NTC 362 Week 5 Individual Assignment- INDP Final Project
NTC 362 Week 5 Individual Assignment- INDP Final Project fin571
Popular in Department
This 0 page Study Guide was uploaded by an elite notetaker on Wednesday November 11, 2015. The Study Guide belongs to fin571 at Kaplan University taught by in Fall 2015. Since its upload, it has received 73 views.
Reviews for NTC 362 Week 5 Individual Assignment- INDP Final Project
Report this Material
What is Karma?
Karma is the currency of StudySoup.
You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!
Date Created: 11/11/15
Kudler Fine Foods Network Final University of Phoenix Introduction Kudler Fine Foods is taking the next step to upgrade the existing infrastructure with new wireless technology which will provide a better communication link for not only the all of the stores but for all of the employees as well With new systems and servers the ability to maximize the company s profits will increase overnight The new inventory system will allow the stores POS systems to alert the warehouses to ship more products when they are running low automatically This will eliminate the need of wasted man hours checking the stock The communication throughout all the stores is also being upgraded with VoWLAN which will give the employee the exibility of taking calls while providing the services as needed for each customer The other technological advances that will be introduced will provide real time network analysis and security monitoring Once the new network is completed it will bring Kudler Fine Foods to a new standard of service Network Overview Kudler aging network infrastructure is getting to the point of extinction The Bus network which is installed does not allow the stores to communicate with each other because they are on separate networks This is a problem because there is no central location for any network servers and no backups or security is setup This is why an enterprise wireless wide area network is being rolled out Having a network that provides mobility is essential in today business world and why it will become a corner stone for Kudler for years to come The WLAN will provide new ways of communication to take place which will be by computer and by a new voice over wireless local area network All sales counters will have brand new Dell Precision T5500 towers running windows 7 with wireless networking capability These systems will all have Norton antivirus installed which will prevent viruses worms and other known exploits at the system level The new systems will allow for faster transactions and communication to the POS server The new systems will be in constant communication with the hand held inventory system This will give all employees the ability to check on current prices stock and shipments in realtime whenever they need without waiting for management The VoWLAN will give all employees and management cell phones that work within the Kudler WLAN network This will eliminate the headaches missed calls busy signals and not being able to contact a manger when needed The new communication system will have the ability to call all sites whenever needed The VoWLAN connection will be provided by the Cisco 1941 wireless router The OfficeServ VoWLAN supplies a wireless signal to all the phones in the area and will act like a cell phone network located within the company All this technology is great but what if there is no service available or one of wireless routers goes down When the service provider is having outage issues the T1 line that is located at DelMar will be used be as backup intemet This same line will be used if a Cisco wireless router goes down which will provide an uninterrupted service so that that particular site will not lose communication The backup power supplies will also be increased in size because of the equipment that is on the network The amount UPS systems at the Del Mar site will also be increased by two as well This will be needed because all of the servers will be relocated to this one central location This setup is imperative in making sure Kudle is always in constant communication with all the servers in case of a power outage at this main site One major issue with the old network is that it has no central location for any of the servers this will be taken care of in the new network There will be four servers which will consist of Windows server 2008 for the POS systems real time inventory database Sourcefire management console for security and a backup file server for the entire enterprise network Without these systems in place the WLAN network will not be able backup any data or protect it The POS server will be in constant communication with all sales counters The information that is collected from this system will provide critical data on each customer and will also be linked to the database server The customer s information will be stored on the data base server for data mining purposes and will be used to provide information on what items are in demand This system will also provide a real time inventory for all stores within the network This inventory information will update all the real time inventory PDA systems for each store letting the team know how they are doing on supplies and products This will eliminate employees checking the selves manually thus saving time and money Security Since the POS and inventory database servers will be providing important data to each store the security will be upgraded The old infrastructure did not provide any security to any of the networks This was something that was not needed at the time but now will become a vital part to the new network The fact that the new servers will hold so much critical information it is important to make sure that they are protected This will be accomplished by implementing Cisco 1941 1941W tripwire internal and external IPSIDS systems and SourceFire management console These will provide the security needed to protect the network for any and all threats The first line of defense that has will be put into place is the SourceFire 3D IPS which will be located outside the Cisco 1941 routers The IPS will protect against network and applicationlevel attacks securing organizations against intrusion attempts malware Trojans DoS and DDoS attacks malicious code transmission backdoor activity and blended threats Cyberoam 2012 This will eliminate any malicious traffic from coming into the network before any damage can be done The other system that will be used in conjunction of the IPS systems will be multiple SourceFire IDS taps These taps will be located throughout the entire network which will be the eyes to the security team The downfall to SourceFire is that it uses the Snort rule engine This means if there are any incorrectly written rules pushed out to the taps it could bring down the entire security net in an instant The SourceFire management console will prevent this from taking place because all rules are written in a GUI interface and will not push out any rule that is incorrectly constructed This system will also allow all the taps to be centrally managed from one location This means that all trouble shooting can be handled at the Del Mar location preventing wasted time and company money Since the IPS system will be on the outside of the network the Cisco 1941 will provide another layer of security to the Kulder network The Cisco 1941 will provide an Integrated threat control system using Cisco IOS Firewall Cisco IOS ZoneBased Firewall and Cisco IOS Content Filtering technologies Cisco 2012 This means that the traffic will go through another inspection point eliminating any threats that were able to slip by the external IPS Once the traffic has passed through the Cisco 1941 it will be continuously watched by the IDS taps located throughout the entire network This will be vital when and if an incident ever does take place within the network The last and final piece to security will be TripWire This system will be monitoring any file changes within all the servers at the Del Mar location This is important to the DLP program This Data Loss Prevent system will monitor any file changes or file removals from the network and will provide the usemame of who changed or move the file These alerts will be feed into the SourceFire management console for monitoring and analysis by the security team Threat Detection and Mitigation Systems Knowing what is in the network and how it is protected is half the battle The other half of the battle is identifying what types of attacks the environment susceptible to If the security analysts are unable identify the malicious traffic on the network the new security systems that will be in place are useless The new WLAN network will be protected by multiple firewalls IPS IDS and a file integrity system The Firewall systems will be used to prevent scanning activity as well as blocking malicious IPs from entering the network This is critical because being able to block this type of traffic can save a network and the people who watch it a lot of time on incident investigations When hackers are scanning a network they are looking for reply backs from any ports that will respond This can help them finger print a system and by knowing what is on a network they can use this information for crafting attacks Once this is identified by a security team they can block the intruding IP at the firewall This will prevent all traffic coming and going to the suspicious IP in question The IPS and IDS systems will be another addition that will be used to protect the Kudler fine foods networks as well There is a difference between these two systems and it is important to know what each one does The IPS stand for Intrusion Prevention System This system is designed to prevent attacks from hitting the network For the new Kulder network the IPS system that will be implemented is SourceFire SouceFire uses a rule based detection engine known as Snort This system uses rules to find malicious content within the network data packet steams If the data that is in the stream matches the rule then IPS will either generate an event or it will generate an event and then drop the connection from the network When the rule is configured to generate an event it will let the analyst know that the packet could have the possibility of being malicious When the rule is set to generate and drop the connection the same thing takes place however the entire connection is denied from ever entering the network The IDS or Intrusion Detection System cannot prevent malicious traffic An IDS will send alert letting the security personnel know when malicious data is hitting the network This is another important factor which will be used with Kudler new network Having an IPS and a firewall are great but having the eyes on the inside is even better The IDS provides this by looking at the traffic passing through the inside of the network For instance what if a hacker were to fragment a malicious data packet and it passes through the IPS and firewall with no issues Then once inside it is reconstructed and the file executes stealing valuable data The IDS will fire off and the investigation can begin Now remove the IDS for the same situation and now there is almost no way to detect this malicious activity The only way that most of these incidents are discovered in scenarios like this is when the activity has started and by that time the hacker already has what they were looking for Network Threats The sourcefire system will play a huge role for network security team because it will provide the eyes into the new network The great thing about this system is the fact the any rule can be written to detect any type of activity on the WLAN network What this means is that if there is a new malicious threat out in the wild all that needs to be done is create the rule based on the information or malicious traffic The only down fall to this is the fact that if you do not know what you are looking for then how can you create a rule This is why threat and vulnerability research is so important to conduct Having the ability to create rules based on the research that has been conducted will only make the network that much more secure When it comes to understanding the exploits that have been research the one thing to remember is that no network is safe and every network is susceptible to any attack Understanding how they work is the best way to gain the upper hand to keep any exploit from hitting a network This is why keeping up with the latest vulnerabilities and hacks is so vital because the security field is an ever evolving environment With that said after reviewing the new network layout it was discovered there are many types of threats out there that could potentially affect Kudlers WLAN network The three that were chosen were key loggers Remote Access Tools RATS and War driving The first intrusion that the Kudler network could potentially fall victim to is having a key logger installed on the network Keyloggers track which keys were struck on a keyboard Usually this is covert and the computer user had no idea that their activity is being monitored Spyware Guide 2011 This type of intrusion can be sent by email as an attachment or unintentionally downloaded on the internet by visiting a malicious website Once the user opens the email or web site a file can install without the user ever know what happened Once the program installs every key stroke is recorded and sent back to the hacker who sent the original email or who owns the web page This process can be setup in a multitude of ways but the end result is always the same The information is stolen and if any username and passwords have been entered during this time they are now compromised The next intrusion that can take place within this network is the installation of a Remote Access Tool or otherwise known as a RAT A RAT is very common tool that is used on networks to allow system administrators to remote access systems without physically being in front of them This is a great tool for them to use but when you take this tool and put it in the wrong hands it is then turned in to a hacking program The RAT tool can be installing on networks by malicious email unauthorized download and even from employees installing it for personal use Once the remote access tool is installed this program can provide the access to the network from anywhere as long as an internet connection exists These programs can allow for keylogging data eXfiltration and access to other systems with in the network without being detected The last intrusion that will be covered is called war driving Since Kulder Fine Foods is a WLAN the wireless network emits signals These signals can be picked up by unwanted users by simply driving past the company Another way that this can be accomplished is by walking by with a hand held device this is called war walking This is not a hard thing to do because all that is needed is a laptop with WiFi capabilities or a PDA with WiFi Once the attacker finds a signal the attacks begin The ultimate goal of the attacker is to gain access and then begin sniffing traffic for passwords and other valuable data Out of all the exploits that were just covered this one is the easiest to conduct and is one of the major ones that Kudler Fine Foods will be venerable to This just shows how easy wireless networks can get hacked The one thing that is overlooked though is the fact that mobile devices are just as susceptible to this same attack The easiest way to remember this is if a device emits a signal that can be picked up then it is vulnerable to being hacked Stopping these exploits on the new WLAN network will be vital to the daily business of Kudler The systems that will be doing the work are the firewalls IPS IDS antivirus and file integrity systems These were covered earlier but we can now see why they are truly needed for this network The good thing is that these are not the most dangerous threat to this network The bad news is that the users on the network will be the biggest threat to the new WLAN As seen above the one thing that was a common factor in all of the threats is that they all had to be activated by a user or malicious user This is why no matter how much money is spent on this network for security it will mean nothing if the proper policies are not in place Network Security Policies Security Policies provide a guide line of rules that must be followed for a network IT security policies including network security policies are the foundation the bottom line of information security within an organization IT Security Policies 2003 These policies provide vital information from the usage of the network to the requirements of passwords installation of software and equipment Passwords requirements will be enforced so that the authentication to the network is not weak Weak passwords can provide access points that a hacker can expose with a brute force attack which can crack a weak password in seconds This is why with the Kudler network the password requirements will be as follows 0 Must be between 8 and 24 characters long 0 Must include at least 2 letters numbers and special characters 0 Must not include any form of the word 39password39 0 Must not contain any form of the username company name or company address This will prevent any successful brute force attacks from breaking into the network The network security policy will also cover the installation of any program that may be installed on the employee POS system To protect against unauthorized installation the users will be given basic rights which will not allow them to install programs If an employee sees a program that could better a process or provide information to increase productivity they must fill out a program installation request form Once the program has been check by the security team and is found to be safe for the network then approval will be granted The program will be downloaded on to a thumb drive that will have a onetime use admin password for the users system The drive will then be given to the employee so they can install the program This will prevent any unauthorized programs from being installed which could potentially contain malicious content that could infect the Kudler Fine Food WLAN network There will be a zero tolerance policy for any unauthorized personal network equipment This means that if a personal hub or wireless router is discovered the employee who installed it will be fired on the spot This will be a critical factor in preventing information and data from being stolen from the company If any additional equipment is needed a request form will need to be filled out and approved by the management and network security teams These polices are only a preventive measure in making sure that the proper usage is followed This is an ever changing process and lessons will be learned from incidents that take place within the network but it is also important to make sure that proper documentation is saved for future use This information than can be used to revamp the policies within the Kudler network and can improve the overall process The bottom line is that policies are in place to educated and inform the users what they can and cannot do within the network Conclusion Once the new network is in place and the policies have been implemented the new WLAN network will be ready to go The new network will be something that Kudler Fine Foods can look at for many years to come with pride and respect Not only does the new network provide the information that will grow the company but the network will also provide a new way of taking care of their customers every time they visit any of the stores This new network will also provide that peace and mind for the owners and employees because of the security backup systems and the room provided for future network growth The Kudler network will provide this same peace of mind for years to come References Cyberoam 2012 Intrusion prevention system Retrieved February 1 2012 from httpWWWcyberoamcomipshtml Cisco 2012 Enabling borderless networks at the branch Retrieved February 2 2012 from httpWWWciscocomenUSproductsps10546indexhtml De112010 Dell poweredge rack servers Retrieved February 1 2012 from httpWWWde11comusbusinessppoweredgerackservers Spyware Guide 2011 Keyloggers Retrieved February 3 2012 from httpWWWspywareguidenetkeyloggersoftware IT Security Policies 2003 quotwhere to nd information security policies how to deliver them quot Retrieved February 3 2012 from httpWWWnetworkandit securitypoliciescompolicieshtm
Are you sure you want to buy this material for
You're already Subscribed!
Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'