You Decide: Week 5
Name:
DeVry University
NETW208: Introduction to WAN Technologies
Professor: Cook
Date:
Design Proposal Summary
The network team is proposing that access control lists (ACLs) be installed on routers at the Cleveland office. Security policies and procedures have also been considered in order to handle and maintain the ACLs.
Access controls are a sequence of instructions that a router will refer to before either allowing a packet into or out of an interface. This is done by making sure that there are security features in place that control the flow of information as well as how users access the network. An access control list is written as a sequence of one line statements that are processed by the router
…show more content…
The policies and procedures will be implemented using access control models. These models will work to enforce the rules and objectives of our security policy and will also dictate user access. Using a discretionary access control (DAC) model will allow the owner of the resources to control who has access as well as the operations that can be performed. Access will be based on the identity of the user and the role that the user plays within the company. This can be done through access control lists (ACLs), where permission is granted on a need-to-know basis.
References
Bera, P. P., Ghosh, S. K., & Dasgupta, P. P. (2010). Integrated security analysis framework for an enterprise network - a formal approach. IET Information Security, 4(4), 283-300. doi:10.1049/iet-ifs.2009.0174
Chi-Shih, C. (2012). A feasible visualized system for anomaly diagnosis of Internet firewall rules. Journal of Communication & Computer, 9(6), 679-691.
Liu, A.X. (2012). Firewall policy change-impact analysis. ACM Transactions on Internet Technology, 11(4), 1-24. doi:10.1145/2109211.2109212
Sunwook, K., Byunggu, K., Seongwoon, K., Jinwon, P., & Yongwha, C. (2012). The NADIA:
Despite the presence of network security devices such as firewalls and other security appliances, today's corporate networks are still vulnerable to both internal and external attacks by hackers intent on creating havoc. By proactively
• Prepare a 5 to 10 minute PowerPoint assisted presentation on important access control infrastructure, and
Access control refers to the mechanisms that identify who can and cannot access a network, resource, application, specific action.
“Security needs to be addressed as a continued lifecycle to be effective. Daily, there are new attack signatures being developed, viruses and worms being written, natural disasters occurring, changes in the organization workplace taking place and new technologies evolving, these all effect the security posture in the organization” (King, 2002). This being said, it is important to evaluate firewall and router rule sets more frequently. The possible threats against this policy include improperly configured network infrastructure which leads to a domino effect that could start with malicious programming which could end in data loss. Many of these threats may be unintentional as some users may not be aware of the risks and how their processes and procedures open the door for such attacks. For this reason alone, a more frequent evaluation is needed. This vulnerability could lead to data loss and the exposure of trade secrets, client lists and product design. The exposure of such information for most companies could mean a financial collapse as it no longer has the competitive edge that makes it the industry leader. While the likelihood of this threat is very high, “security risks to the network exist if users do not follow the security policy. Security weaknesses emerge when there is no clear cut or written security policy document. A security policy meets these goals:
A network administrator is configuring AcLs on a Cisco router to allow traffic from host on network
C1 - Discretionary Security Protection: In this sub division Access Control Lists (ACLs) security which protect User/Group/World. Security will protect following Users who are all on the same security level, Username and Password protection and secure authorisations database (ADB), Protected operating system and system operations mode, Periodic integrity checking of TCB, Tested security mechanisms with no obvious bypasses, Documentation for User Security, Documentation for Systems Administration Security, Documentation for Security Testing, TCB design documentation and Typically for users on the same security level.
Based on the premises that Richman has 5000 employees throughout the main office and several branch offices, this document dictates research solutions and details the appropriate access controls including policies, standards, and procedures that define who users are, what they can do, which resources they can access, and which operations they can perform on a system. |
Due in Week Seven: Outline the Access Control Policy. Describe how access control methodologies work to secure information systems
Security is almost certainly the most difficult aspect of a network to perfect. It is important to have the correct procedures and components in place to make certain network security is being accounted for and addressed on any given network. The journal, “Future Generation Computer Systems” elaborates on this necessity for an information system. “Future Generation Computer Systems”, this component of a network is discussed thoroughly. “Essentially securing an Information System (IS), involves identifying unique threats and challenges which need to be addressed by implementing the appropriate countermeasures” (Dimitrios Zissis, Dimitrios Lekkas, 2012). This was achieved through configuring access lists as well as CHAP configuration on the routers connecting to the edge
An access list is a list for each object consisting of the domains with a nonempty set of access rights for that objects.
To fully explain the acceptable use policy would mean to begin from the beginning, the user domain. The user domain is the employee or people within an organization who is granted access to the information system for the organization. There are roles and tasks, responsibility, and accountability that go into an acceptable use policy for the user domain. Within the user domain is the access of LAN to Wan, web surfing, and internet. LAN to Wan is the activities between LAN to Wan and firewalls, routers, intrusion, detection, and workstations. Web surfing determines what a user can do on company time with company resources. Internet
mandatory and discretionary access control policies. ACM Transactions on Information and System Security, Vol. 3, No. 2.
Access control rules and procedures are required to regulate who can access IDI information resources or systems and the associated access privileges. This
Role based access control is an ideology through which access to systems is restricted based on authority given. It is used by organizations with a relatively large number of employees ranging from five hundred to one thousand and above (Sieunarine & University of Oxford, 2011). This is implemented through the mandatory access control or through the discretionary access control. These are the only two ways through which role based access control can be implemented.
Access control: The ability to permit or deny the use of an object (a passive entity such as a system or file) by a subject (an active entity such as a person or process).