Develop firewall rules, Computer Network Security

Assignment Help:

Question requires you to develop firewall rules based on a fictitious organisation.

Scenario:

You work for a security-conscious company, xC-Cure, who develop encryption technologies for large corporate and defence customers world-wide.  Your role is a junior security specialist and you have recently been asked to plan for the deployment of a new firewall.

The firewall is structured around an external filtering router (using NAT)with three(3) interfaces.  The external (public) interface is Internet facing and has a public IP of 120.9.20.1.  The second interface has an IP of 10.1.0.1 and is the gateway to the DMZ network (10.1.0.0).  The third interface has an IP of 10.2.0.1 and is the gateway to the intranet (10.2.0.0). The firewall also acts as a VPN tunnel server on its public Internet interface.

While certain traffic can flow between the DMZ and the intranet, Internet initiated connections should not enter the intranet.  Two sets of filtering rules are applied:  one for traffic flowing in and out of the Internet interface, another for traffic flowing between the DMZ and the intranet.

The DMZ contains the following servers:

  • A publicSecure Web Server (10.1.0.101) that accepts incoming https connections and makes connections to the Oracle Database inside the Intranet
  • The Mail server (10.1.0.102) that accepts POP3 connections from the intranet and initiates and accepts SMTP connections to the Internet

The Intranet contains the following servers:

  • The Oracle Database Server (10.2.0.10) that accepts SQLNet traffic from the Web Server in the DMZ
  • The Intranet Web Server (10.2.0.11) that accepts HTTP traffic ONLY from within the intranet
  • A File Share Server (10.2.0.12) that accepts SMBtraffic ONLY from with the intranet

 


Related Discussions:- Develop firewall rules

Object tracking using wireless sensor networks, This project involves the d...

This project involves the design and development of a simulation environment of many sensors tagging material/ machinery/equipment/etc in a warehouse site to help monitor and manag

Innovative nature of triple key management, Innovative nature of triple key...

Innovative nature of triple key management The triple key management scheme provides secure services by combining different techniques whic contribute to the security and priv

Md Fayzul karim, How can I get help for Linux automotion configuration (...

How can I get help for Linux automotion configuration (Network, virtualization, security and Firewal etc) with bash scrip. What is the charge for.

Routing table, ROUTING TABLE For efficiency, information about forward...

ROUTING TABLE For efficiency, information about forwarding is saved in a routing table, which is started at system initialization and must be updated as network topology modif

Guided media, Guided Media These are those that give a conduit from on...

Guided Media These are those that give a conduit from one machine to another that add twisted-pair, fiber-optic cable and coaxial cable. A signal traveling along any of these

Classification of networks, Computer networks are defined by four factors w...

Computer networks are defined by four factors which are as given below: 1) NETWORK SIZE: According to the size of networks. 1) Local Area Network ( LAN) 2) Wide Area Ne

Find the possible deciphering transformations, Question: (a) A string o...

Question: (a) A string of ciphertext was enciphered using an a±ne transformation of single letters in a 28-letter alphabet consisting of A to Z, a blank and a?, where A to Z ha

Ring topology, RING TOPOLOGY In this topology of network the devices a...

RING TOPOLOGY In this topology of network the devices are connected to each other in packed loop. In this network first computer passes data packet to the second and then seco

#title.TIPS., 1. For this project, assume that an organization has five ser...

1. For this project, assume that an organization has five servers. Server 1 has a TCO of $25,000, Servers 2 and 3 have a TCO of $37,000 each, and the remaining two servers— Servers

Data compression and the transport services, Da t a compre s sion a...

Da t a compre s sion and the trans p ort s e rvices,   The main purpose of the transport layer is to provide services which are efficient, reliable and cost-effecti

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd