csc420 slp2 – GradSchoolPapers.com
assignment, you will add the following to the Network Security Plan:
Client/Server Security Plan
Intrusion Detection Plan
Incident Response Plan
This part of your plan should include the following:
NOTE: You should add this new content to the document submitted for the previous module SLP assignment.
An updated title page with class number and name, project name, your name, and the date.
An updated Table of Contents with the major sections of the document (note that this document will be expanded with each SLP assignment).
Client/Server Security Plan: Describe how clients and servers in the network will be protected from security threats.
Intrusion Detection Plan: Describe an appropriate intrusion detection system for the network, including identification of the major components and their placement in the network.
Incident Response Plan: Describe the plan for incident response that will handle alerts from the intrusion detection system.
An updated reference page as an appendix.
The new content for the document should be 3–4 double-spaced pages, excluding the title page, TOC, and reference page.
The document will be assessed based on your ability to adequately address the assignment requirements.
Network Security Plan for ABC
The network consists of all the common features such as clients, servers, shared data, media, shared peripherals and resources. The servers function at ABC is to offer shared resources to the users of the network. On the other hand, the clients are the computers or nodes whose function is to access the shared resources. Shared data represents all the files that a server provides to its nodes. The network media are all the wires, routers, bridges, hubs, repeaters and switches that provide the physical links between the clients and the servers. On the other hand, network resources represent devices and services that are provided for use of the network. Examples of resources are printers, software, files and other shared items. The following image is an illustration of the ABC network configuration showing various components mentioned here:
Figure 1.Network elements. From “Network Configuration,”by Pluto n.d.http://pluto.ksi.edu/~cyh/cis370/ebook/ch01c.html
As seen above, ABC employs a server based network to link up the entire organization. A server based network is different from a peer to peer network in that in the latter, all nodes are equal implying the absence of a hierarchical arrangement. As such, every node functions as a server in relation to the others. ABC organization uses a server based network since the company has a large number of employees which justifies the cost of utilizing a dedicated server to link all the stations. Additionally, a server based network allows an organization to engage a full time system administrator to ensure that the network is always online.
Moreover, in the server based network the user is entitled to use remote services as dictated by the network administrator. The network administrator ensures that each remote user is allocated a share of the network resources (Greene et al., 2015). In an organization such as ABC employing a server based system is ideal since there is an additional need for system security. In addition to being a server based network, the company’s network is arranged in a bus topology which involves a line configuration such that the nodes branch from the central bus.
Figure 2.Bus topology. From“What is bus topology,” by P. Sparrow 2015, http://www.ianswer4u.com/2011/05/bus-topology-advantages-and.html#axzz3xhO1kBOc
There are several advantages of having a linear bus topology network. Firstly, the network is easy to extend—is is easy to add or remove a node or a peripheral gadget without affecting the rest of the network (Zhang et al., 2013). The topology does not utilize too many resources during set up—it does not require a lengthy cable as is common in other arrangements such as star topology (see a star topology in Appendix 1). Lastly, the network is easy to expand or contract depending on the prevailing needs of the organization.
Security Risk Analysis
Like other companies with robust and delicate networks, ABC has three major areas of potential risk: network integrity, denial of service and system infiltration. On a scale of 5, the threat level for each of these risks is estimated to be at 2, 3 and 1 respectively. However, the risk levels are estimated to increase if the organization expands its size. This is because a bigger network prevents more points of vulnerability than a smaller (Feng & Kaiser, 2012). The bigger a network is, the more passwords are required, the more hardware is used to access the network and the more users are engaged in it. This increases the ease with which a malicious party may compromise the integrity of the network.
To deal with these problems, ABC has invested in the use of firewalls, strong antivirus programs, stringent passkey policies and employment of boundaries to compartmentalize the entire network. According to Feng & Kaiser (2012), denial of service can be prevented by using SYN cookies. ABC company employs Cisco Guard which is a network guard device planted in the server. Additionally, the network administrator is mandated with constantly tracking TCP connections to lessen the likelihood of malicious SYN flooding.
Network Traffic Analysis Plan
As mentioned above, it is imperative that ABC Company is able to monitor its networkowing to its wide extent. Monitoring and analyzing the flow of network on a regular basis allows an organization to determine when to undertake various system changes such as upgrades (Fusco & Deri, 2010). As part of the overall security plan, network analysis will be used to determine the most active section of the network and ones using the networks maximum bandwidth. ABC Company uses Monitor Scouts for monitoring the network. In the short-run,the companyis planning to use the same tool for detecting IP addresses that are used to access the network, the ones that are logged in, the protocols used, the remote IP addresses used and the destination ports. This information will be recorded for later periodic reviews aimed at improving the networks security and efficiency. A dedicated node is used to fetch and collect and analysis real time flow of patterns in the network (Fusco & Deri, 2010). As such, separate node may be required for the purpose of implementing the network analysis and monitoring tools owing to the size of ABC Company’s network.
Feng, W. C., & Kaiser, E. (2012). U.S. Patent No. 8,321,955. Washington, DC: U.S. Patent and Trademark Office.
Fusco, F., & Deri, L. (2010). High speed network traffic analysis with commodity multi-core systems. In Proceedings of the 10th ACM SIGCOMM conference on Internet measurement (pp. 218-224). ACM.
Greene, P. G., Brush, C. G., & Brown, T. E. (2015). Resources in small firms: an exploratory study. Journal of Small Business Strategy, 8(2), 25-40.
Pluto .nd. Network elements. Retrieved from http://pluto.ksi.edu/~cyh/cis370/ebook/ch01c.html
Sparrow, P. (2015). Bus topology. Retrieved from http://www.ianswer4u.com/2011/05/bus-topology-advantages-and.html#axzz3xhO1kBOc
Zhang, H., Zhao, P., Gao, J., & Yao, X. M. (2013). The analysis of the properties of bus network topology in beijing basing on complex networks.Mathematical Problems in Engineering, 2013.
Figure 3. Star topology