Discussion one: Due Jul/ 08
Prior to beginning work on this discussion, read Chapters 2, 6, and 8 in the textbook.
In the past, most network engineers would place a firewall at the perimeter of the network to protect the intranet. Today, the perimeters of networks have become more complex and firewalls have to be strategically placed to protect the digital assets of the organization. Data no longer consists of text documents. It has converged to include video, voice, and text. Malware can be embedded in any type of file, and once it is on the intranet, it can jeopardize the network, impact services, and reduce productivity.
In this discussion, you will address a business problem related to intranet security. For your initial post, you will assess 10 business-critical servers that need to send and accept traffic from the Internet and determine where on the network they should be put. Your organization has a network segmented into two subnets, both of which have a firewall. Subnet One is the Intranet and it connects to Subnet Two using a router. Subnet Two connects to the Internet via a border router. Consider the risks associated with a presence on the Internet, and examine the firewall architecture in order to determine the best placement for each critical server. Explain where you would place each of the critical servers listed below on the network, providing a rationale for your choices. Be sure to include information on how the chosen locations will secure the essential business services provided by each critical server.
- Web server with home portal
- Customer database server
- Mail server
- Chat server
- Intrusion detection system
- Customer registration server
- Server with marketing campaign material for the organization
- Intranet website
- VPN server
- Mail archive server
Your initial post should be a minimum 300 words long.
Discussion 2: Due Jul/ 08
Almost all of us have some type of Ethernet network at home. Usually, the Internet service provider (ISP) installs a gateway to the Internet at your house, and your network connects to the gateway using a home router. The TCP/IP stack of your intranet computers are configured to use the ISP router as a gateway to the Internet. Many of us also use Wireless Ethernet (IEEE 802.11 standard) to connect to the Internet. .
For this interactive assignment, assess your current home network. (If you do not currently have a home network, you may consider your work network for this assessment.) In a separate document, create a diagram that illustrates your intranet setup and your Internet connection. Consider the potential vulnerabilities of your current network setup as well as your digital resources. Create a second diagram in your document that illustrates an ideal network, including firewall(s) and other controls that would protect your digital resources against hackers. Attach your completed diagram document to your initial post. Within the initial post, explain how the design of the network best suits your needs and typical usage. Additionally, explain how your planned firewall architecture provides better security than your current network setup.
Assignment: Due Jul/12
Prior to beginning work on this assignment, please read Chapters 2, 6, and 8 in the textbook.
Our data infrastructure is constantly being attacked by hackers. Network administrators are being challenged on a daily basis to defend their intranet and other systems on the Internet. As a network administrator for Andrew’s Biometrics Corp (ABC), you face the following problem.
ABC has a series of load balanced Web servers that provide information about the organization, advertise products, process online orders, and allow customers to make payments. These systems need to be protected from denial-of-service attacks. There are many types of firewalls on the market today. Legacy firewalls tend to filter packets based on protocol types or IP addresses. Most recent firewalls can function on top of the application layer of the TCP/IP model and filter packets-based content.
Research a minimum of two industry resources (e.g., National Institute for Standards & Technology [NIST], Institute of Electrical and Electronic Engineers [IEEE], Internet Engineering Task Force [IETF], etc.) on this topic. (Access the MISM Credible Resource Guide (Links to an external site.) for assistance with finding appropriate credible professional resources.) Using the concept of a Demilitarized Zone (DMZ) and relevant diagrams, explain the design of your network and how you would segment it. Examine various firewall types and select the appropriate firewall to best protect the computing infrastructure of ABC. It is critical to manage the traffic in and out from the Internet and protect the internal digital resources, including customer data. Access your virtual lab environment and create a diagram using Visio to visually represent the proposed firewall layout. Include the diagram as an image within your document. (The Visio diagram may be included in your assignment by means of a screenshot pasted into your document prior to submission. Assistance with capturing a screenshot of your Visio may be found at Take-a-screenshot.org (Links to an external site.).)
The Firewall and Filtering paper
- Must be 600-900 words (two to three double-spaced pages) in length (not including title and references pages) and formatted according to APA style as outlined in the Writing Center (Links to an external site.).