User Account

All Pages

Discuss the required changes in the network infrastructure

Assignment Help Basic Computer Science
Reference no: EM131310070

Suppose the Drib wished to allow employes to telecommute. In order to protect the network, they require all remote connections (other than those for the Web and mail servers) to use SSH.

a. Discuss the required changes in the network infrastructure. In particular, should the outer firewall provide an SSH proxy or a packet filter to incoming SSH connections? Why?

b. The destination of an SSH connection from the Internet might be the address of any host on the internal network. Such addresses, however, are not broadcast to the Internet and in fact may be addresses that routers on the Internet should not pass (such as 10.x.x.x). Devise a method or protocol that will continue to conceal the addresses of the hosts on the internal network but still allow SSH connections from the Internet to arrive at the proper destinations. What supporting infrastructure must the Drib add to its network?

c. The inner firewall will pass SSH connections, provided that one endpoint is the trusted administration server on the internal network. With the above-mentioned change, the destination of the incoming SSH connection may be any host on the internal network. For this question, assume that the addresses of the hosts on the internal network are kept within the internal network-in other words, that the method or protocol in part (b) is implemented. What are the security implications of allowing SSH connections to any internal host through the inner firewall? Should such connections be restricted (for example, by requiring users to register the hosts from which they will be connecting)?

d. An alternative to allowing the SSH connections through the firewall is to provide a specific host (the "SSH host") on the internal network that is also connected to the Internet. Telecommuters could use SSH to log into this system, and from it reach systems on the internal network. (The difference between this method and allowing connections through the firewall is that the user must log into the intermediate host, and from there move to the internal system. The firewall approach makes the intermediate system transparent.) Identify the minimum number of services that this system should run in order to fulfill its function. Why must these services be run? As part of your answer, identify any other systems (such as DNS servers, mail servers, and so on) that this SSH host would have to trust.

e. From the point of view of Saltzer and Schroeder's design principles [865] (see Chapter 13), is the solution suggested in part (d) better than, worse than, or the same as the solutions involving access through the firewall? Justify your answer.

Reference no: EM131310070

Questions Cloud

Best interests of our stockholders : As a board member and officer, Mr. Zuckerberg owes a fiduciary duty to our stockholders and must act in good faith in a manner he reasonably believes to be in the best interests of our stockholders. As a stockholder, even a controlling stockholder..
What will you do to keep an open mind : If you take your role seriously, what will you do to keep an open mind and try to consider different points of view? Explain. Provide a one-page document on above topic. (2 paragraphs)
Why is the file kept inaccessible to the web server : Consider the scheme used to allow customers to submit their credit card and order information. Section 26.3.3.2 states that the enciphered version of the data is stored in a spooling area that the Web server cannot access.
Research paper - the holy spirit in the book of acts : For this course, you are required to write a 5-8-page research paper addressing 1of the topics from the list below. Choose 1of the following topics for your research paper: Acts 1:8, The Holy Spirit in the Book of Acts and The "calling" of Saul of Ta..
Discuss the required changes in the network infrastructure : Discuss the required changes in the network infrastructure. In particular, should the outer firewall provide an SSH proxy or a packet filter to incoming SSH connections? Why?
Explain importance of critical path in project management : Explain the importance of the critical path in project management. Examine the advantages of using a Gantt chart over a PERT chart and vice versa. Determine when it is appropriate to use one over the other.
Display sentinel value so that user may ultimately be able : Loop through all of the above steps until the user types the sentinel value when prompted. Display the sentinel value so that the user may ultimately be able to demonstrate an understanding of the way in which to end the program.
What would be the firms expected dividend per share : Coca-Cola stock has an expected ROE of 14% per year, expected earnings per share of $4, and expected dividends of $2.50 per share. Its market capitalization rate is 15% per year. a) what are its expected growth rate, its price and its P/E ratio? b) I..
What is the list price of the bond on the settlement date : Calculate the price of the bond for a market interest rate of 3% per half year. Compare the capital gains for the interest rate decline to the losses incurred when the rate increases to 5%. A bond with a settlement date of April 30, 2013 and a maturi..

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Identifies the cost of computer

identifies the cost of computer components to configure a computer system (including all peripheral devices where needed) for use in one of the following four situations:

  Input devices

Compare how the gestures data is generated and represented for interpretation in each of the following input devices. In your comparison, consider the data formats (radio waves, electrical signal, sound, etc.), device drivers, operating systems suppo..

  Cores on computer systems

Assignment : Cores on Computer Systems:  Differentiate between multiprocessor systems and many-core systems in terms of power efficiency, cost benefit analysis, instructions processing efficiency, and packaging form factors.

  Prepare an annual budget in an excel spreadsheet

Prepare working solutions in Excel that will manage the annual budget

  Write a research paper in relation to a software design

Research paper in relation to a Software Design related topic

  Describe the forest, domain, ou, and trust configuration

Describe the forest, domain, OU, and trust configuration for Bluesky. Include a chart or diagram of the current configuration. Currently Bluesky has a single domain and default OU structure.

  Construct a truth table for the boolean expression

Construct a truth table for the Boolean expressions ABC + A'B'C' ABC + AB'C' + A'B'C' A(BC' + B'C)

  Evaluate the cost of materials

Evaluate the cost of materials

  The marie simulator

Depending on how comfortable you are with using the MARIE simulator after reading

  What is the main advantage of using master pages

What is the main advantage of using master pages. Explain the purpose and advantage of using styles.

  Describe the three fundamental models of distributed systems

Explain the two approaches to packet delivery by the network layer in Distributed Systems. Describe the three fundamental models of Distributed Systems

  Distinguish between caching and buffering

Distinguish between caching and buffering The failure model defines the ways in which failure may occur in order to provide an understanding of the effects of failure. Give one type of failure with a brief description of the failure

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd