Project Deliverable 6: Final Project Plan

profileNerdychick06
ProjectDeliverable5NetworkInfrastructureandSecurity.docx

Running head: NETWORK INFRASTRUCTURE AND SECURITY

NETWORK INFRASTRUCTURE AND SECURITY 8

Project Deliverable 5: Network Infrastructure and Security

Introduction

Operating a corporate organization needs a secure and robust network infrastructure that supports the firm's network, technical devices, and information systems. Without a robust infrastructure in place, the business risks compromising the effectiveness of its information technology, which might result in security breaches compromising the firm's data and information systems. Security breaches result in revenue loss, additional expenditures, and even a negative image for the firm. A network infrastructure links computers, mobile devices, and printers through wired or wireless connections via an access point such as a router (Sheshadri, Patel, Venkatesh, & Srivastava).

The network infrastructure comprises the hardware and software resources that support the network's connection, communication, operations, and administration. The network infrastructure connects people, processes, applications, and services to external networks such as the internet. Network infrastructure comprises networking gear such as routers, switches, local area network cards, and cables (Cuppens, Cuppens-Boulahia, & Garcia-Alfaro). Operating systems, firewalls, network security programs, and network operations and management software all fall under the category of networking software. The last component of network infrastructure is network services, which include, but are not limited to, wireless protocols, IP addressing, DSL, and satellite.

An organization like Realsys' network infrastructure is the subject of this paper's investigation. Security policies and network components are also highlighted in this document. The paper aims to define the ethics of network infrastructure and provide a physical topographical architecture of a network infrastructure.

Network Vulnerabilities

Due to a rise in cyberattacks and savvy security hackers, network security has become much more difficult. It is a weak network and architecture that may lead to a security breach if a threat exploits it. Information systems and data are all examples of non-physically vulnerable network components (Lachance). The design defects of an operating system (OS), for example, may make it susceptible to network assaults. The most recent security fixes may be found in regular program updates. As long as the program and its host remain unpatched, a virus might infect them all. Vulnerabilities in physical network assets such as servers and network cables are referred to as physical network vulnerabilities.

One weakness that may lead to security breaches in a company is access control. For Realsys, one of the most fundamental approaches to managing software vulnerabilities is to restrict user access. A hijacked user account can only cause so much harm if it has access to much personal information. Identifying and defining roles and responsibilities for users will be necessary for Realsys after the merger, as this will aid in the definition of access rights and permissions for these individuals. Promoted or demoted users must be given a different set of privileges based on their job descriptions and duties (Cox & Singh).

An organization's network security is at risk because employees are the most vulnerable. Network infrastructure security may be compromised by the actions of employees, whether deliberately or inadvertently. There is a risk that employees may click on links or visit websites that will infect the network with malware. A lack of cybersecurity experience among Realsys's personnel might put the company's security at risk. Thus the company should undergo cybersecurity training for all employees. Companies that allow workers to bring their own devices to work are putting their networks at risk of infection by malware and viruses. A single server may host more than one device at Realsys, allowing the organization to have fewer devices overall. BYOD (Bring Your Device) will also be needed to allow workers to utilize their mobile devices in the workplace. However, the corporation has to create laws that restrict the usage of personal devices, such as limiting specific websites and connections or even forbidding the use of sub-standard gadgets that would function as loopholes for hackers owing to vulnerabilities in their design.

Realsys' information and information systems benefit significantly from the usage of cloud technologies. There are certain drawbacks here, including the possibility of compromising information and systems kept in the cloud if they are accessible from outside networks. A hacker or virus might compromise the firm's data if executives and managers use their devices or wireless networks while viewing corporate information. As wireless networks are significantly more straightforward to attack than wired networks, the network's security is significantly compromised by the usage of wireless networks. In order to prevent unwanted access to the network, Realsys must establish security regulations such as the usage of firewalls and network passwords while using the wireless network (Kizza).

Passwords and user identification are security flaws that might jeopardize an organization's network infrastructure. After the merger with Realsys, the firm will need to establish password rules. Users must generate passwords using a combination of letters, numbers, and special characters; this makes it more difficult for attackers to crack the passwords. Simple passwords such as "password" or "12345," as well as the option to recycle passwords across accounts, make access simple for thieves and intruders. Additionally, after a few minutes of inactivity, all devices on the network need locking. Additionally, Realsys will need to identify people logging in or accessing the company's data or information centers, such as server rooms.

Logical and Physical Topographical Layout

This relates to the network's physical structure and the pattern of data flow inside the network. The physical topology of a computer network depicts the locations of various network pieces such as computers, cables, and other devices and their connections to one another. The logical topology diagram illustrates the flow of data between devices in the network. A star topological pattern will be used to build the physical layout. It will demonstrate the connectivity of all devices to a central server. They will be able to access critical resources and services such as bandwidth and simplify network administration. On the other hand, the logical layout employs a bus topological structure, which comprises a single backbone line that serves as the network's anchor.

Fig 1 - Physical Layout

A Small Office/Home Office (SOHO) Network Topology – Computer ...

Fig 2 - Logical Layout

Pulse Secure Article: KB10162 - Determine Topology and Connect the ...

Security Policy

Realsys mandates establishing an information security policy that safeguards the confidentiality, integrity, and availability of data. The information security policy of an organization is often a high-level document that covers a significant number of security rules. The information security policy mandates that all employees conform to the established rules and controls. This policy is intended to help workers understand that the company has laws and regulations in place. They will be held responsible for the sensitivity of the business's information and information systems. Information security is predicated on three key concepts; these principles are as follows.

Confidentiality: This idea comprises safeguarding information from unwanted disclosure or access. The confidentiality principle's purpose is to guarantee that private information stays private and is only available to those who need it for their professional activities. This implies that information must be protected while it is in use or while it is being stored. The information must be safeguarded against unwanted access, whether deliberate or unintentional. For example, businesses that allow workers to bring their own devices to worth risk losing data if an employee misplaces their laptops. This may be entirely unintended, but when remedial procedures are implemented, the employee will disclose the loss, and the organization will take steps to safeguard the information (Keyser & Dainty).

Integrity: Which includes safeguarding data from unauthorized alterations such as deletion, addition, or alteration. The notion of integrity guarantees that data is accurate and unaltered. This concept requires consistency in the processes used to gather, process, store, and retrieve information to assure the data's accuracy, correctness, and authenticity.

Availability: This concept guarantees that the operation of support systems is protected, and data is fully accessible when its users need it. This approach will guarantee that Realsys preserves information so that it may be retrieved quickly and efficiently when required. The organization must employ long-term and short-term tools and technologies to guarantee that data is always available. Additionally, it entails the establishment of information systems, access control mechanisms, and identity management.

Network Components

Fig 3 - Network Components

Cartoon Networks: Sample 1. Computer network system design diagram.

Ethics in the Network

As with any other profession, networking is controlled by an ethical code that ensures a pleasant work environment. All workers are obligated to adhere to the specified code of behavior. Individuals do not share user passwords or credentials. Individuals are supposed to respect the privacy of others, which includes granting access to personal accounts, e-mails, and even gadgets. Users are fully accountable for any activity conducted via their accounts.

References

Cox, J., & Singh, A. Practical Network Scanning: Capture network vulnerabilities using standard tools such as Nmap and Nessus. Birmingham: Packt Publishing.

Cuppens, F., Cuppens-Boulahia, N., & Garcia-Alfaro, J. Misconfiguration management of network security components. arXiv preprint arXiv:1912.07283.

Keyser, T., & Dainty, C. The Information Governance Toolkit: Data Protection, Caldicott, Confidentiality. Boca Raton: Chapman and Hall/CRC.

Kizza, J. M. Guide to computer network security. Cham: Springer.

Lachance, D. Cybersecurity Analyst+: Network Vulnerabilities.

Sheshadri, S. K., Patel, P. K., Venkatesh, V., & Srivastava, N. Network device configuration framework. In: Google Patents.