Riordan Manufacturing Integrative Network Design Project Week4 Brenda Rivera NTC/362 March 24, 2014 Heather Farnsworth Introduction Riordan Manufacturing a global plastics manufacturer is taking the next step to upgrade the existing infrastructure with new wireless technology which will provide a better communication link. With new systems and servers the ability to maximize the company’s profits will increase overnight. The new inventory system will allow the stores POS systems to alert the warehouses to ship more products when they are running low automatically. This will eliminate the need of wasted man hours checking the stock. The communication being upgraded with VoWLAN, which will give …show more content…
The new WLAN network will be protected by multiple firewalls, IPS, IDS, and a file integrity system. The Firewall systems will be used to prevent scanning activity as well as blocking malicious IPs from entering the network. This is critical because being able to block this type of traffic can save a network and the people who watch it a lot of time on incident investigations. When hackers are scanning a network they are looking for reply backs from any port(s) that will respond. This can help them finger print a system and by knowing what is on a network they can use this information for crafting attacks. Once this is identified by a security team they can block the intruding IP at the firewall. This will prevent all traffic coming and going to the suspicious IP in question. The IPS and IDS systems will be another addition that will be used to protect the Riordan Manufacturing networks as well. There is a difference between these two systems and it is important to know what each one does. The IPS stand for Intrusion Prevention System. This system is designed to prevent attacks from hitting the network. For the new Riordan network the IPS system that will be implemented is Surefire because use a rule based detection engine known as Snort. Conclusion Once the new network is in place and the policies have been implemented the new WLAN network will be ready to go.
I have been recently hired to upgrade a company’s current network. Currently this company has a 10BaseT network established (Regan, 2004). This client is
Organizations should develop a security policy for the wireless LAN infrastructure prior to the implementation stage. In order to have a strong security policy,
This is a direct extension of the 802.11b that extends the maximum data rate to 54Mbps, making it possible to serve up to five times as many users. Our Wi-Fi network is based on the IEEE 802.11 b/g standards, which is the most commonly used standard. We have added Wi-Fi access points in our network to give easier access to corporate data and services. Most of the devices in this network, for example the personal computers, smartphones, digital cameras, tablets and digital audio players connected using the Wi-Fi technology. The hotspot will be in the range of 20 meters (66 feet) indoors and a greater range outside.
A firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service. It may be a hardware device or a software program running on a secure host computer. It must have at least two network interfaces, one of the network it is intended to protect, and one for the network it exposed
Security is almost certainly the most difficult aspect of a network to perfect. It is important to have the correct procedures and components in place to make certain network security is being accounted for and addressed on any given network. The journal, “Future Generation Computer Systems” elaborates on this necessity for an information system. “Future Generation Computer Systems”, this component of a network is discussed thoroughly. “Essentially securing an Information System (IS), involves identifying unique threats and challenges which need to be addressed by implementing the appropriate countermeasures” (Dimitrios Zissis, Dimitrios Lekkas, 2012). This was achieved through configuring access lists as well as CHAP configuration on the routers connecting to the edge
MAC address filtering will allow the servers to accept incoming traffic from predetermined hosts. To further secure the local area network, the network security team will be implementing the principle of least privilege in regards to the users. By using the principle of least privilege we will be preventing multiple forms of malicious or accidental risks by only giving the user the permissions and privileges necessary to complete their job. Microsoft’s default security software is commonly used and well known making the vulnerabilities well known, which would make it easier for a hacker to plan out an attack. Third party antivirus\malware and firewall software will be used on all machines. The servers located within the network will make use of a statefull firewall to monitor and filter all traffic on the network by scanning for congruence between data packets.
Wi-Fi Protected Access 2, the follow on security method to WPA for wireless networks that provides stronger data protection and network access control. It provides enterprise and consumer Wi-Fi users with a high level of assurance that only authorized users can access their wireless networks. Based on the IEEE 802.11i standard, WPA2 provides government grade security by implementing the National Institute of Standards and Technology (NIST) FIPS 140-2 compliant AES encryption algorithm and 802.1x-based authentication.
Network Intrusion Detection: Software exists to watch traffic on your network to search for malicious intent. Is an Intrusion Detection System going to be implemented? An IDS is not a fire and forget type system. It requires constant monitoring. Smaller organizations will be overwhelmed by the amount of information it produces.
Ciampa, M. (2013). WNA Guide to Wireless LAN’s (3rd ed.). [VitalSource Bookshelf]. Retrieved from http://www.devryu.net/
The first version of the 802.11 protocol was released in 1997, and was updated to 802.11b in 1999 to permit 11 megabits to be transmitted. But Wireless WANs (WWANs) network cover broader areas then WLANS and includes such things as cellular networks, cellular digital packet data, satellite networks, microwave networks, and much more. But Both WWANS and WLANs rely on the RF spectrum as there communication medium. The security measure for wireless users is strict, even though it can be accessed by walking near a building. Wireless signals are easy too pickup especially with a cellular device but it is usually password but still can access from intruders. But there are many way of preventing these hackers from entering in which will be explained later. Also for Mobile network/and its network security, its network operates on a radio frequency consisting of radio cells, each served by a fixed transmitter, and for both wireless and mobile networks, they have the advantage of mobility, flexibility, ease of installation, and low cost. But some drawbacks for both systems include Limited Throughput, Limited Range, in building penetration problems, vulnerability, and lastly security.
Thank you for the great general information regarding firewall configuration, and its part in a larger network security solution. However, I think perhaps the most critical component of any firewall system is ruleset configuration. Incorrect configuration could potentially leave the network open to attack, negating the need for the firewall in the first place. For example, if a rule is set to allow traffic through an insecure port rather than to deny it, the entire network could be compromised by one simple line of CLI configuration.
Evaluate and select a WLAN architecture. Wired Ethernet frames are converted to wireless RF signals through access points (APs). The two main access points are autonomous APs and lightweight APs.
Firewalls are also important because they are a single point where you can impose security and auditing. If someone attacks a computer system by dialing in with a modem, tracing the perpetrator is impossible. In contrast, the firewall can act as an effective phone tap and tracing tool. Firewalls also provide an important logging and auditing function, summarizing topics such as the kinds and amount of traffic that passed through it and how many attempted break-ins occurred recently.
Furthermore, researchers have developed some newer methods, such as protocol normalization and distributed firewalls but they have yet to be widely adopted . In addition, because selective data must be able to pass in and out of a firewall in order for the protected network useful, every attack cannot be stopped by firewalls. Particular emerging technologies, such as Virtual Private Networks and peer-to-peer networking pose more modern challenges for firewalls .
WLAN (Wireless Local Area network) and its components: The task of developing a WLAN on commercial front possesses a greater challenge. Developing initial design, purchasing and installing components, managing and providing maintenance to the systems are the main basic parts of the WLAN. When we use WLAN on a commercial front then we may face the security and privacy concerns. The total area of that particular commercial area should be accessible. This is only possible with installing huge number of access points. The various components of the WLAN are