Perimeter network security system, Computer Network Security

Title: Perimeter Network Security System

Outline Requirements

The University is based in Glasgow, and provides higher education services to its students and staff. It is located on a single campus called Campus A. Students and staff use the network services from hosts on various different user networks, as shown in

Figure 1

1670_Perimeter Network Security System.png

.

Due to an increasing number of security violations, a possible redesign of the network infrastructure  is to  be  investigated.  You have been hired  as  a  consultant  to propose security enhancements, and produce a report. The aim of the exercise is to present a possible solution to the problem at hand by creating a prototype of the new network security infrastructure. This new design should tackle the following components:

 

  • Provide best practice network egress and ingress filtering at the network perimeter.
  • Create a perimeter firewall, with an appropriate topology to provide the organisations services, including public web, and mail servers. The firewall should have a closed security stance, and provide public services in a secure way.
  • Provide secure access to all devices, from the security management subnet.

 

Additionally,   research  should   be   carried   out   into   increasingly   common   Advanced Persistent Threats (APT), and ways to defend against these using network defenses. This part of the coursework will be research only and be confined to a part of the Research Section.

 

You will be required to analyze the new system requirements and design, implement and justify a prototype for each component of the proposed system. Your proposed system can be implemented on Cisco hardware deployed in the network lab, or on the virtual networking software (such as GNS3). The system should clearly demonstrate your mastery of the course material. Each component of the system should be developed separately, and it is not necessary to implement an entire working system.

Marking schedule

Your coursework will be marked as follow

Introduction

Demonstrate an understanding of the problem specification, the challenges and research, design and implementation.

Research and Design

This should show an outline of the proposed system, and the main design features.

  • Provide short literature review for each of the proposed key components(demonstrating research from a variety of sources, critical evaluation and personal reflection).
  • Provide design of network security system components, and justify your decisions.

Prototype Implementation

This should define an outline prototype implementation of the system.

  • Implement the key components of the proposed network system design (describe and show examples of your implementation including diagrams, as there will not bepractical demonstration).

Testing and Evaluation

This should show testing, and outline the results of any evaluations that you have made.

  • Describe and demonstrate the testing methods used, and show the outcome of the testing.
  • Include evaluation of the systems and technologies used, using references to the literature and personal reflection.

 

Conclusions

This should reflect the methods you have used in the report, and to assess their benefitsand limitations, and any observations that you have gained.

  • Draw conclusions about the network security systems created, including conclusions about your design as well as the implementation.
  • Any recommended future improvements, based on your findings.

References/Presentation

Full academic referencing of books, web sites, and papers, using thorough APA/Harvard referencing format.

  • All references must be defined in an APA/Harvard format, and should be listed at the end of the report.
  • Reference all materials used, and cite every reference in the body of the report.

·    Total report size should be 15-20 pages that does not include cover page, and appendix - if any.

·    The report should be in 11 point text with normal margins.

  • the similarity must be below 7%. Numbers above 7% indicate a possible problem
  • submition is through turnitin

 

Posted Date: 3/21/2013 2:09:30 AM | Location : United States







Related Discussions:- Perimeter network security system, Assignment Help, Ask Question on Perimeter network security system, Get Answer, Expert's Help, Perimeter network security system Discussions

Write discussion on Perimeter network security system
Your posts are moderated
Related Questions
QUESTION (a) Discuss why it is considered more secure to use the SET (Secure Electronic Transaction) for e-commerce instead of using SSL (b) Describe how the dual signature

LOG FILE MONITORS Log file monitor (LFM) is similar to NIDS. It reviews log files generated by servers, network devices, and even other IDSs for patterns and signatures. Pattern

What do you understand by cryptanalysis? Discuss about the transposition ciphers substitution cipher, and onetime pads. The messages which are intended to transmit secretly and

(a) Describe the concept of zero knowledge proofs. Give a practical example. (b) Explain how a one way hash function works. (c) What are message authentication codes? (d)

Packet Filtering Firewall Packet filtering is a network security mechanism that works by controlling what data can flow in and out of the network. The basic device that interco

ADDRESS RESOLUTION WITH MESSAGE EXCHANGE An alternative to local calculation is a distributed function. A computer that requires to find an address transmits a message across

An overall rise in mobility, coupled with the falling cost of Wi-Fi equipment, has led to a proliferation of Wi-Fi hot spots in public areas to provide Internet accessibility. Thus

IPV6 BASE HEADER FORMAT: It has less information than IPV4 message header. Next header shows to first extension message header. Flow label is partitioned into a TRAFFIC CLASS

Assume that the RSA problem is hard, prove that the RSA encryption is secure against IND- CPA. Provide a game between an adversary A and a simulator (or challenger) B.

PARSING IPv6 HEADERS Base header is fixed in size i.e. 40 octets. NEXT HEADER field in the base header describe kind of header and it seems at end of fixed-size base header. S