Final Project: Project Plan

profileUSMC0911
ProjectDeliverable4InfrastructureAndSecurity03112021.docx
Home>Information Systems homework help>Final Project: Project Plan

1

Project Deliverable 4: Infrastructure and Security

Project Deliverable 4: Infrastructure and Security

Running Head: Project Deliverable 4: Infrastructure and Security

9

Project Deliverable 4: Infrastructure and Security

Project Deliverable 4: Infrastructure and Security

Introduction

The network of a company is the backbone of its day to day activities that comprise of their business operations, this is because all computer systems and network devices are connected together through it, which enables workers to conduct their tasks more effectively and efficiently across the company (LeCun, 1989). Therefore, in order for the employers to do this tasks more efficiently, the network need to be designed and set up properly.

The following is a network infrastructure design of the planned network;

D:\Learn With Chris\Work\Strayer\Project Deliverable 4 Infrastructure And Security\Project Deliverable Network Design.png

Figure 1: Network Infrastructure Design

The design above is part of the planning stage of the infrastructure of the organization before the actual implementation. In addition, understanding and evaluation of network components such as a server, router, laptop/desktops, gateway, Network Bridge, firewall and other elements are linked together and the ways they can be implemented to work more effective and efficient. Higher efficiency in terms of operations can be achieved by a network that is designed well (LeCun, 1989).

The network design entails a couple of details that are required in an efficient network and this includes the following;

· The processes and network security infrastructure details

· Location, type and numbers of all the network devices

· The cabling done on the company network

· A clear network map

Some of the best practices involved in the design of the network are; observing the actual design phase, design a network that accommodates future changes, implementing security in the design and network monitoring (LeCun, 1989).

Furthermore, the network infrastructure comprises of various network devices which includes; firewalls, routers, switches, switches, wireless access points, various workstations, a gateway, a network bridge and various servers such as database server, mail server, web server and file server.

Firewalls

Firewalls in this design have been implemented mostly at the entries into different networks. This is done so in order to filter out packets that are not allowed to get inside those networks. This prevents most attacks from attackers outside the network which could compromise the security of systems in the organization (Jiang et al, 2013).

The key design points that have been put into consideration include;

· Security policy development

· Implementation of simple solutions

· Correct use of devices

Routers

In this design they are main implemented in order to;

i. Process protocols that have been routed.

ii. Determining the best path by the use of routing protocols

In addition, all the devices or systems connected to the network have assigned IP addresses which helps them to communicate effectively with each other.

Bridge

A network bridge is among network devices that can be connected at the layer 2 (data link layer) of the OSI model. They must be connected just like the Local Area Protocols are connected and network packets are passed by the bridges networks (Jiang et al, 2013).

Wireless access points

They enable workers with portable devices to work more efficiently as they are constantly connected to the network wherever they are. Wireless access points also enable users to be able to access shared resources from any place (Jiang et al, 2013).

Gateways

This is placed between different networks in the design because it forms a passage between those networks that are also operating with different transmission protocols.

Switches

Switches offer connection points for most of the network devices such as firewalls, routers, servers and other network devices that can be connected to them.

There are various workstations for the users that are connected to the network which makes it convenient in accessing the shared resources or management of those systems.

Servers

There are various servers in the network design with different roles such as mail servers are used for storage and incorporation of the organization’s corporate mails. Two, file servers are used in the storage of company’s important files such as documents and making them available to the users. A web server stores important page files of company’s website and finally the database server which stores data on the employees and other resources.

Company security policy

This policy is very helpful in providing necessary steps or guidelines to be followed by the organization’s employees in order to effectively carry out their tasks or implement anything that is related to the network or computer systems.

The core principal that is mostly advisable to be applicable is C.I.A which stands for confidentiality, integrity and availability of information or other network resources.

Confidentiality of the organization’s information can be achieved by secure storage of this information through the use of passwords on the computer systems, on the network devices, servers and other connected appliances that could be having sensitive information on the company. Confidentiality which is safeguarding the information against unauthorized access and this can also be achieved through encryption which protects information in transit from attackers who tend to intercept the link and other man in the middle attacks. This can be highly achieved if organization’s employers follow these laid guidelines that ensure confidentiality (Burns et al, 2001).

Integrity of information exchanged within the organization is paramount as it ensures company’s operations are carried out more efficiently. There are various mechanisms that can be put in place to achieve this, one them is hashing. Hashing helps in determining that the information received has not been modified by any other party. Consequently, this helps the organization to make necessary decision based on whether the information is compromised or not. In case the information is compromised, the organization may tend to take necessary steps to handle the situation.

Finally, availability is another principal that is very crucial in any organization. Availability implies that the information of the company should always be accessible whenever it is required at any time and more efficiently. Availability can be achieved through the implementation of more reliable systems such as more powerful servers that are able to accommodate changes. This can also be achieved through securing the systems from virus that could cause a system crush and the important information can be lost. The system should also be protected from attackers in order to preserve system availability, this is because most hackers tend to steal and delete the company’s information once they get access to it (Burns et al, 2001).

Therefore, the principals stated above can only be highly achieved when employees of the organization follow necessary laid policies that helps in the protection of the systems which helps administrators in effective management of the network.

Employee ethical aspects

Employee behavior

The behaviors of employees is very important especially when it comes to management of the network because it makes manning of network systems easier and effective. Therefore when there is good behavior among employees these rules will be followed and therefore the network is more strengthened. Contractors and other external stakeholders should also observe good behavior so as to ensure that the network of the organization is not compromised.

Password usage

Furthermore, various guidelines should be followed in order to ensure that the passwords used adhere to the policy of the organization. Some of the guidelines to be observed include the following (Gaw et al, 2006);

i. Passwords should not be shared especially with persons outside the organization.

ii. Passwords used by employees should observe the length policy of the company such as at least 8 characters or special symbols should be applied in passwords, in other words every system should use strong passwords.

iii. Passwords should be changed after a certain period of time, mostly 3 or 6 months.

iv. Use of different passwords on different accounts, systems or sites.

v. Passwords should not be written down as unauthorized persons could get access.

vi. All the organization’s system should be at least password-protected.

Access to networked resources and information

Shared resources should be accessed through secure means such as the use of VPNs which protects the information against unauthorized access. In addition, information being exchanged unsecure channels should be encrypted in order to protect it from being accessed by attackers who might modify or even delete it. Networked resources should also be stored in secure systems or servers such as be password-protected.

Furthermore, shared information should also be well protected in such a way that it should at least ask for password authentication from users before the resources are accessed, this ensures that only authorized persons or those who have access passwords are able to view the information.

In conclusion, network-shared folders, systems and other resources on the network should only be shared with authorized persons.

References

LeCun, Y. 1989. Generalization and network design strategies. Connectionism in perspective, 19, 143-155.

Jiang, N., Becker, D. U., Michelogiannakis, G., Balfour, J., Towles, B., Shaw, D. E., ... & Dally, W. J. 2013, April. A detailed and flexible cycle-accurate network-on-chip simulator. In 2013 IEEE international symposium on performance analysis of systems and software (ISPASS) (pp. 86-96). IEEE.

Burns, J., Cheng, A., Gurung, P., Rajagopalan, S., Rao, P., Rosenbluth, D., ... & Martin, D. M. 2001, June. Automatic management of network security policy. In Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01 (Vol. 2, pp. 12-26). IEEE.

Gaw, S., & Felten, E. W. 2006, July. Password management strategies for online accounts. In Proceedings of the second symposium on Usable privacy and security (pp. 44-55).