Develop firewall rules, Computer Network Security

Question requires you to develop firewall rules based on a fictitious organisation.

Scenario:

You work for a security-conscious company, xC-Cure, who develop encryption technologies for large corporate and defence customers world-wide.  Your role is a junior security specialist and you have recently been asked to plan for the deployment of a new firewall.

The firewall is structured around an external filtering router (using NAT)with three(3) interfaces.  The external (public) interface is Internet facing and has a public IP of 120.9.20.1.  The second interface has an IP of 10.1.0.1 and is the gateway to the DMZ network (10.1.0.0).  The third interface has an IP of 10.2.0.1 and is the gateway to the intranet (10.2.0.0). The firewall also acts as a VPN tunnel server on its public Internet interface.

While certain traffic can flow between the DMZ and the intranet, Internet initiated connections should not enter the intranet.  Two sets of filtering rules are applied:  one for traffic flowing in and out of the Internet interface, another for traffic flowing between the DMZ and the intranet.

The DMZ contains the following servers:

  • A publicSecure Web Server (10.1.0.101) that accepts incoming https connections and makes connections to the Oracle Database inside the Intranet
  • The Mail server (10.1.0.102) that accepts POP3 connections from the intranet and initiates and accepts SMTP connections to the Internet

The Intranet contains the following servers:

  • The Oracle Database Server (10.2.0.10) that accepts SQLNet traffic from the Web Server in the DMZ
  • The Intranet Web Server (10.2.0.11) that accepts HTTP traffic ONLY from within the intranet
  • A File Share Server (10.2.0.12) that accepts SMBtraffic ONLY from with the intranet

 

Posted Date: 3/1/2013 12:04:14 AM | Location : United States







Related Discussions:- Develop firewall rules, Assignment Help, Ask Question on Develop firewall rules, Get Answer, Expert's Help, Develop firewall rules Discussions

Write discussion on Develop firewall rules
Your posts are moderated
Related Questions
i want to detec and classify network anomaly detection based on KDD99 data set using swarm intelligence

a) Define the term "Enterprise Network". b) Briefly discuss the similarity and differences between a switch and a router. c) A company XYZ has been renting the 1 st Floor of

QUESTION: a) Below is a capture of an Ethernet II frame which has an IPv4 packet and a segment. Provide the source MAC address in hexadecimal; the source IP address, the length

a) Wireless local area network (WLAN) technologies constitute a fast-growing market introducing the flexibility of wireless access into office, home, or production environments. G

INTRODUCTION TO PHYSICAL SECURITY The Physical security addresses design, execution, and maintenance of countermeasures which protect physical resources of an organization. The

Your rules should ensure that Internet access will be restricted to the following: Only the following services will be permitted as OUTBOUND traffic (to the Internet from the DM

Q. Develop a completely secure WSN based on the triple key? Wireless network is the most vulnerable type of network to security attack. Unauthorized access to wireless network

(a) Explain the two possible configuration for 3DES. (b) What is the main disadvantage of 3DES? (c) Why are most modern symmetric algorithm block ciphers? (d) Describe

Routers They transfer packets among multiple interconnected network machines (i.e. LANs of different kind). They perform in the data link, physical and network layers. They ha

The method used to check errors is checksum . In this method data is treated as a sequence of integers and their arithmetic sum is calculated and the carry bits are added to the