Menu

Q-3: and Debian Linux. The client computers

0 Comment

Q-3: A company Vortex® works manly in currency exchange. The company has more than 10000 customers, and 700 employees. The company has 25 servers in different types (database, web server, product activation server, etc.). Two servers are still unoccupied. The company employees utilize different operating systems such as Windows XP, Windows 8.1, Windows Server 2012, and Debian Linux. The client computers used in the working environment are mix of computers provided by the company, employees BYOD (bring your own devices) computers, and mobile devices. The clients are connected through both cable and Wi-Fi. The internet connection comes from two different ISPs. A lot of time is spent on setting up local user accounts on every employee’s computer and to troubleshoot third party applications installed by the employees. The company plans to move some of their used applications to the cloud, and the company needs this issue to be considered. It is required to: 1. Design complete server security architecture for the company Vortex®. The design should produce secure servers, and build a secure working environment from both inside and outside the company 2. Develop a flowchart that describes the design aspects for the entire design process. You can use IF-THEN approach. Hints: You can consider different factors and keywords in your design like: • The network design/ topologies for the 25 servers. Dividing the servers into different network zones according the sensitivity and functionality of 2 the servers • Protection of the servers from the networking perspective. Network-based firewalls, distrusted firewalls, and host-based firewalls • The installation and the hardening process of the server OSs which needs a policy or a regulation document • User /customer authentication to the servers (from inside the company and from outside the company as well) • Servers management plans by IT personnel • Security techniques for the database servers that are connected to database security on the application layer • Security awareness, training, and education for the employees • Advices about using cloud computing by Vortex® The question has a broad scope, and you have to do your best to bring all the possible design aspects. You need to apply what you have learned from the lab assignments in the design of the server security architecture.    Answer Interconnected computers brings large amounts of possibilities in the company Vortex for collaboration, intercommunication and social networking for-example printer and file sharing  Network communications in small to medium organizations is largely and often impaired malicious attacks which target disrupting network traffic. The most common among those attacks is the denial of service attacks  and user or host compromise attacks¨. In a denial of service attack, the attacker sends large amounts of bogus data traffic to the target computer with intentions of causing disruptions while consuming large amounts of bandwidth and in the end rendering the computer unable to provide services to the intended legitimate users. In a host compromise attack, the attacker exploits vulnerabilities in a host thereby gaining control of it<<1 When these two attcks are combined, theycan be used to cause more disruptful kind of attack called distributed denial of service attacks. Network Security for Client-Server Architecture Using Wiretap Codes Matthieu Bloch, Member, IEEE, Rajesh Narasimha, and Steven W. McLaughlin, Fellow, IEEE The number of DDoS have been on the rise recently on many popular e-commerce and gaming websites which have been targeting the Domain name servers. The most important solution that research has found on better countering them is through design of secure servers and schemes of detecting and recovring from them using detection features like intrusion destionsystems (IDS). Other methods range from resistant schemes designed based on built capabilities to servive and resist network attacks. All these measures have been proposed but has not solved the the ever increasing attacks and hackers still launch successful attacks. The soltuon therefore resides in the design of secure network architectures and other network schemes that are capable of avoiding and mitigating serious impacts of the attacks. The reasons for the security architecture design For consumer trust and confidence Better business focus Better and secure information exchange Remote and secure access to internal workings and operations Improved business productivity Reduces costs associated with loss of information components of security architecture model components The successful security model will be in position to put together a combination of policies and also leading practices, user training and education, encompassing new technologies, and awareness programs. There are four different layers considered in the design of the server security architecture which are addressed in the architecture, Secure access Hardware and operating system Applications Human aspects A number of programs like anti virus, intrusion protection systems, firewalls play a very crucial role in the protection of the companies from any attcks coming from within the organization or outside it. To achieve the highest from the security mechanisms, Vortex will implement a holistic architecture that will be inclusive of all the security elements. This architecture is coordinated and structured which includes the people, the network servers, the end user computers, all processes etc which work together to completely ensure security of Vortex information resoucres which should also rely on the comapnay information flow to all departments to adopt to any changes. The IT department should be in position to understand the design of the security architecture and its main components, how to assess the architectures's effectiveness and the all the needed frameworks in evaluating and desiging an effective architecture in order to maximize any audit efforts. components of security architecture model components The Vortex® security architecture is an effective architecture which consists of users/people, tools(servers, computers, phones , tablets), processes(applications running on the servers and computers).  Effective and efficient security architectures consist of three components. These are the people, processes, and tools that work together to protect companywide assets. To align these components effectively, the security architecture needs to be driven by policy stating management's performance expectations, how the architecture is to be implemented, and how the architecture will be enforced. This enables the architecture to guide management so that decisions are aligned and consistent throughout the entire IT landscape. The architecture also should be strategic — it must be structured in a way that supports the organization's business goals. The components described below should form part of an effective and carefully planned security architecture and should be evaluated during audits of the security architecture. These are: Guidance in the areas of incident response, baseline configuration, account creation and management, disaster recovery, and security monitoring. Identity management. Inclusion and exclusion of who and what is subject to the domain of the security architecture. Access and border control. Validation and adjustment of the architecture. Training. Technology.    The logical network seperation or Segmentation The 25 servers will be The network division zones will be the logical divion of network servers in the Vortex company. This is done for better manageable network division to reduce on data theft, reduce attack surface and for compliance. The security zone will have a well defined perimeter and strict protection of its boundaries because the systems that are it can highly be attacked. Forexaple an end user computer will be given different security requirements in the architecture as compared to the financial accountant that store confidential financial reports in the restricted zone. Thye zones must all comply to the general security rules and guidelines Each zone has only one separate entry point as defined by the firewall All outbound and inbound traffic must be monitored at the system perimeter All systems and groups must be identified All traffic that relates to Vortex® will be allowed to leave and enter the system perimeter While this can be done smoothly, complexity must be limited by defining clear security requirements and defining a few or small network security zones The Goals: The goal is to reduce the attack surface in a zone by reducing by exposing a few number of services coupled with a much more tremendous and strict access control methods that can be used to provide limited access to only identied groups of users. This makes the zones safely in case of attack, which will ensentially mean the attacker must comprose al the outer zones before accessing the inner zones where critical information is stored. This highly reduces increases critical systems availaibilty and a possible data breach. Network segmentation provides the following goals as part of a defense in depth Reduces data breach Limits attack surface Divides the system into compartments Increase the availability of the system     The network zones and their trust the trust levels attched The internet zone Zone Trust level attached Restricted The highest rust Management  Highest trust Extranet Medium Enterprise Medium External DMZ Low Internet Don't trust  Restricted Zone This is a place for the all sensitive information where the breach of its confidentiality, integrity and availability has far reaching consequences to the company Vortex® on its reputation, competitiveness, and its market share price. The highest protection should at this zone to detect and stop any attacks. The number of critical systems at this level include Finacial database User system databases Human resource database Intellectual property Management zone The management zone is the center of monitoring and control like performance servers, security management and configuration managenet. Here users have a more high privillage than other users thus making systems in zone a prime target of attckers. Extranet Zone This zone will house highly trusted connections with third party partners in business which also extends to the enterprise zone. Information and data flow from the internal network and the external network must be filtered and monitored in order to strictly allow company information to leave or enter the zone at the perimeter. The organisation has no control on systems that are oustide its control in the external zone.  This this scenearios all thirdparties must adhere to the risk assesemnt to be able to understand their security position before any connection is being allowed to them.   External DMZ All traffic is monitored that passes the extranet and the enterprise zones.  under the extranet zone, hardening is performed on the systems to minimise attacks, these systems include; The email gateway External web servers Web proxy servers Remote service acces FTP servers Intranet zone  Enterprise zone This is the platform for end user devices like computers, printers, mobile phones and tablets. Their protection is important to reduce exposure of end user devices to the risks of malware.  External Demilitarized zone   It will define the boundary     The company consists of servers, end user devices, bring your own devices, phones which are defined     

x

Hi!
I'm Viola!

Would you like to get a custom essay? How about receiving a customized one?

Check it out