StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

The Solution of VPN Connection - Case Study Example

Cite this document
Summary
The paper 'The Solution of VPN Connection' presents many elements that are needed to ensure that this solution was secured, flexible, and provided many addresses. If this access is given to unauthorized users, this can possibly be a huge vulnerability…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER91% of users find it useful
The Solution of VPN Connection
Read Text Preview

Extract of sample "The Solution of VPN Connection"

Network Solutions After examining this scenario, it was clear that man elements were needed to ensure that this solution was secured, flexible, and provided many addresses .If this access is given to unauthorized users, this can possible be a huge vulnerability. In order to protect this risk, two-tier level of security should be enforced. The two-level security prompts the user to enter two aspects of passphrases in case an intruder has one component, but lacks another component. This paper will discuss the solution of ISP, VPN connection, and utilization of IPv6. Creating a VPN connection for this organization seemed to me the most feasible solution. It was evident that IPsecs play a huge role in ensuring encryption within two routers. According to Sommer (2012), VPN connection should consist of a RSA token in which the pin code must be accessed. After the VPN connection has been established, the user can access all the software and applications of a company. Sommer (2012) states that in order to protect this risk, it is crucial that each user must have a global LOGON that must be entered before accessing this application. In this case, a global LOGON after the RSA token is not mentioned. Without a doubt, this can be problematic if an intruder has one privilege to accessing the network remotely, which allows him access to all the applications. In the realm of VPN, many security risks are associated with the T1 frame relay that is shown in the diagram. In this particular scenario, the frame relay network consists of a group of interconnected nodes (switches), which relay the frame relay data across the network. Goodall (2011) The problem is the fact that intercepting authentication or other sensitive information can be executed with the current WAN technology since it utilizes the traditional TCP/IP. Moreover, spoofing can also be conducted since an intruder can deceive the network that it recognizes a possible unauthorized access. As mentioned above Goddall (2012), the firewalls should be embedded between the servers and the computer desktops to ensure sensitive information is not copied or modified. Malware and security breaches have been a major issue after analyzing this case. As a matter of fact, it is clear that the organization not only lacks a sufficient system of protection but has failed to integrate a seamless approach of security that cascades from top executives to bottom-layer employees. Maskat (2011) dictates that although firewalls and other security cautions were taken, they were neither extensive nor sufficient to protect the organization from attacks. From extensive research, it is apparent that the organization needed more layers of security in order to protect itself from the attacks. A main problem that seemed to be troublesome for this organization was the fact that a single ISP router can be controlled. One of the best solutions to incorporate in order to protect against ISP attacks was to incorporate a solid line of defense that will be sufficient to the organization’s needs. Since ISP attacks can often lead to phishing and sniffing, it was clear that a solution should be embedded to rectify the problem. Conorich (2004) proposes a solution known as Cyberoam. According to Conorich (2004); Cyberoam, a third-party vendor, provides one of the best solutions for this line of defense. Cyberoam is versatile solution that can protect against outbound span. It also possesses a centralized console, which would tremendously benefit the IT team as it detects local pattern. In this instance, the organization is utilizing a virtual ISP, which would fit in the realm of defense that this product offers. The problem with ISP is that it can potentially conduct a peering effect, which in return allows users to peek and sniff networks, which is an intrusion of privacy. Therefore, embedding a firewall as a filter between ISP connection points can further provide a robust solution to security. In regards to secure VPN connection, the establishment of RSA connection was pivotal. As mentioned above, the user must have a global LOGON that must be entered because accessing this application. Maskat (2011) also insists that VPN Security is an extremely pivotal point and traditionally IPSec has been embedded to protect against this vulnerability. From the hardware perspective, CISCO network routers were incorporated, which is what the organization utilizes. Hence, modifying the configuration settings will be tremendous as most CISCO routers are well-protected. The traditional feature of CISCO is to embed SSL layer when routing to a VPN network. SSL operates at a higher level than SSL, in which admin rights come into the play. The administration for SSL must block all the social websites in order to ensure that intranet security is not sacrificed. With CISCO, SSL VPN Security can be enabled by blocking user-credential-risks, split tunneling and blocking viruses. When it comes to VLAN.databases, firewalls are not embedded within VPNs. Hence, an AS series of Cisco devices must be embedded that function as a firewall. This can be problematic if an intruder can potentially modify the code and embed the changes throughout the website. In order to mitigate this risk, it was essential to conduct research and come up with excellent solutions. Chaperon Secure Vaulted Source Code Repository allows administrations to securely set up central or distributed repository. The amazing functionality of this software is to run incognito mode in which repositories to control access to their source code. Moreover, the IT administrators to recover source code in case of disaster. This functionality will be appealing and feasible for all organizations. The last solution was to create a network console system in which a console will monitor the data that is being processed. The central IDS in this scenario will serve as a reporting agent that carries the information to all the distributed IDS for the website. It will be embedded in the backend of the website which will ensure a secured solution.. The analyzer in essence would be doing all the root processing that would carry the data in one data stream. According to Hwang and Chan (2007), an effective system in which less bits are transferred and information is sent synchronously is extremely favorable. Hwang and Chan (2007) state this practice that is not well implemented in today’s procedures; this strategy can be quite useful against malware and other attacks. In order to ensure that proper layering has been configured, the first step to providing a comprehensive layer of security is that it will enable the IT team to assess all the network vulnerabilities. Adding layers of security will also allow the team to conduct penetration testing and log audits. In addition, it gives a better understanding to the team is it analyzes captures data in real time. In this scenario, a single ISP controlled router linking service to the internet. Hence, the utilization of IPv6 is crucial towards allocating enough addresses. As organizations transition to IPv4 to Ipv6, the addresses are infinite. The university needs this in order to ensure that that never run out of IP addresses.  Hence, for this instance- tunneling can be utilized to ensure to convert from IPv4 to IPv6. Internet Protocol Security (IPSec), is an additional feature that the protocol uses for encryption. (http://www.cisco.com/web/solutions/trends/ipv6/index.html) This is a conclusive solution to create a center solution for a network central. In order to rectify this situation, a Simple Network Management Protocol(SMNP) along with a technique known as Tripwire can halt the attempt of the modification of binary files. The great asset about this tool according to Marks & Stintson (2004) is that it will also prevent the intruder to install or modify a rootkit utility, which will not show any unauthorized attempts to capture events in logfile information. By closing any loopholes around the network, it halts the intruders from capturing sensitive data. Finally, utilizing a Dell PowerConnect switches will facilitate administrators detect security breaches and provide extensive enterprise network security. When utilizing this layer of protection, the organization truly ensures that networks and systems are more secured. With the element of embedding a network, another safety measure that must be harnessed is known as port security. In a typical environment, a port is used as a channel to access the machine’s network, application and systems. In this case, this can be a security vulnerability because is prevalent because a port can be utilized to access sensitive data. One type attack is known as network sniffing which utilizes a packet sniffer. Han (2010) discusses a possible exploit that can be conducted utilizing a packet sniffer, an attacker can capture sensitive data if unencrypted such as passwords and other essential configurations that the organization can use. Clearly, VPN has many benefits and can dramatically dynamically change the current model of traditional IT infrastructure. As a current IT trend pending, many companies will depend on virtualization in order to achieve a network that is fast, robust, intelligent, cost-efficient and secured. As with many technologies, companies are hesitant to embrace this idea. However, with proper knowledge and specialized training, companies can truly embed virtualization as part of their IT infrastructure and can attain these benefits. Works Cited Conorich, D. G. (2004). Monitoring intrusion detection systems: From data to knowledge. Information Systems Security,13(2), 19-30. Retrieved from http://search.proquest.com/docview/229580284?accountid=44759 Sodiya, A. S., Longe, H. O. D., & Akinwale, A. T. (2005). Maintaining privacy in anomaly-based intrusion detection systems.Information Management & Computer Security, 13(1), 72-80. Retrieved from http://search.proquest.com/docview/212305601?accountid=44759 Marks, D. G., Mell, P., & Stinson, M. (2004). Optimizing the scalability of network intrusion detection systems using mobile agents. Journal of Network and Systems Management, 12(1), 95-110. Retrieved from http://search.proquest.com/docview/201344292?accountid=44759 Goodall, J. R., Lutters, W. G., & Komlodi, A. (2009). Developing expertise for network intrusion detection. Information Technology & People, 22(2), 92-108. doi:http://dx.doi.org/10.1108/09593840910962186 Maskat, K., Shukran, M. A. M., Khairuddin, M. A., & Isa, M. R. M. (2011). Mobile agents in intrusion detection system: Review and analysis. Modern Applied Science, 5(6), 218-231. Retrieved from http://search.proquest.com/docview/913505491?accountid=44759 Petersen, R. (2011). Alternative IT sourcing: A discussion of privacy, security, and risk. EDUCAUSE Review, 46(4), 44. Retrieved from http://search.proquest.com/docview/884896763?accountid=10477 Sommer, T., Nobile, T., & Rozanski, P. (2012). The conundrum of security in modern cloud computing. Communications of the IIMA, 12(4), 15-40. Retrieved from http://search.proquest.com/docview/1346907323?accountid=44759 Hwang, K., Cai, M., Chen, Y., & Qin, M. (2007). Hybrid intrusion detection with weighted signature generation over anomalous internet episodes. IEEE Transactions on Dependable and Secure Computing, 4(1), 41-41. doi:http://dx.doi.org/10.1109/TDSC.2007.9 Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“White Paper Project: Telecommunication Solution for Communication Case Study”, n.d.)
White Paper Project: Telecommunication Solution for Communication Case Study. Retrieved from https://studentshare.org/information-technology/1667946-white-paper-project-telecommunication-solution-for-communication-problem
(White Paper Project: Telecommunication Solution for Communication Case Study)
White Paper Project: Telecommunication Solution for Communication Case Study. https://studentshare.org/information-technology/1667946-white-paper-project-telecommunication-solution-for-communication-problem.
“White Paper Project: Telecommunication Solution for Communication Case Study”, n.d. https://studentshare.org/information-technology/1667946-white-paper-project-telecommunication-solution-for-communication-problem.
  • Cited: 0 times

CHECK THESE SAMPLES OF The Solution of VPN Connection

Local Area Network Design

As more than one customer is subscribed to the service running on a PSTN, bandwidth issues are common; however, they can be managed by configuring a router that can be connected to a dedicated physical connection.... Likewise, the physical connection can be segmented by virtual connections that can be allocated to remote offices of the organization.... For saving costs, organizations do not maintain and manage Wide area networks, as it will be a very expensive solution to connect two offices located at different states....
12 Pages (3000 words) Assignment

Network Security Technologies

(Zwicky et al, 2000) vpn is the abbreviation of Virtual Private Network.... ?? According to the experts at vpn Consortium, the major rationale of a vpn is to provide the company with the similar facilities as privately held leased lines can provide.... Additionally, technologists are striving to keep vpn technology cheaper and simpler without making considerable usage of public infrastructure through sharing or cloud computing....
4 Pages (1000 words) Essay

Impact of the Virtual Private Network on Businesses

The aim of the paper is to look into the impact of Virtual Private Network to businesses, this in relation to the meaning of vpn, the stages of its development, and the advantages it has over others.... They became important because of the usage of less equipment to form a secure connection than leased lines (Dern, 1992).... This technology used open and the readily available Internet to form a secure connection amongst multiple users including those in remote locations and connections were established when needed and terminated after data transmission (Berger, 2012)....
5 Pages (1250 words) Research Paper

Network Infrastructure Assignment

o upgrade internet connection in both headquarters to digital subscriber line (DSL) internet connection.... o upgrade internet connection in each point of sale (POS) locations to digital subscriber line (DSL).... mplement upgrading of internet connection in both headquarters to digital subscriber line (DSL).... mplement upgrading of internet connection in each point of sale (POS) locations to digital subscriber line (DSL)....
12 Pages (3000 words) Assignment

Data communications and Network Fundamental

Using the connection to the local ISP, the VPN client creates a vpn connection between the remote access computer and the Brilliant Boats' VPN server across the Internet.... By using a VPN server, the network administrator can ensure that only those users on the Brilliant Boats' intranet who have appropriate credentials can establish a vpn connection with the VPN server and gain access to the protected resources of the sales department.... The VPN client uses the connection to the local ISP to create a vpn connection between the branch office router and the Brilliant Boats' corporate hub router across the Internet....
4 Pages (1000 words) Assignment

Information Technology Infrastructure for Bilfinger Deutsche Babcock Middle East FZE

VPN is a combination of software and hardware components that permits employees, telecommuters, business partners, and remote business branches to utilize the same company resources as those in the headquarters through a secure private connection with a host network.... The study "Information Technology Infrastructure for Bilfinger Deutsche Babcock Middle East FZE" observes the case of implementation of the vpn network.... The contractor recommended the deployment of an IPSec-based vpn and the process of planning the implementation started in February 2012....
13 Pages (3250 words) Case Study

CIS204 U4 Discussion

vpn connection proves to be the best for business organizations due to the low cost and high level of security.... PNs are known to establish a connection through a Public Switched Network (PSTN).... The connection created in the WAN is however private and secured, and cannot be accessed by the public.... Disadvantages of this technology are the complexity involved when there is addition of new infrastructure, and the security issues involved when using a mobile device to establish connection (Thrivenetworks 2015)....
1 Pages (250 words) Coursework

Advanced Network Management and Design

For Caprica and Gemenon sites, a data connection is required, as it can be established by incorporating MPLS over PSTN.... This coursework "Advanced Network Management and Design" focuses on an IT service Upgrade Announcement that was made for making the Graystone Industries computer network resilient and compatible with current trends....
9 Pages (2250 words) Coursework
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us