Network security project
kirankumar
TelecommunicationandNetwork_final1.pptxNETWORK SECURITY PROJECT
Course: Telecommunications Network Security
Professor: Dr. Mamdouh Babi
By:
Pavan Srikar Dasari
Kiran Kumar Kasulavada
Tejdeep Edupalli
Venu Kumar Gudipati
Sandeep Kumar Jannu
Md Fahim Salim Adnan
Creating network architecture design for a startup ACME corporation.
They have new phone to the public called Acmephone.
A more secure version of the phone to business organizations, called the Acmephone B+, and highly secure version of the phone, called the Acmephone G+, to the government.
Introduction
2
Provide a secure environment for network services, systems and applications and a productive environment for users.
Define the roles and responsibilities associated with network services, systems and applications security.
Handle Computer related security Incidents efficiently and effectively
Cont..
To highlight the issues on how the ACME corporation has planned and established campus network for effective utilization.
To know the issues and challenges faced in establishing the campus Network
To know the issues related to changing campus needs
To know how best the internet services reaches the end users of ACME corporation.
To know the use of campus network for different administrative and business services
Objective
There needs to be a constant connection between the two locations that can carry at least 50 Mbps of data.
Each facility has three floors. The buildings are rectangular with each floor being 350’x350’.
There will be 200 network connections on each floor with an additional 100 network connections in the data centers located on the third floor of each building.
Prerequisites
There will be a failover* data center at the Cincinnati location.
Failover is a method of protecting computer systems from failure, in which standby equipment automatically takes over when the main system fails.
Each location should be protected from intrusions that are not limited to state change attacks.
There will be database servers located at the Cincinnati site.
CONT..
The Atlanta location will house the two secure development teams. As such, it will need the most security. To further complicate the design, there will be database servers and the corporate Web servers housed at that location as well.
The servers must have redundancy.
The solution must have a plan to verify security measures.
CONT..
Uses Three Tier Switching Architecture (Popularly known as Cisco’s Switching Architecture)
Different Layers:
Access Layer
Distribution Layer
Core Layer
Design
Layered Architecture
Atlanta Location
Cincinnati Location
Enterprise WAN Network
The Organization has 2 locations:
1. Atlanta, GA
2. Cincinnati, OH
A typical scenario will have Corporate Headquarter connected to Remote Offices (Branch Offices, Retail Counters etc.)
The Remote offices would be interconnected to the corporate office through
A dedicated network implemented over Leased-Lines and/or IPLC (International Private Leased Circuit) (Microsoft, IBM, Cisco, Infosys etc.)
VPNs on the Internet
Redundant route through an alternate leased line
Implementation
The Disaster Recovery site would be connected through multiple links to the main site
The NOC (Network Operation Center) may be at the Head Quarter or at a remote site
The NOC maintains, monitors and manages the network and application servers.
The Data exchange between offices may be through the servers at NOC to ensure security
Cont..
Backbone Switch
Layer 3/4 Chassis based switch
Multiple 100Fx or 1000SX/LX or 10GLX/LH ports for connectivity to Distribution switches
Multiple 10/100/1000 ports for connectivity to Servers
Distribution Switch:
Layer 2/3 Managed Fixed configuration switch
1/2 100Fx or 1000Sx/Lx or 10GLX/LH ports for connectivity to the Backbone switch
Multiple 10/100 or 10/100/1000 ports for connectivity to the Access switches
Access Switch
Layer2 Managed/Unmanaged Fixed configuration switch
Multiple 10/100 or 10/100/1000 ports for desktop connectivity
Switches
Campus backbone cabling—This is typically single- or multimode cable that interconnects the central campus Backbone Switch with each of the building Distribution Switches. Typically Ring Architecture is used to connect the Backbone switch to the Distribution switch to provide redundant routes.
Building backbone cabling—This is typically Category 6 UTP cable that interconnects the building distributor with each of the floor distributors in the building.
Horizontal cabling—This is predominantly Category 6 UTP cabling.
Network Cabling
Testing
Once the Network is setup in the ACME Corporation first we need to the Penetration Testing( which helps to save company’s valuable time and resources)
Penetration testing helps corporation to fix the service flaws, improper configurations and as well as end user security policies.
It also helps the corporation to identify and prioritize the secure tasks.
Once the penetration testing is done it will be ready to start.
Cost Estimation
The major challenges for the Network Setup for the corporation is vulnerability of the Mobile carriers.
Monitoring the System Configuration and the Security.
The attacks which cause the corporation high impact for unauthorized recipients.
The Alerts which the security engineers and analysts cannot resolve.
Challenges
As discussed, we will providing the best service in setting up the campus.
Security will be our main priority.
Meeting the requirements will be our primary focus.
Try to maintain logs for the issues through Service Now ticketing service.
Setting up the Firewall and Security Layer will be the first task and then moving toward setting up the campus.
Conclusion and Future Plans
