Drew Tadgerson Networking Concepts & Apps Mini Cases Chapter 11 & 12 MIS589 February 24, 2013 Shaun

n Gray

Chapter 11: Mini Case 1 Belmont State Bank At looking at this case it is clear that we need a secure network. Once major risk we need to ensure is the bank transaction are being transferred securely. Developing a secure network means developing controls that reduce or eliminate threats to the network. Here are some of the preventions we need to review when creating preventive measures to maintain compliance Compliance Methods - All virus definition and DAT file in the organization must be up to date by performing inventory of all employees machine by using a Tool such as SCCM to ensure all machine have the correct version. Push will be performed remotely to ensure all machine have the proper version. Wireless Access- In order to access wireless within the organization all employees will be required to have a SSL certificate to enable access to wireless network. Only authorized authentication will be permitted online Desktop Firewall- To assist in protecting again spywares or a predator using employees machines as a BOT employee must ensure their Desktop firewall are activated or a Group Policy (GPO) can be setup on the administrator side to ensure they are active and restrict any modification from users. All machines will have Desktop firewall enabled to reduce the risk of remote penetration to assist in avoiding Denial-of-Service (DoS) attacks. Router restriction- We need to implement Access Control List (ACL) in the router to control network traffic. The router will look at the internal and external packages process via the Network layer of the OSI model which is consider to be layer 3. The router will ensure the source and destination IP address match to render clear passage. Time Access Control List, filtering will allow the organization to monitor client traffic remotely to ensure proper network traffic flow. This can also be used to implement a Time ACL to restrict client access during off peak hours. Remote Work Force- All remote work forces will require to 100% compliant at all times. These employees will be a separate VLAN for proper monitoring which will assist in reducing overall network traffic. Employees and Clients will be on detached VLAN for network management Encryption- All computers will be required to have encryption. This will reduce the risk when sending information internally and remotely. By encrypting the information will reduce man-inthe middle attacks from predators.

VPN- To ensure a secure tunnel is being created to transaction. This will reduce the cost of having modems and provide a more secure path to the companies information servers. Controls prevent, detect and correct whatever might happen to the organization when its computer based systems are threatened. The first step in developing a secure network is to conduct a risk assessment. This is done by identifying the key assets and threats and comparing the nature of the threats of the threats to the controls designed to protect the assets. A control spreadsheet lists the assets, threats, and controls that a network manager uses to assess the level of risk. Above are some examples or some of the steps to take when we look at risk assessments.

Computer Dynamics Computer Dynamics is a microcomputer software development company that has a 300computer network. The company is located in three adjacent five-story buildings in an office park, with about 100 computers in each building. The current network is a poorly designed mix of Ethernet and token ring (Ethernet in two buildings and token ring in the other). The networks in all three buildings are heavily overloaded, and the company anticipates significant growth in network traffic. There is currently no network connection among the buildings, but this is one objective in building the new network. Describe the network you would recommend and how it would be configured with the goal of building a new network that will support the companys needs for the next 3 years with few additional investments. Be sure to include the devices and type of network circuits you would use. You will need to make some assumptions, so be sure to document your assumptions and explain why you have designed the network in this way. I would recommend creating a multi switch VLAN. VLANs offer two other major advantages compared to the other network architectures. The first lies in their ability to manage the flow of traffic on the LAN and backbone very precisely. VLANs make it much simpler to manage the broadcast traffic that has the potential to reduce performance and to allocate resources to different types of traffic more precisely. The bottom line is that VLANs often provide faster performance than the other backbone architectures. I would also provide a fiber connection between the three buildings.

References:
Dennis, A. Fitzgerald, J. Business Data Communications and Networking Chapter 11 and 12. Henry, A. Why You Should Use VPN September 2012. http://lifehacker.com/5940565/why-you-should-start-using-a-vpn-and-how-to-choose-the-best-one-foryour-needs