Reference no: EM133727147

Design and Implement a security perimeter for ICT Networks

Activity

Task 1: Deployment of the Perimeter security

This activity is a continuation from the previous assessment task.
After the detailed elaboration of the requirements for the network security perimeter and completion of the planning phase by completing the Report, you need to deploy the perimeter security. For this it has been decided by the IT department that they will implement the Firewall for the better security of the organization's network infrastructure. The Report in the previous task defines its importance. The Assessor/trainer will act as the Information Systems Manager and will supervise the deployment of the perimeter security. While you need to implement the firewall as per the requirements of the organization.
Implement the Perimeter security solution as per the given points:
• Implement the Firewall as the perimeter device and make all the configurations as per the requirements of the design
• Configure the DMZ interface
• Configure a general firewall for LAN traffic
• Configure a general firewall for DMZ traffic
• Allow selected traffic to the DMZ
• For the setup of the organization and as per the scenario it is recommended to implement 3-legged Firewall
• Configure both the basic and advanced functionality of the firewall to the network to allow access including the following standard services considerations in prospect:
• HTTP (Web surfing)
• HTTPS (secure HTTP)
• FTP (file transfers)
• SMTP (e-mail)
• ICMP (reporting services; ping)
• Telnet (bi-directional communication sessions)
• Configure the backup of the firewall so that it can be restored in case of disaster.
• The firewall needs to be designed and configured that it ensures the continuity of services in both the following events:
• Update of Device
• Device Failure

Task 2: Configuration of VPN Solution

TASK 1: Continuation to the previous tasks, you need to implement and configure a VPN solution for the organization's network infrastructure. The VPN solution will help to secure the connectivity of the HBL Bank's head office to the regional offices. The assessor/trainer will supervise the implementation and the configuration of the VPN solution. You will act as the Network administrator and will implement the VPN solution:
Implement the Virtual Private Network solution as per the given points:
• Configure a site-to-site Virtual Private Network for the network infrastructure.
• Configure the perimeter as a remote access VPN server according to the scenario and the network diagram of the bank.
• Also, configure the VPN tunnel forwarding.
• Check the configured VPN for connectivity issues, diagnose the issues and resolve these connectivity issues.