1.

INTRODUCTION:

Big Co Plc wants to provide the network access and mobiles for their offsite workers. It
helps to send and receive the information from one end to the organisation and workers vice versa. In
this scenario many problems will occur when transmitting and receiving the data due to hackers and
virus like loss of data, modifying the important data, changing the passwords and modifying the
registry. So, in order to overcome from those problems the network security is more important.

The management of network and telephone lines depending upon the design of the
network. The main essentials in managing the network are firewalls, design rules, intrusion detection
software, honey pots, antivirus software and relatively what are the threats and vulnerabilities.

One of the important tools which are used for managing the network security is VPN.
Virtual Private Network is the grouping of software and hardware allows the employs to use the
internet by establishing the secured, a private connection with a host network. The main use of VPN is
providing the data privacy.

Another tool which is used for managing both telephone as well as network is VoIP.
VoIP digitalise voice packets in data packets and transfer them and reconverting in to voice packets
at the destination. Such that the packets are transmitted without loss of any data

2. Network security:

a. Firewall:

Firewall is basically used to prevent intruders, these firewall depends on the

configuration. The network should be secured on the state packet inspection firewall, DOS and
intrusion. The important in network security is to provide authentication and encryption for the IP
suite. The Firewall is either hardware or software or combination of both. All messages entering or
leaving will pass through our firewall allow the secured packets which are based on the rules. There
are several types of firewall which is based on the implementation of the packet filter, application
gateway, circuit level gateway, proxy server.

For VPN the general ports for PPTP uses TCP port 1723, UDP port 1701. The
generic route encapsulation (GRE) port 47 for tunnel encapsulation used for PPTP to connect between
client and server .When the sender sends a packet this GRE carries a header along the message to the
destination , once the receiver receives the header is discarded and the message is reviewed. The
control connection TCP 6 and 1723 destination port.

In firewall you can see two nodes called inbound rules and outbound rules. Inbound
rules controls connections to the server and outbound rules controls connection by the server.

b. Designing Rule:

Considering internal network is 192.168.139.0, the firewall is at 192.168.139.1, the

email server is at 192.168.139.2, the web server is 192.168.139.3 and DNS server is 192.168.139.4.

Creating Rules
 1. Allowing internal network to access external network.
2. Prevents access to Firewall.
3. Allowing internal and external access to web server and email server.
4. Allowing internal network to access DNS server.
5. Additional rules that involves for the security in firewall.

c. Intrusion Detection Software:

This software helps in finding the intruder before/after the attack is performed. Snort
is a network detection tool which prevents and detects the intruder.

There are two types of approaches

Statistical anomaly detection:

This detection is based on the profile and threshold.

Rule based detection:

This detection is based on the rules which is been configured in the gateway to prevent intruders.
Considering expert system and usage patterns the detection is performed.

Ref:Network security essentials (William Stallings)

d. Honey Pots:

Honey is a computer which is placed in between the bastion host and the internal
network. The computer is equipped with data files, software which makes intruder to believe these are
used by companies.

e. Anti Virus:

Anti Virus are software which is used to prevent, detect and remove malicious
program. These detect virus which are present in files through different type of search like dictionary
search and malicious activity. Now high rated anti-virus software is Looi Software V-Buster Antivirus
which can detect, remove viruses and restores crashed disks. This tool is extremely small in size and
does not slow the system

3. Phone Security:
The companys offsite workers can able to access the sensitive corporate business
information through the mobiles. Hence the mobile security is more important. So for preventing the
unauthorised access the company should take appropriate measures

The threats that affect the mobile phones are:

a. Threats:

1. Exposure of critical information to intruders

Exposure of critical information to the intruders or sniffers could be possible if the
proper security measures have not implemented. Sniffers can use several methods to sniff in
to wireless transmission system using wireless sniffing tools. When the signals travels long
 distance the strength of the signal diminished, this creates a better opportunity for sniffers to
peep in to the system.

2. Hand held devices can be easily lost or stolen

Hand held devices can be easily stolen displaced by exposing the entire network in
to a great danger if the necessary security measures are not installed such as user level
authentication and passwords
3. Viruses send through Mobile phones
Mobile viruses becoming a major threat to increasing work force those who
specially work from remote locations. These mobile viruses specially attack the operating
system of the mobile phones by critically exposing these devices in to a great danger or make
them completely dysfunction by taking the advantage of the loop holes in application
software.

4. E-mail viruses
Email Viruses specially affect the devices that have higher computational
capacity such as PDAs and other hand held devices with an operating system. These
specially written computer programs design to affects the operating system directly in the
way that they affect a normal PC.
5. Spam
Spamming is one of the major concern in network security at present because
spamming will straightaway affect the transmission of the network by consuming the
bandwidth capacity of the network in unnecessary way and causing.

b. Vulnerabilities:
The vulnerabilities that the Big Co Plc should take to minimise the risks are

1. Device registration:
The mobile device should be registered in order to maintain index calls or data transmitting
or receiving through the device.
2. Creating security policies:
The company should implement security policies in mobile usage in order to reduce the
risks like password protection, encrypting the sensitive information on the device. And by
using advanced encryption and key management techniques can minimize WLAN-related
security vulnerabilities.
3. Limited downloads:
The workers in the office should be restricted for downloading sensitive applications related
to companys database and using Bluetooth, WI-Fi and using other communication devices.

4. Antivirus tools:
The mobiles should be installed with better antivirus tools in order to protect the data from
spam and virus and malwares.

4. VPN:
The purpose of using a virtual private network is that it can establish secured virtual
links among defined peers or defined communities. It forms some kind of virtual tunnels between two
peers and cryptographic technologies prevent exposing the private data/ information to outsiders or
intruders through the public Internet. Being complex cryptographic algorithms are use for encryption
and decryption within VPN tunnels, it also creates the bottleneck within the network itself.

However, specialized hardware has improved the performance bottlenecks in the Virtual
private Networks and they maximize the efficiency by minimizing the latency. Modern VPN
technologies include PPTP, L2TP, and IPSec PPTP and L2TP, work at the data link layer and provide
better performance between remote access points of such as mobile users and organization.

5. VoIP:
Voice over Internet Protocol (VoIP) is a technology that transmits voice signals using
internet protocol. Voice over Internet Protocol converts the voice signal into a digital signal that pass
on the Internet. The management is able to make VOIP calls from a computer, mobile phones or
traditional phones with or without adapters. The technology present would allow accessing internet
and VOIP services from any remote location.

When it comes to VoIP security is same as any services provided from any IP service,
such as normal internet functions and other e-mail services. Even though VoIP service is cost effective
it has some reliability problems and some security vulnerabilities. These voice packets can be targeted
by any hacker or sniffer or any other form of vulnerabilities such as worms, viruses, and Denial-of-
Service.

However denial of service (DoS) was not a issue with traditional telephone system or
the circuit-switched network. It also adds up all the vulnerabilities which associate with Internet
protocols. VoIP uses a Internet Protocol in shared IP network, it exposes the risk of being accessible
by users on the Local Area Network and by the other intruders who can eventually be a threat to the
entire LAN in to great danger.