StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Network Operating Systems and Security BEng - Assignment Example

Cite this document
Summary
This assignment "Network Operating Systems and Security BEng" shows that Due to recurrent technological developments, communication technology frequently diverts in new dimensions. The research and development in the context of information and communication technology are very effective…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER92.1% of users find it useful
Network Operating Systems and Security BEng
Read Text Preview

Extract of sample "Network Operating Systems and Security BEng"

Network Security Due to recurrent technological developments, information and communication technology frequently diverts in new dimensions. The research and development in the context of information and communication technology is very effective. Moreover, the new and advanced form of technology has also facilitated vulnerabilities and threats to be more intelligent. Organizations require advanced protection and security from these threats and vulnerabilities. Security is a mandatory trend that is implemented to protect anything that needs to be protected. The definition available on ‘www.businessdictionary.com’ covers the basics and states it as “Prevention of and protection against assault, damage, fire, fraud, invasion of privacy, theft, unlawful entry, and other such occurrences caused by deliberate action”. In the context of network security definition, it consists of concerns related to network communication privacy, confidentiality of data over the network, accessing unauthorized classified data, access to prohibited network domains and utilizing Internet for concealed communication (Network Security. 2007). The security predictions that were published in an article for the year 2010 incorporates new advanced threats named as advanced persistent threats (APT), Cyber war escalates, VoIP attacks, Perimeter shrinks and harden, social networking sites, malware, DLP for intellectual property protection and malware as a service (MaaS) (Watchguard Unveils Top 10 Security Predictions for 2011. 2011). In order to protect the computer network, organizations emphasize on implementing hardware and software application as well as a security policy. This policy is followed by constructing a security policy document that defines rules and procedures. A typical security policy is constructed on a set of rules that defines authorization and access of network resources of an organization (, what is security policy? definition and meaning).The aim of implementing these security policies is to establish rules and procedures for improper use of network services. Moreover, the objective is to create a framework that will assist in identification and prevention of unauthorized access of network services (, Network Security Policy). Network security issues can lead to many different aspects. For example, if the server containing customer data is breached, organization will lose its credibility and trust among the customer and that will result in business loss. Similarly, if a critical system is hacked by internal or external sources, organization’s financial data along with goals and objectives can be revealed to other competitors. In order to eliminate the threats including unauthorized access, viruses, Trojans, malware and malicious codes, a security policy document is required. The document will provide a consistent framework to secure the integrity of the network along with eliminating risk abided by security threats and vulnerabilities. 2 Risk Assessment Risk assessment is a process to evaluate risks associated with threats and vulnerabilities to the network. Three factors will be considered in this scenario i.e. Assets, Threats and Security Priority Identification. 2.1 Assets The identification of information assets is vital before conducting risk assessment. Information assets are defined as the entities that hold organization data. A good definition is available on ‘www.ibm.com’ which states it as, “information assets are specific to your business functions and business strategies, they may be contained within broad categories such as contractual and legislative compliance, those needing virus prevention, those critical to business recovery following security compromises, etc.” The information assets for an organization will be technology assets, data asset, service asset and people asset. In case of educational establishment the assets that need to be prioritized are: file space server, Linux web server, finance server, student database and email server. 2.2 Threats Threats are defined as the probable network security breach that may occur in the future and will harm the network, as well as Information systems. The current trends in technology advancement have enabled the networks to be prevalent. People are connected at home, offices, as well as when they are travelling either via laptop or mobile phones. The evaluation is conducted to identify the severity of each information system, which deserves priority due to the value of data that needs to be protected. Both threats and vulnerabilities need to be considered concurrently. Threats can provide damage to the confidentiality, availability and integrity of information present in the information systems. They explore opportunities for security breaches to cause confidential data invasion via unauthorized access, amendment of data, removal of information from information systems. Threats can hit the network from various sources. Threats are confidential on the parameters of different capabilities and approach including external approaches by cyber criminals, hackers, terrorists. In order to handle threats of different nature different risk mitigation and control methodologies are required in the context of protecting the prioritized information systems. An educational establishment is vulnerable to viruses, Trojans, hacking, unauthorized access, stealing data, penetration of email services, 2.3 Security Priority Identification The security priority identification is associated with importance of each asset with a priority level or importance. It is not necessary that the importance of assets will be similar, as it will differ according to the nature of business. For instance, a financial institution will give first preference to the financial records as compared to a university maintaining a student’s database. As per the scenario, an educational establishment may have identified risks as shown in Fig 1.1 Occurrence Risk Severity Identified Risks Highly likely to occur High risk Malicious code, Unauthorized Access (internal or external) Medium likely to occur High risk Hacking, Denial of Service attacks Not likely to occur Medium/low risk Highly likely to occur Medium risk Viruses, Spyware, Trojans Medium likely to occur Medium/low risk Email penetration, Power Failure Not likely to occur Low risk Highly likely to occur Low risk Medium likely to occur Low risk Not likely to occur Low risk Figure 1.1 3 Security Control Procedures Security control procedures for an educational development are illustrated in Fig 1.2, 1.3 and 1.4. Disruption Security Control Procedures Power Failure UPS Viruses Firewall, Antivirus Trojans Firewall, Antivirus Spywares Firewall, Antivirus Figure 1.2 Destruction Security Control Procedures Hacking Intrusion Detection System Unauthorized Access Active Directory, Account Audits Denial Of Service Attacks Deployment of intrusion Detection System Physical Data theft Biometric identification Figure 1.3 Disaster Security Control Procedures Fire Fire extinguishers Earth Quake Storage on alternate locations Floods Contingency Planning Figure 1.4 As shown in figure 1.2, the threats related to disruption are indicated. Power outage can be disruptive, as the network devices require constant supply of power. If any power issue occurs, UPS can be used as an alternate power source in order to avoid disruption of services. However, UPS can only provide power for a limited period. Moreover, viruses, Trojans and spywares can disrupt network services by damaging operating system boot files of the servers and broadcasting unwanted traffic on the network. Furthermore, broadcasting can cause network congestion along with degradation in network services. Figure 1.3 illustrates hacking as a destructive threat as it will take control on the network and data. Unauthorized access is related to internal and external access to resources that are confidential and prohibited. This can be prevented by deploying active directory with user credentials, as account audits will log all the activities of all employees from their workstation. Denials of service attacks are destructive as they halt all the services and activity on the network. IDS will sense and report these type of attack on initial stages as it is easy to counter them early. Installing biometric devices can prevent physical theft on critical rooms, as only authorized personal will be allowed. Figure 1.4 shows natural disasters along with their security control procedures. The risk assessment is conducted by categorizing risk identification, risk severity, and occurrence as shown in Fig 1.5 below: Occurrence Risk Severity Identified Risks Highly likely to occur High risk Malicious code, Unauthorized Access (internal or external) Medium likely to occur High risk Hacking, Denial of Service attacks Not likely to occur Medium/low risk Fire Highly likely to occur Medium risk Viruses, Spyware, Trojans Medium likely to occur Medium/low risk Email penetration, Power Failure Not likely to occur Low risk Highly likely to occur Low risk Medium likely to occur Low risk Not likely to occur Low risk Figure 1.5 4 Network Diagram The network diagram demonstrates the appropriate deployment of firewall, intrusion detection system, servers, switches and WAN connectivity. Figure 1.6 5 Proposed Backup Plan As per the proposed network for an educational establishment, 24 hours availability is required for services related to digital libraries, online learning and web application. In order to implement a disaster recovery plan, replication of data and services is required. This is conducted by installing additional hardware in terms of a backup server that will replicate data on regular basis. For instance, to secure data related to finance department, backup finance server will be deployed to synchronize data on small intervals. Disk mirroring techniques can also be employed. Disk mirroring is defined as “The recording of redundant data for fault tolerant operation. Data are written on two partitions of the same disk or on two separate disks within the same system. Disk mirroring uses the same controller. RAID 1 provides mirroring, which was first accomplished only with SCSI drives, but later with ATA (IDE) drives” (Disk Mirroring. 2011). However, RAID controllers are implemented in the process. A comprehensive definition of RAID is available in the network dictionary that says, “Redundant Arrays of Independent Disks (RAID) is a type of disk drives with two or more drives in combination for increasing data integrity, fault tolerance, throughput or capacity and performance. RAID provides seceral methods of writing data across/to multiple disks at once. RAID is one of many ways to combine multiple hard drives into one single logical unit. Thus, instead of seeing several different hard drives, the operating system sees only one. RAID is typically used on server computers, and is usually implemented with identically-sized disk drives. With decreases in hard drive prices and wider availability of RAID options built into motherboard chipsets, RAID is also being found and offered as an option in higher-end end user computers, especially computers dedicated to storage-intensive tasks, such as video and audio editing.”If ‘finance server’ stops responding or crashes, data can be restored from the backup finance server and services can be restored with minimal damage. Similarly, the same methodology can be implemented for student’s database. Moreover, WAN connectivity can be shifted from the disconnected link to the alternate link in order to provide constant connectivity without service interruption. In this case, an educational establishment may subscribe for two internet connections but different carriers. Both the connections will be terminated on the router WAN interface. In order to activate both connections, propriety-based protocol will be configured. Figure 1.7 illustrated the summary of a recovery plan. Server Roles Disaster Recovery Plan Finance Server Deploying Backup Servers equipped with RAID for Disk Mirroring Student’s Database Deploying Backup Servers equipped with RAID for Disk Mirroring Alternate WAN Configuring Priority Based Protocol Figure 1.7 References Watchguard Unveils Top 10 Security Predictions for 2011. 2011. Computer Security Update, 12(2), pp. 4-7. , Network Security Policy . Available: http://www.utoronto.ca/security/documentation/policies/policy_5.htm [5/8/2011, 2011]. , What is security policy? definition and meaning . Available: http://www.businessdictionary.com/definition/security-policy.html [5/8/2011, 2011]. Network Security. 2007. Network Dictionary, , pp. 339-339. , security definition . Available: http://www.businessdictionary.com/definition/security.html [3/9/2011, 2011]. , IBM - Security policy definition - Hong Kong . Available: http://www-935.ibm.com/services/hk/index.wss/offering/its/b1329378 [5/9/2011, 2011]. Disk Mirroring. 2011. Computer Desktop Encyclopedia, , pp. 1. Redundant Array of Independent Disks. 2007. Network Dictionary, , pp. 405-405. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Network Operating Systems and Security BEng Assignment”, n.d.)
Retrieved from https://studentshare.org/family-consumer-science/1420762-network-operating-systems-and-security-beng
(Network Operating Systems and Security BEng Assignment)
https://studentshare.org/family-consumer-science/1420762-network-operating-systems-and-security-beng.
“Network Operating Systems and Security BEng Assignment”, n.d. https://studentshare.org/family-consumer-science/1420762-network-operating-systems-and-security-beng.
  • Cited: 0 times

CHECK THESE SAMPLES OF Network Operating Systems and Security BEng

A Network Infrastructure

Infrastructure and security Name Institution Infrastructure and security A network infrastructure is an organization and configuration of interlinked computer systems, of a corporation, connected through various pieces of communication architecture.... The CIO of an organization should always be up to-date with the current trends in infrastructure technology and security measures to possible threats to the network.... Therefore, better practices are implemented to ensure systems and sensitive information is housed (Stilwell et al, 2006)....
4 Pages (1000 words) Essay

Project Paper: How to Use Linux Operating Systems as a Network Security Device or Component

The primary aim of network security is to prevent data loses.... hellip; This paper intends to identify the ways in which Linux operating system can be used as a network security device or component.... Network security is also crucial for ensuring integrity of messages transmitted over the network.... In other words, network security is important for achieving authorized access, confidentiality, authentication and integrity of information transmitted over the network (Yu & Le, 2000) B....
11 Pages (2750 words) Essay

Information and Network Centric Operations

This book is intended to describe with analytical rigor the concept of distributed networked operations, which is a refinement of what have popularly been called "network centric operations.... To reach its full potential, network Centric Warfare must be deeply rooted in operational art.... This book aims at the network Centric Warfare concept; to explain how it embodies the characteristics of the Information Age; to identify the challenges in transforming this concept into a real operational capability; and to suggest a prudent approach to meeting these challenges....
13 Pages (3250 words) Essay

Network Design Consultation

Because Windows Server 2008 is well designed to configure the networks as well as manage files and security settings it will be then recommended as compares to convectional operating systems because it has been optimized to manage a networked environment.... Anti-virus software will also be recommended for both the server and the client workstations to protect against cases of malware, worms, and viruses that may harm the operating systems.... The paper "Network Design Consultation" discusses hardware and software requirements and cost analysis, network architecture, network architecture illustration router configuration, client configurations, internet configuration, and managing the network security....
5 Pages (1250 words) Case Study

Successful Implementation of Network Security Policies

his paper presents guidelines that should be adopted to ensure efficient management and security of any information and communication technology network.... This paper "Successful Implementation of Network security Policies" focuses on the dividing of operation, development, and test systems to reduce the risk of illegal alteration or access.... security breaches possibly caused by human actions, which could be malicious, accidental, or improper installation, operation, or configuration....
6 Pages (1500 words) Assignment

Network Security-Intrusion Detection System

onsidering such attacks on computer systems and network, there is a need for a system which can safeguard computer systems and network from outside and inside attacks.... The essay "Network security-Intrusion Detection System" will try to look at the two processes Host-based and Network-based Intrusion Detection Systems, how effective these two approaches for the Intrusion Detection system for any organization and will also cover various guidelines for Intrusion Detection Systems deployment, operation, and maintenance....
16 Pages (4000 words) Essay

Virus Detection Software

Virus detection software plays a critical role in enhancing the safety of computer systems.... In that case, one procedure in one device is capable to send or receive data to and from at any rate, and a procedure resides in a remote machine, then the two systems are considered to be networked (David, 2006, P.... A computer network, commonly known as a network, is a compilation of hardware apparatus and computers interconnected by channels of communication that have the same opinion to sharing of information and resources....
12 Pages (3000 words) Research Paper

Network Operating Systems Past and Present

network operating systems in the past and presentWith the advent of information systems and computerization in many organizations, computer technologies have been seen to get more advanced every day.... With these, there has been need to have computers network operating systems in the past and presentWith the advent of information systems and computerization in many organizations, computer technologies have been seen to get more advanced every day.... This has therefore led to the need to have network operating systems which will manage the networks that are growing by the day (Howard, 2004)....
9 Pages (2250 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us