Reference no: EM131030814
Networks and Information Security Project - Project Plan
Question:
I need the presentation slides for two weeks and final report for the given case study.
As of now I immediately need the presentation for one week which has show the following details.
Presentation Slides must be around around 12 to 15
1st slide- Case study Brief
2nd slide- current Infrastructure
3rd slide- 4th slide: Why the given network is not appropriate, requirements for new design, hardware, Servers.
5th slide: improves new design,
6th slide: Why my design in this way (Explanation).
7,8,9 slides: networking operation, different campuses networks.
10th slide: why did i choose this routers only.
11th slide: show how it is communicating server.
12 th slide: Disaster recover plan. (clear explanation)
13 th slide: policies
I am ready to pay only for this presentation slides at the moment, will get next presentation details next week, so I want this now.
note: I have already submitted my project plan, Draft security plan so please make sure you relate those things in presentation as well.
Attachments: Please do check the case study. project and security plans.
I haven this in mywordsolution, but they cannot reach my level standards, So please do it carefully
Problem Statement
TCU business processes rely on a combination of systems including Internet, IPX/SPX, SNA and ICT- related services with a very complex ICT infrastructure. TCU academic board acknowledges this as major issue: the bottleneck for future TCU growth and sustainability. The senior executive of TCU argues that currently the university is spending huge to maintain and integrate disparate and cumbersome systems; with little room to expand and improve services. The TCU academic board claims that TCU needs to change and re-provision the ICT infrastructure to provide high quality learning and teaching in the most cost effective way.
As part of this change, the transition to interoperability should be achieved in a smooth manner while leveraging the latest advancements in network and information security infrastructure in order to guarantee "zero" problems in the TCU processes. TCU is also planning to invest in a multimillion dollar venture to modernise the university's ICT infrastructure. This will potentially include: [1] immersive telepresence system to support distance education students (expected to grow 50% in the next 3 years), [2] staff and student remote access and mobile services (staff BYOD and Work-at- home (WAT) policies) that TCU currently does not have, [3] migration of a number of services to the Cloud including the Learning Management System, File, Web and Mail Servers.
In terms of network and information security, TCU ICT infrastructure should safeguard appropriate access and use of ICT resources; ensure unauthorised and malicious internal and external network attacks are properly blocked. Network redundancy is currently achieved with the mesh of three T3 leased lines connecting the Headquarters (Northampton), Operations and Backup buildings; however, nothing has been done so far in terms of a security plan including a robust disaster recovery (DRP) and business continuity plan (BCP) for the university.
Statement of Work
The statement of work is divided in two parts: Part A and Part B.
Part A
For this part you are required to design and implement a secure information and network infrastructure that ensures high availability, reliability, scalability, performance and security to support TCU services. This requires [1] the redesign of the network; [2] the delivery of a comprehensive network security plan; and [3] Security technology implementation - proof of concept.
The following is a breakdown of the tasks for part A.
Network Redesign
1. Network redesign including LANs, VLANs, WANs and VPNs. In this redesign, the IP address allocation should use the CIDR format (x.y.z.t/n). Discuss with your mentor the range of IP addresses you are planning to use.
2. Each LAN, WAN, VLAN and VPN should be justified in terms of traffic, reliability, performance, availability, scalability and security. To do this you need to make a number of assumptions (discuss this with your mentor / facilitator / teacher). For example, assume that a great number of university services operate 24/7. Other facilities are to operate from 6:00am to 8:00pm daily, Monday to Friday.
For this redesign, take into account the following:
a. Traffic generated by the hosts: clients, servers and backup devices
b. Appropriateness of current WAN links
c. Appropriateness of current WANs (Frame Relay)
d. Appropriateness of current LANs
e. VLANs requirements
f. All networking devices including routers and switches at each site or location
g. IP address allocation of each network and main network devices
h. Sub-netting to separate traffic including IP address allocation
i. Firewalls positioning and strategy
j. Proxy servers
k. DMZ configuration
l. Firewalls Access Control Lists
m. Network diagram of the topology and allocation of devices; and IP addresses for the main network devices
n. Provision data encryption to secure data travelling between internal and external networks
Comprehensive Network Security plan
The network security plan should contain as minimum the following:
1. Introduction outlining the importance of the plan and its purpose
2. Scope outlining the areas of the organisation that the Plan applies
3. Assumptions documenting any assumptions you have made in order to prepare the plan
4. Clear and concise statements about what the Security Plan is designed to achieve.
5. Summary and analysis of the organisation's risks, highlighting the current threats, challenges and vulnerabilities along with an assessment of current security environment and treatments in place.
6. Network Security policies to address all possible network attacks and vulnerabilities
7. Information Security policies to address unauthorized and misappropriate use of TCU data and software applications
8. Disaster recovery and Business continuity plans
9. Security Strategies and Recommended controls including security policies
10. Residual risks that remain after all possible (cost-effective) mitigation or treatment of risks. Your security plan should estimate, describe and rate these risks to guide the priorities for ongoing monitoring of risks.
11. Resources for implementing the recommendation
Security Technology Implementation
As part of the security technology implementation and in line with the recommended controls mentioned above in the network security plan (item 9), you need to provide the complete design and implementation of the following technology:
1. Data backup and recovery technology including the procedures for backup and recovery. Note that there are NASs at the campuses to back up the data generated locally, however the vast majority of data is backed up to the File Server Operations facility through the network.
2. A proper authentication system that takes care of highly secured roles and permissions to access, share, download, upload files and folders. This should include authentication for wireless and mobile services as well.
3. File, Web (and secure Web), Mail (and secure Mail including spam email prevention), DHCP, DNS, Domain Controllers, Database and LMS (Learning Management System) servers.
4. Hardening of servers described above in section 3.
5. Network security including DMZs, Firewalls, Intrusion Detection and Prevention Systems (IDSs and IPSs)
For the recommended technology implementation, you need to justify your recommendation (chosen technology) in terms of cost, reliability, maintainability, performance and scalability. For each technology, make sure to provide details of the vendor, and the version of hardware and software.
TCU Technology implementation - Proof of concept
As part of the project requirements, you are required to test the recommended controls suggested in the security technology implementation section above. The solution should address current needs of TCU, including the installation of the software, configuration of the system, and developing of test cases to check the complete functionality of the system.
For the proof of concept, it is mandatory that you include the documented results (procedures and screen dumps) of various network security attacks tests (such as Network Penetration Test) as part of your final project report. You may use your choice of security software/tools (including freeware open software systems) and operating systems (Windows, Linux, or Ubuntu) in a virtualized environment to build and simulate the security tests. You are required to demonstrate your implementations at the end of the term.
Part B
In part B, your task is to recommend the TCU academic board on:
1. An appropriate immersive telepresence system to support distance education students. As mentioned above, TCU is expected to grow 50% in distance education in the next 3 years.
2. You are also to recommend the strategy for staff and student remote access and mobile services (staff BYOD and Work-at-home (WAT); and student BYOD and study-at-home policies).
3. Finally, a complete technical report on the migration of the LMS, File, Web and Mail Servers to the Cloud, including requirement analysis, cost benefit analysis, risk analysis and final recommendation from a list of at least three cloud service providers (CSPs).
Attachment:- project plan.rar