Embed Size (px)
Citation preview
[
]
2014
Name?
IS3220
Mr. ?
Selecting Security Name?Countermeasures IS3220
05 Jan 2014
After reviewing Corporation Techs Network Design layout with the existing and
proposed networks I have found several possible security threats. To start with the original
network design does not show any IPS, IDS devices or firewall protection at all, mainly for their
servers in particular. Also there is no mention of any type of DMZ setup for the network. As for
the proposed network expansion, again there are no IPS or IDS devices and no Firewalls as part
of the planning. The Web Server is setup in a DMZ configuration but without the Firewalls
correctly emplaced and active then it is not a true DMZ and creates a threat. Another thing that
stood out is that they added is the Wireless network without any Firewall protection.
The Benefits of adding these countermeasures is obviously the benefit of Network
Security where there basically was none. The first thing that should be done is to add an IPS
device between the internet and the private network in order to help prevent intrusion. Another
countermeasure that adds a layer of security would be by adding an IDS device behind the IPS
device that will be able to detect suspicious activity while monitoring the network and acting as a
detect and react measure. Firewalls are best used between each division or physical locations to
filter incoming and outgoing traffic of the private network (Stewart, 2011). The benefit of
adding the DMZ is so if an intruder gains access to the Web Server he/she is more or less
isolated in a sub-network with no direct access to the rest of the private network or corporate
assets. As for the Wireless Network, the best security strategy that could be done is to use a
combination of a VPN connection and of course a Firewall to filter traffic.
Selecting Security Name?Countermeasures IS3220
05 Jan 2014
Below is an illustration as to how the Newly Proposed Network will look:
Selecting Security Name?Countermeasures IS3220
05 Jan 2014
References
Works Cited
Stewart, J. M. (2011). Network Security, Firewalls, and VPNs. Sudbury: Jones & Bartlett
Learning. Retrieved Jan 10, 2013
![CCNA Security S1 1 [Modo de compatibilidad]€¢ Selecting and implementing countermeasures • Network security design What is Network Security? National Security Telecommunications](https://img.pdfslide.us/doc/110x75/5ad7666e7f8b9af9068c2d84/ccna-security-s1-1-modo-de-compatibilidad-selecting-and-implementing-countermeasures.jpg)
