques.

  Identify the various costs associated with the deployment

Identify the various costs associated with the deployment, operation and maintenance of a mobile-access system. Identify the benefits to the various categories of user, arising from the addition of a mobile-access facility.

  Describe how the modern view of customer service

Describe how the greater reach of telecommunication networks today affects the security of resources which an organisation provides for its employees and customers.

  Technology in improving the relationship building process

Discuss the role of Technology in improving the relationship building process Do you think that the setting of a PR department may be helpful for the ISP provider? Why?

  Remote access networks and vpns

safekeeping posture of enterprise (venture) wired and wireless LANs (WLANs), steps listed in OWASP, Securing User Services, IPV4 ip address, IPV6 address format, V4 address, VPN, Deploying Voice over IP, Remote Management of Applications and Ser..

  Dns

problems of IPV, DNS server software, TCP SYN attack, Ping of Death, Land attack, Teardrop attack, Smurf attack, Fraggle attack

  Outline the difference between an intranet and an extranet

Outline the difference between an intranet and an extranet A programmer is trying to produce an applet with the display shown in Figure 1 below such that whenever one of the checkboxes is selected the label changes to indicate correctly what has..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd