User Account

All Pages

ITNE2005 Develop a security Infrastructure for a Medium-Size

Assignment Help Computer Networking
Reference no: EM132689368

ITNE2005 Develop a security Infrastructure for a Medium-Size Network - Victoria Institute of Technology

Objectives

This assessment item relates to the unit learning outcomes as in the unit descriptor. This assessment is designed to evaluate student's ability on working with the routers, firewalls and VPN tunnels and adopting those technologies in enterprise level networks.

Learning outcome 1 Explain network security issues and develop a comprehensive network security policy to counter threats against information security
Learning outcome 2 Analyse and configure routers on the network perimeter with router software security features
Learning outcome 3 Evaluate and configure firewall protocols and features to perform basic security operations on a network
Learning outcome 4 Critically review the enterprise network requirements and configure site-to-site virtual private networks using standard router software features
Learning outcome 5 Analyse the enterprise security requirements and configure intrusion prevention systems on network routers
Learning outcome 6 Monitor network traffic and implement security policies to control access, resist attacks, and protect network devices

 

572_figure.jpg

Figure 1: Network Topology

Note: Integrated Services Routers (ISR) have Fast Ethernet interfaces instead of Gigabit Ethernet interfaces.

Addressing Table

Device

Interface

IP Address

Subnet Mask

Default Gateway

Switch Port

R1-S0000

F0/0

209.165.200.225

255.255.255.248

N/A

ASA G0/0

S0/0 (DCE)

10.1.1.1

255.255.255.252

N/A

N/A

Loopback 1

172.20.1.1

255.255.255.0

N/A

N/A

R2-S0000

S0/0

10.1.1.2

255.255.255.252

N/A

N/A

S0/1 (DCE)

10.2.2.2

255.255.255.252

N/A

N/A

R3-S0000

F0/1

172.16.3.1

255.255.255.0

N/A

S3 G0/0

S0/0

10.2.2.1

255.255.255.252

N/A

N/A

S1-S0000

VLAN 1

192.168.2.11

255.255.255.0

192.168.2.1

N/A

S2-S0000

VLAN 1

192.168.1.11

255.255.255.0

192.168.1.1

N/A

S3-S0000

VLAN 1

172.16.3.11

255.255.255.0

172.16.3.1

N/A

ASA

VLAN 1 (G0/1)

192.168.1.1

255.255.255.0

N/A

S2 G0/0

VLAN 2 (G0/0)

209.165.200.226

255.255.255.248

N/A

R1 F0/0

VLAN 2 (G0/2)

192.168.2.1

255.255.255.0

N/A

S1 G0/0

PC-A

NIC

192.168.2.3

255.255.255.0

192.168.2.1

S1 G0/1

PC-B

NIC

192.168.1.3

255.255.255.0

192.168.1.1

S2 G0/1

PC-C

NIC

172.16.3.3

255.255.255.0

172.16.3.1

S3 G0/1

In this lab, you will perform the following tasks:In this Assignment you are required to complete all the following parts:

Task 1: Configure Basic Device Settings:

• Configure host names as shown in the topology plus your student ID.
• Configure interface IP addresses as shown in the IP Addressing Table.
• Configure static and dynamic routing

Task 2: Configure Secure Router Administrative Access

• Configure encrypted passwords and a login banner.
• Configure the EXEC timeout value on console and VTY lines.
• Configure login failure rates and VTY login enhancements.
• Configure Secure Shell (SSH) access and disable Telnet.
• Configure local authentication, authorization, and accounting (AAA) user authentication.
• Secure the router against login attacks and secure the IOS image and the configuration file.
• Configure a router NTP server and router NTP clients.
• Configure router syslog reporting and a syslog server on a local host.

Task 3: Configure a Zone-Based Policy Firewall and Intrusion Prevention System
• Configure a Zone-Based Policy Firewall (ZPF) on an R3 using the CLI.
• Configure an intrusion prevention system (IPS) on an R3 using the CLI.

Task 4: Secure Network Switches

• Configure passwords and a login banner.
• Configure management VLAN access.
• Secure access ports.
• Protect against Spanning Tree Protocol (STP) attacks.
• Configure port security and disable unused ports.

Task 5: Configure ASA Basic Settings and Firewall
• Configure basic settings, passwords, date, and time.
• Configure the inside and outside VLAN interfaces.
• Configure port address translation (PAT) for the inside network.
• Configure a Dynamic Host Configuration Protocol (DHCP) server for the inside network.
• Configure administrative access via Telnet and SSH.
• Configure a static default route for the Adaptive Security Appliance (ASA).
• Configure Local AAA user authentication.
• Configure a DMZ with a static NAT and ACL.
• Verify address translation and firewall functionality.

Task 6: Configure a DMZ, Static NAT, and ACLs on an ASA
• Configure static NAT to the DMZ server using a network object.
• View the DMZ Access Rule (ACL) generated by ASDM.
• Test access to the DMZ server from the outside network.

Task 7: Configure ASA Clientless SSL VPN Remote Access Using ASDM
• Configure a remote access SSL VPN using the Cisco Adaptive Security Device Manager (ASDM).
• Verify SSL VPN access to the portal.

Task 8: Configure a Site-to-Site VPN between the ASA and R3

• Configure an IPsec site-to-site VPN between the ASA and R3-S0000 using ASDM and the CLI.
• Activate and verify the IPsec site-to-site VPN tunnel between the ASA and R3.

Upon Completion of the above configuration tasks, you have been asked to draft a Policy on using of VPN by telecommuters. The policy should include the following sections:

1. Objectives 3. Audience 5. Exceptions
2. Purpose 4. Policy 6. Violations

Attachment:- Develop a security Infrastructure.rar

Reference no: EM132689368

Questions Cloud

Contrast weaknesses of analytic and non-analytic forecasting : Contrast weaknesses of analytic and non-analytic forecasting. Provide one example of each method being used in a real-world scenario to support your answer.
What is the additional profit contribution : What is the additional profit contribution from sales if credit standards are relaxed?
Explain goal treatment pharmacology : You must create a case and develop the following topics (MANDATORY): Labs or tests typically ordered concerning this condition, and explain them.
Think of terrorist attack : When people think of a terrorist attack, images of explosions or 9/11 flash through their minds.
ITNE2005 Develop a security Infrastructure for a Medium-Size : ITNE2005 Develop a security Infrastructure for a Medium-Size Network Assignment Help and Solution, Victoria Institute of Technology - Assessment Writing Service
Calculate the net present value of the merger : The cost of capital for the acquisition is 10.9%. Calculate the net present value of the merger
How paths of dependencies can affect the security : Discuss how having multiple levels and paths of dependencies can affect the security of an application. Also, what do you think about remediation challenges
Discussion centers around the concept of blockchain : Discussion centers around the concept of Blockchain. There is still much confusion regarding what Blockchain is and what it is not.
Global warming is systemic heating of earth water masses : Global warming is the systemic heating of the earth's water masses, atmosphere, and surface due to human activity that leads to greenhouse gas emissions

Reviews

Write a Review

Computer Networking Questions & Answers

  Networking and types of networking

This assignment explains the networking features, different kinds of networks and also how they are arranged.

  National and Global economic environment and ICICI Bank

While working in an economy, it has a separate identity but cannot operate insolently.

  Ssh or openssh server services

Write about SSH or OpenSSH server services discussion questions

  Network simulation

Network simulation on Hierarchical Network Rerouting against wormhole attacks

  Small internet works

Prepare a network simulation

  Solidify the concepts of client/server computing

One-way to solidify the concepts of client/server computing and interprocess communication is to develop the requirements for a computer game which plays "Rock, Paper, Scissors" using these techniques.

  Identify the various costs associated with the deployment

Identify the various costs associated with the deployment, operation and maintenance of a mobile-access system. Identify the benefits to the various categories of user, arising from the addition of a mobile-access facility.

  Describe how the modern view of customer service

Describe how the greater reach of telecommunication networks today affects the security of resources which an organisation provides for its employees and customers.

  Technology in improving the relationship building process

Discuss the role of Technology in improving the relationship building process Do you think that the setting of a PR department may be helpful for the ISP provider? Why?

  Remote access networks and vpns

safekeeping posture of enterprise (venture) wired and wireless LANs (WLANs), steps listed in OWASP, Securing User Services, IPV4 ip address, IPV6 address format, V4 address, VPN, Deploying Voice over IP, Remote Management of Applications and Ser..

  Dns

problems of IPV, DNS server software, TCP SYN attack, Ping of Death, Land attack, Teardrop attack, Smurf attack, Fraggle attack

  Outline the difference between an intranet and an extranet

Outline the difference between an intranet and an extranet A programmer is trying to produce an applet with the display shown in Figure 1 below such that whenever one of the checkboxes is selected the label changes to indicate correctly what has..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd