IS3220 Assignment 3 Essay

981 WordsApr 9, 20144 Pages
As part of the network security team, we will be proving IDI with a network security plan to mitigate the vulnerabilities that have been discovered. A secure site will be set up with network intrusion detection and network protection systems will be available to access via the internal network. Policies will be presented for remote access and the use of VPN. Also contained within this report will be strategies for hardening the network and mitigating risks. An updated network layout with increased network security to meet the current needs will be included. In the interest of business continuity, remote access will be utilized. User wishing access to internal network assets will only be able to access said assets with the use of a…show more content…
MAC address filtering will allow the servers to accept incoming traffic from predetermined hosts. To further secure the local area network, the network security team will be implementing the principle of least privilege in regards to the users. By using the principle of least privilege we will be preventing multiple forms of malicious or accidental risks by only giving the user the permissions and privileges necessary to complete their job. Microsoft’s default security software is commonly used and well known making the vulnerabilities well known, which would make it easier for a hacker to plan out an attack. Third party antivirus\malware and firewall software will be used on all machines. The servers located within the network will make use of a statefull firewall to monitor and filter all traffic on the network by scanning for congruence between data packets. The public facing servers used to connect the internal webserver to the customer website are contained within the demilitarized zone. Due to the demilitarized zones proximity to the wide area network, we will be taking a layered security approach. There will be a statefull firewall located between the router and the demilitarized zone. This firewall will protect the internal network via the LAN-to-WAN connection by performing in-depth packet inspection and closely

More about IS3220 Assignment 3 Essay

Open Document