Week 4 -- Network Security -- Team D
Week 4 -- Network Security -- Team D
Popular in Course
verified elite notetaker
Popular in Department
This 8 page Study Guide was uploaded by expert Notetaker on Tuesday November 17, 2015. The Study Guide belongs to a course at a university taught by a professor in Fall. Since its upload, it has received 15 views.
Reviews for Week 4 -- Network Security -- Team D
Report this Material
What is Karma?
Karma is the currency of StudySoup.
You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!
Date Created: 11/17/15
Network Security 1 Running header: NETWORK SECURITY Network Security: The Case of Huffman Trucking Team D: Will Mason, Paul Bropleh II, Detricia Coardes, Alexander Rodriguez, and Michelle Walker University of Phoenix NTC 360 Stephen Omogbehin February 16, 2007 Network Security 2 The Case of Huffman Trucking Network security is more important today than at any time previously; networks move larger amounts of data (often secure date), hackers can gain access by various means, and even employees can compromise the overall security of the network. A company can tighten its overall security by ensuring that all corporate offices and plants possess the same type of networking protocols, network operating system (NOS), cabling, and network equipment. Huffman needs to examine the current state of its networks (both offices and plants), identify security needs, advantages and disadvantages of various security approaches, and recommend the optimal combination of cabling, NOS, protocols, and network equipment. The current state of Huffman Trucking’s network The current state of the network at Huffman Trucking is a mismatched array of NOS, protocols, cabling, and networking equipment. The following is a list, by site, of the various security implementations at Huffman Trucking: 1. California plant – Ethernet network, TCP/IP protocol, Cat 5 cabling, Windows 2000 Server, Windows 2000 Proxy Server, Bay Networks router and hub 2. California office – TCP/IP protocol, Bus Topology, no routers, no switches, no hubs, Cat 3 cabling, Windows 3.x and 9.x environment, standalone IIS (Internet Information Services) server, no firewall, 28.8 Kbps modem 3. Missouri office – Cat 5 cabling, Novell 4.11, Novell Border Manager, IPX/SPX protocol, Norton Antivirus Corporate Edition, Cisco 10 Mb Hub and Switch 4. Missouri plant – TCP/IP protocol, Cisco 10 Mb Hub, Cat 3 cabling, Wyse terminals 5. New Jersey office – Bus Topology, TCP/IP, no routers, switches or hubs, Cat 3 cabling, standalone IIS Web Server, no firewall, 28.8 Kbps Modem Network Security 3 6. New Jersey plant – Star Topology, dumb terminals, Windows 3.x Central Terminal, ISDN Connection, patch panel at center of network 7. Cleveland office – Token Ring network, IPX/SPX protocol, Cisco router, 10 Mb Hub, and Switch; Cat 5 wiring, Novell 4.11 (NOS), Novell Border Manager, Norton Antivirus Corporate Edition, ArcServe Backup Software 8. Cleveland plant – Token Ring network, TCP/IP protocol, Cisco 10 Mb hub, Cat 3 cabling, Wyse Terminals The networks of Huffman Trucking contain no consistency. Only two of the sites contain Norton Antivirus Software, some contain Cat 3 cabling while others contain Cat 5 cabling, old NOS are used at more than half of the sites, and the protocols vary from Novell’s IPX/SPX protocol to the standard TCP/IP. Some of the networks do not have firewalls to keep out hackers, while others contain either dumb terminals or Wyse terminals (smart terminals). The inconsistency in all of the above areas will lead to network breakins and infiltrations by the outside world. The only network that contains a measure of safety is the Los Angeles plant; the reason why is the implementation of the Star Topology, use of routers containing builtin firewalls, and Windows 2000 Server as its NOS. The next logical step is to address the issues on Huffman’s networks and combining the networks to form a strong, secure, and consistent network throughout the Huffman enterprise. What needs to be changed and why? One of the most important characteristics of solid IT infrastructure is consistency. The PCs that are the most antiquated should be replaced with models with faster processors and larger storage capacities; in addition, the PCs should all use Windows XP Professional as the standard OS. The servers must utilize at least Windows 2000 Server (if not Windows 2003 Server) in order to provide the most current security standards and networking protocols. Network Security 4 Windows 3.1 and Windows 98 do not possess the capability of operating efficiently and securely on serverclient network architecture. The next change arises from the physical infrastructure of the networks. Cat 3 cabling supports data transfer rates up to 10 Mbps, which is slow by today’s networking standards of 100 Mbps or more of throughput on a LAN or WAN. The installation and usage of Cat 6 cabling allows for stable data throughput and scalability. When gigabit standards come to fruition in networked environments, the cabling will support the current standards. The consistency of the connections between locations the internet allows for efficient data and voice communications; in contrast, the use of AOL dialup at the California site, while utilizing a fractured T1 at the Missouri and Ohio plants does not allow for maximized data and voice transfer. Another issue with the existing network is the placement of the Web server at the California plant; compromised network connectivity and speed on the overall network exists because of the throughput level of the different offices and plants within the network. Since the various sites operate independently, an outage at a specific site will not impact the other sites; however, communications between the site that is down and the transfer of networked devices (such as servers) will be compromised because of the outage. Advantages of security feature implementation Many advantages exist with the upgrade of the Huffman Trucking. These advantages include the following: 1. Centralize user accounts, security, and access controls simplify network administration. This means that all controls reside on the server, rather than various pieces of networked equipment. 2. More powerful equipment means more efficient access to network resources. More processors exist on servers, which provides more computing power and allows multiple access to resources without compromising network speed. Network Security 5 3. A single password for network logon delivers access to all resources. This is through the use of Windows 2000/2003 Server and allows a user to belong to various groups, while only using one password for access to the resources he or she requires. 4. Serverbased networking makes the most sense for networks with 10 or more users or any networks where resources are used heavily. (Tomsho, Tittel, and Johnson, 2004, pp. 13 – 14). 5. Cat 6 cabling allows for throughput speeds that exceed Cat 3 cabling. This type of cabling is also recognized for use on Ethernetbased, Star topology networks. 6. Use of Windows XP Professional allows for the users to communicate efficiently on the network and allows different sites to communicate with issues with compatibility. In addition, XP Professional is still supported by Microsoft through the use of its Windows Update feature. The use of a Star Topology, Ethernetbased, Windows 2000 or 2003 Server environment provides Huffman with security against hackers. The use of Cat 6 cabling not only provides more throughput on the corporate network today, but will provide scalability to the network when 1Gbps throughput is achieved on corporate networks. Windows XP Professional also provides various levels of security to complement the use of Windows 2000 or 2003 Server. However, with the advantages of upgrading the network are the disadvantages of utilizing certain features. The disadvantages of security features Network administrators find numerous reasons to implement many security features on their networks; however, disadvantages to certain features that should increase security possess disadvantages. Many points on a network exist that may be compromised by an internal threat or a hacker. Other disadvantages that exist with implementing certain security features are as follows: 1. At worst, server failure renders a network unusable. This type of threat occurs on Star Topology networks because of the Network Security 6 central point of failure that occurs when a router, server, or other central point experiences issues. 2. Expenses are increased by the use of complex, specialpurpose server software. 3. Dedicated hardware and specialize software add to the cost of serverbased networking. (Tomsho, et al, 2004, p. 14). 4. Cat 6 cabling provides additional protection from outside interference, but is not immune to all noise. The only type of cable that is completely immune is fiberoptic cabling. 5. Windows is not completely immune from security threats. Hackers can use a problem with a Windows feature to gain access to the network. 6. The use of TCP/IP in a large environment is the problem associated with assigning static IP addresses to all networked devices. Security recommendations for Huffman Trucking After carefully studying the Huffman Trucking Network system, it is the conclusion that the following recommendations will benefit the company by enhancing and providing the security that a network should have. Novell Border Manager is employed at only two locations (Missouri and Ohio offices), while no security methods exist at the other locations. It is therefore recommended that Authentication be first and foremost at all locations. The network and the networkaccessible resources have to be protected from unauthorized access. Mandatory Access Control should be used to ensure that privileged access is withdrawn when privileges are revoked. For example, deleting a user account should also stop any processes that are running with that user’s privileges. Once authenticated, firewalls must be installed at all locations. Firewalls enforce access policies fostered by the authentication process. The access policies entail what services are allowed to be accessed by the network user. Though effective to prevent unauthorized access, Network Security 7 this component fails to check potentially harmful contents such as computer worms being transmitted over the network. Therefore, the next recommendation is an Intrusion Prevention System (IPS). This system exercises access control to protect the network from exploitation. An IPS helps detect and prevent malware (malicious software designed to infiltrate or damage a network component without the administrator’s informed consent). It also monitors for suspicious network traffic for contents, volume and anomalies to protect the network from attacks such as denial of service. Maintaining privacy is a key factor for a viable network. The communication between Huffman’s systems should be encrypted. Events occurring on the network should be tracked for audit purposes and a later high level analysis. Finally, it is recommended that Honeypots (decoy networkaccessible resources) should be deployed in a network as surveillance and earlywarning tools. Techniques used by the attackers that attempt to compromise these decoy resources should be studied during and after an attack to keep an eye on new exploitation techniques. Such analysis could be used to further tighten security of the network. Network Security 8 References Tomsho, G., Tittel, E., & Johnson, D. (2004). Guide to Networking Essentials (4 Ed.). Retrieved from the University of Phoenix, Week One, Resource, NTC360 – Network and Telecommunications Concepts Website: https://ecampus.phoenix.edu/secure/resource/resource.asp
Are you sure you want to buy this material for
You're already Subscribed!
Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'