User Account

All Pages

Re-design the companys hq network

Assignment Help Computer Network Security
Reference no: EM131936603

Assignment

This project provides an opportunity for students to apply their understanding of practical security concepts, network design and security implementation skills gained from lectures, studying the online curriculum, discussion as well as self-study and online research.

You are required to design, setup and implement a secure network infrastructure for a company. You need to do your research in order to provide a through and workable design. You should also show your research results in your written report.

To complete this Project properly with all required documentations is not a trivial task. It is important that you read and understand each requirement and complete all tasks as study progress.

You need to submit a written report and a working Packet Tracer file.

General Requirements and suggestions

1. You should plan and complete the Report on a weekly basis so that all tasks can be completed properly. Leaving the Report to the very last day(s) will result in an unprofessional research report.

2. The configuration must be working and is based on your Topology design.

3. Use Packet Tracer version 7.1 or for all your configuration.

4. All information sources must be appropriately acknowledged and a full bibliography is required.

5. Research using internet would be helpful. Make sure you state the source of the materials.

Scenario

XYZ Ltd. Pty (you can use your group name as the Company's name) is a medium size company based in Sydney. The Company has grown from a small company into a medium size company in recent years. It also has plan to expand further in the next two years. As the company's growth, the needs for securing its assets and IT infrastructure is getting more and more important. The Company hires you, a network security expert, to help them achieve their goals.

The Company has two offices: The HQ Office is in the City and a Branch Office at Liverpool. The current network setup is as follow:

The HQ Office was originally setup by a general admin staff, Steve, who is enthusiastic about networking. The structure of the network was not flexible and scalable enough to grow with the Company. It has an edge router, R1 and multiple access layer switches. When there is a need to connect more staff devices, more switches will be added. There are three major departments in the HQ Office: namely Management and Admin, HR and Finance, and Sales. The HQ has an internet connection through an ISP. It also has a dedicate link connecting the Branch Office.

The Branch Office is a small network which has a edge router, R11 and a access layer switch. Direct access from the Branch Office to the HQ Office is through dedicate connection.

The Company will expand the business to other states. It has hired M in Melbourne and B in Brisbane for the expansion. There is no office setting in these two cities. So both M and B use their home computers to do their work. Remote access connection will be needed from their homes to the HQ Office.

Requirements

Your task is to re-design the company's HQ network and secure the Company's network infrastructure and communications, which includes the following:

General: redesign a new IP address scheme for the whole network. You need to make sure that the size of routers' routing tables is optimised. The Company also want to start using IPv6 in their network. If full IPv6 implementation is not possible, you should at least plan for it and configure some part of the network using IPv6 as a start. Budget had already approved so you can add or replace devices to the network as you see fit in your design. You are also required to secure the management plane, control plane and the data plane of all the devices.

New Network Topology: Your network design should adopt industrial best practice for layer 3 and layer 2 devices. For the HQ Office, you should include, but not limited to:

• DHCP service,
• Server-based AAA service, with TACACS+ and/or RADIUS servers,
• NTP ,
• Syslog Server,
• ASA firewall,
• Dynamic routing protocol
• monitoring system such as Netflow,
• VLANs

For the Branch Office, the network topology does not need to be changed.

Securing the Network:

Your major task is to secure the HQ Office. It should include, but not limited to, the followings:

• secure network devices physically,
• harden the layer 3 device: management plane, control plane and data plane.
• network segmentation: based on departments
• protect the LAN network from major types of layer two attacks, eg. VLAN attacks,

DHCP attacks, DTP, VTP as well as STP manipulation, etc.

• use AAA for authentication
• secure NTP communications
• adopt industrial best practice for layer 3 and layer 2 devices

You should also plan and secure the Branch Office. The Branch Office security implementation should include, but not limited to, the followings:

o secure network devices physically,
o harden the layer 3 device: management plane, control plane and data plane.
o using Zone-based Policy Firewall on the edge router, R11, to protect the Branch
Office from major types of cyber attacks.
o implement Intrusion Prevention System (IPS)

Securing communication between HQ and Branch Office

Your task is to secure communication between sites by:

• installing a Cisco ASA Firewall in HQ Office.
• Setting up site-to-site IPSec VPN tunnels between HQ ASA and Branch R11

Securing communication between HQ and Home users

Your task is to secure communication between HQ and Melbourne and Brisbane. You should provide secure remote access by:

- Clientless VPN connecting to the ASA Firewall Hints

To ensure that you can apply most of the knowledge, make sure you are using the latest IOS you can get for all the devices. You should also make sure that your ASA Firewall is running the latest IOS, and upgrade from base licence to Security Plus licence. To use Security Plus licence on ASA, configure the following command:

ASA# activation-key 0x1321CF73 0xFCB68F7E 0x801111DC 0xB554E4A4 0x0F3E008D

You can use a router or multiple routers to represent the ISP/Internet that connecting the whole Company's network. You need to make sure that the ISP/Internet routing is set up properly so general communication can be achieved. You can also use the Cloud in Packet Tracer to represent the ISP/Internet.

Limitation

The latest version of Packet Tracer can support most of the configuration you may need in this project. However, there may still be some commands, according to your design, that may not be supported. If this is the case, you can include these configurations in your recommendation. Marks will be deducted if you put configuration/commands that supported by Packet Tracer in the recommendation.

Deliverable

You are expected to deliver a professional piece of work and a working Packet Tracer file. The report is expected to be concise, systematic and well organise in a logical manner. The length of the body of the report should be at least 2000 words (excluding IP address scheme, page title, abstract, references and appendix). The report must have a cover page. Supporting materials and references should be part of the Appendix.

The report should, but not limited to, these sections:

1. An abstract summarizing your report
2. A table of contents
3. The objectives of the report
4. Network Topology
5. Research and discussion about your design
6. Conclusions and/or Recommendations

- Reference/bibliography - appendices

The Packet Tracer files should have:

1. the network topology you designed for XYZ Ltd Pty.

2. working configurations which match the contents of your report.

If you use a different way to configure your design other than Packet Tracer, you have to convert your final configurations into Packet Tracer:
- commands that does not supported by Packet Tracer should be included in the written report

Assessment

Your report will be assessed based on:

• Neatness and professional presentation
• Show your understanding of IT security requirement, in the context of modern corporate environment
• Rationales for your design, suggestions and recommendations
• How practical are your recommendations
• Scope and areas covered.
• A general, basic or even shallow discussion will ended up with bad result.

Reference no: EM131936603

Questions Cloud

What is your optimal position in the risky asset : If you want your complete portfolio to have a standard deviation of 15%, what percentage of your complete portfolio should be invested in the risky portfolio?
What is the coupon rate of bond : What is the coupon rate of this bond? (Answer to the nearest hundredth of a percent, i.e. 1.23 without the % sign).
Determine how much money will you have after 20 years : If you invest $26,778 today at an interest rate of 6.71 percent, compounded daily, how much money will you have in your savings account in 20 years?
What effect would the finding have on your responses : On further analysis, you find that the growth rate in FCF beyond 2019 will be 4% rather than 3%. What effect would this finding have on your responses.
Re-design the companys hq network : Your task is to re-design the company's HQ network and secure the Company's network infrastructure and communications.
What will the fund balance grow to in 35 years : If you invest $500 at the beginning of each year in a mutual fund earning an average 9% after-tax rate of return.
How to run the business : They decide together what to serve, what hours to operate, and generally how to run the business. Do they have a partnership?
Current share price-no dividends will be paid on the stock : Metallica Bearings, Inc., is a young start-up company. No dividends will be paid on the stock over the next nine years, what is the current share price?
Who pays the tax the partnership or able : Who must file a tax return listing this as income, the partnership or Able? Who pays the tax, the partnership or Able?

Reviews

Write a Review

Computer Network Security Questions & Answers

  An overview of wireless lan security - term paper

Computer Science or Information Technology deals with Wireless LAN Security. Wireless LAN Security is gaining importance in the recent times. This report talks about how vulnerable are wireless LAN networks without any security measures and also talk..

  Computer networks and security against hackers

This case study about a company named Magna International, a Canada based global supplier of automotive components, modules and systems. Along with the company analysis have been made in this assignment.

  New attack models

The Internet evolution is and is very fast and the Internet exposes the connected computers to attacks and the subsequent losses are in rise.

  Islamic Calligraphy

Islamic calligraphy or Arabic calligraphy is a primary form of art for Islamic visual expression and creativity.

  A comprehensive study about web-based email implementation

Conduct a comprehensive study about web-based email implementation in gmail. Optionally, you may use sniffer like wireshark or your choice to analyze the communication traffic.

  Retention policy and litigation hold notices

The purpose of this project is to provide you with an opportunity to create a document retention policy. You will also learn how to serve a litigation hold notice for an educational institute.

  Tools to enhance password protection

A report on Tools to enhance Password Protection.

  Analyse security procedures

Analyse security procedures

  Write a report on denial of service

Write a report on DENIAL OF SERVICE (DoS).

  Phising email

Phising email It is multipart, what are the two parts? The HTML part, is it inviting the recepient to click somewhere? What is the email proporting to do when the link is clicked?

  Express the shannon-hartley capacity theorem

Express the Shannon-Hartley capacity theorem in terms of where is the Energy/bit and is the psd of white noise.

  Modern symmetric encryption schemes

Pseudo-random generators, pseudo-random functions and pseudo-random permutations

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd