Network Security Technologies - Essay Example

? Network Security I.D. Number: Term and Year Network Security 0 Introduction The vibrant needs of the information system and management infrastructure can be deemed as a part of tactical management. Lacking data integrity and security of information, no company can survive attempts of organized intrusion and related cyber crimes like information theft and spamming. Moreover, network security is highly necessary to protect the computers from malware like Trojan Horse and Phishing software that are capable of recording and sending out sensitive inputs directly to the hackers when connected with Internet. (Petersen and Davie, 2012; C?etinkaya et al, 2010) 2. 0 Overview of Network Fundamentals, Security Threats, and Issues The simplest form of a computer network is a pair of computers connected with each other by the means of an Ethernet cable, Bluetooth, etc. However, we generally see complex networks involving several. The basic hardware requirements to develop a computer network involve network adapters, network hubs and switches, routers and access points, modems, and network cables. Modern corporate networks use wireless router and access points, which accommodate both wired Ethernet connectivity for desktop PCs and wireless connections for mobile devices and notebook computers. (Petersen and Davie, 2012) Regarding security threats and issues, we must understand that recently the hackers are aiming corporate information, media centers, and other kinds of different information security systems. CEOs and CIOs at organizations are facing unforeseen challenges like email bombardment, spamming, denial of service, and distributed denial of service attacks. Moreover, protection of the systems and networks from spyware, malware, viruses, etc. is an imperative particularly when they are connected to a public inter-network. (Andress, 2011, C?etinkaya et al, 2010) 3. 0 Detailed Network Security Recommendations 3.1 Fundamentals of Firewalls and VPNs Firewalls are usually based upon the network operating system and/or 3rd party software. It can hide, block, or allow all the ports and associated protocols to enforce access control across the computers and networks. Predefined safety parameters implemented over a firewall can defend the system from exterior hackers and attacks. The firewall sets up a kind of filter when the internal network of the company is connected to a public network. (Zwicky et al, 2000) VPN is the abbreviation of Virtual Private Network. It is a kind of private data network which “makes use of the public telecommunication infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures” (VPNC, 2008). It operates independently of the public network (e.g. Internet) and has customized access control and dedicated network operating system at the server side. 3.2 Recommendations for Firewalls and VPNs A firewall must spotlight Internet security and support filtering the diverse websites, programs and applications run on the Web, and scrutinize threats during surfing. It should also accept/reject the Remote Desktop Protocol (RDP) client requests and control the Remote Assistance Services (RAS). Also, Mueller (2011, p. 7-130) has stated that “Users install third party firewalls and virus protection products in many cases, so you’ll also need to consider these third party products as part of an overall application strategy.” According to the experts at VPN Consortium, the major rationale of a VPN is to provide the company with the similar facilities as privately held leased lines can provide. Additionally, technologists are striving to keep VPN technology cheaper and simpler without making considerable usage of public infrastructure through sharing or cloud computing. Telephone companies have commercially offered privately shared network resources through technology services like VoIP, mail servers, database integration, etc. throughout the last decade. However, a VPN makes it feasible to have “the same protected sharing of public resources for data” (VPNC, 2008). Hence, the company must use a private, custom-made virtual network for all of its wide area intranets, office networks, and extranets. 3.3 Recommendations for Implementations The computer network of the company should be implemented using Cisco switches and routers, since they are most reliable and widely used. Wireless access points from Cisco and USB modems connecting through an Internet service provider like AT&T can provide wireless customizability. A network operating system like Microsoft Windows Server 2008 R2 should be deployed at the server side and Windows 7 can be deployed as the client side system software for individual workstations. Microsoft provides wide adaptability, robust technical knowledge base, regular updates, and time tested industry solutions using its Windows platform. Firewall implementation should be activated at the server side. In Windows Firewall console, there are options like those of modifying the notification settings, trusted website settings, turning the on/off, allowing/disallowing selected protocols, etc. Through advanced settings, the control panel of Windows Firewall and Advanced Security appears (please refer to the next screenshot). Figure – 1: A Screenshot of Windows Firewall and Advanced Security Console. (Obtained by the writer through screen capture) Using this console, the administrator should set the connection security rules, outbound rules, inbound rules, and different service monitoring techniques as per the requirements of the company. (Microsoft Corporation, 2012) Further at this stage, firewall can act as a tool to help in setting IPSec parameters. “IPSec (Internet Security Protocol Suite) functions will be executed correctly only if its policies are correctly specified and configured.” (Fu et al, 2001, p. 39) Along with establishing a proper firewall setting, secure VPN must also be deployed. In secure VPN, we further use IPSec with encryption/decryption parameters, IPSec inside L2TP, and Secure Socket Layer 3.0 technology. We can specify the L2TP and VTP protocol settings with the help of a Cisco WAP (Wireless Access Point) which will provide for customization and security. Next, the Remote Access Service (RAS) and Remote Desktop Protocol (RDP) should be started, which will offer highly secure remote access to the company’s corporate systems both from wired and wireless devices. (Microsoft Corporation, 2012, Mayers and Lee, 2011; Kosta et al, 2010) 3.4 Best Practices to Ensure Security In the case I get an opportunity to ensure security within the enterprise through a long term employment/contract, I will first define the organization’s security requirements with the help of the company’s mission statement and its middle level managers. It is an imperative to initiate an automated process for policy specification and transform the safekeeping needs into clear IPSec policies (Fan et al, 2012; Fu et al, 2001). I will conduct periodic tests to detect and solve conflicts between different security policies arising in both the VPN and inter-domain environments. Also, I will set a practice of regular hardware and software updates and use reputed antivirus software from the providers like AVG and Norton. 4. 0 Summary The company should use reputed and adaptable technologies and conduct hardware upgrades periodically. In developing a proper computer network security and deployment framework for an enterprise, it is mandatory to make full use of firewalls, VPNs, and RAS. This will provide Internet security, low cost virtual network solution, and secure remote access. Installation of antivirus software and setting proactive IPSec policies can immensely help to administer the network efficiently. Focus should be put on orchestrating the managerial, technological, and security needs of the organization. References Andress, J. (2011). Chapter 8 – Network Security. In: The Basics of Information Security — Understanding the Fundamentals of InfoSec in Theory and Practice. Philadelphia: Elsevier. Fan, Y.-Q. et al. (2012). VPN Security Technology Theory Modeling and Simulation. Applied Mechanics and Materials, 135 – 136, 1114-1119. Fu, Z. et al. (2001). Policies for distributed systems and networks. Lecture Notes in Computer Science, 1995/2001, 39-56. C?etinkaya, E.K., et al. (2010). IEEE Xplore - A comprehensive framework to simulate network attacks and challenges. Retrieved June 10 2011 from http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=5676585 Kosta, Y.P. et al. (2010). Security Comparison of Wired and Wireless Network with Firewall and Virtual Private Network (VPN). In: International Conference on Recent Trends in Information, Telecommunication and Computing (ITC), 2010. March, 2010, Kochi, Republic of India. New York: IEEE. Microsoft Corporation (2012), Understanding Windows Firewall settings, Microsoft Corporation, Redmond. Retrieved from http://go.microsoft.com/fwlink/?LinkID=142401 on 6th August, 2012 Meyers, S. and Lee, M. (2011). Remote Access and Sharing. Learn OS X LION, VII, 523-540. Mueller, J.P. (2011). Professional Windows 7 Development Guide. Hoboken: Wiley. Petersen, L.L. and Davie, B.S. (2011). Computer Networks: A Systems Approach. Burlington: Morgan Kaufmann. VPNC (2008). VPN Technologies: Definitions and Requirements. (Online White Paper) VPN Consortium, Santa Cruz CA. Retrieved from http://www.vpnc.org/vpn-technologies.html on 17th August, 2012 Zwicky, E. et al. (2000). Building Internet Firewalls. Sebastopol: O’Reilly. Read More