BN203 Network Security: Network Design for B2B Solutions
In your role as a Network Security Architect at B2B solutions, you are leading a team of several Network Administrators. B2B solutions is a medium sized organisation and is currently expanding its operations.
The company has acquired six sites across Melbourne to accommodate its various departments. You have been asked to design a secure network across six sites. You have to ensure that the flow of data across networks must be confidential and that web-based filtering is in place. Another requirement is to have role-based access control for each department. The network should also span six buildings with a router in each building to join the networks. It is assumed that each building will have its own single subnet. Company expects approximately 500 workstation across all the sites with approximate numbers in each building as follows:
- Finance Office - 100 workstations
- Transport Office - 50 workstations
- Research Office - 25 workstations
- Sales Office - 25 workstations
- Information technology - 250 workstations
- Head Office - 50 workstations
Write a report on a secure network plan including following:
- Draw a complete network design for above scenario. (Include block diagram for each SITE)
- Without security, what are the possible security threats to network? Write down all assumptions you made during the design of secure network.
- Project hardware requirements such as name of the security network devices, with manufacturer’s name, series, model, type of cables etc. Also list cryptographic standards your prosed networking devices are able to use for security.
- With the help of cryptographic algorithms, write justification of how this proposed secure network design ensure confidentiality, integrity, availability and authentication. (CIAA).
Answer:
Introduction
The report contains the information about the network design for the B2B solutions. I am the Network Security Architect and I have been handed the role of Network Administrator and I am responsible for designing the network for the company. The company is looking to implement a subnet solution for the network within the organization that would be dividing the network into six sub divisions and would also improve the security and the authentication system within the network.
This report provides the information about the network design of the company and also the required sub networking of the network into different divisions.
This report consists of the information about the network design and a brief discussion about the network design is also provided in this report. The justification about the network and the hardware requirements for the network that is to be constructed for the company is also provided in this report.
Network Requirements
The B2B Company is looking to improve the security within their network and hence the network structure for the company is to be relayed. The company has provided information about the type of network that they are looking to implement for their offices and the different departments.
The network is required to be sub netted into 6 different sub nets. The different departments of the company are finance office, the head office, transport office, the research office, the sales office, the information technology department and the head office. In addition to this, the company has provided the further requirements about the network to me as I am the designer of the network.
The company wants to implement around 500 workstations in their networks. The layout of the network should be as the mentioned criteria that are stated below.
- Finance Office - 100 workstations
- Transport Office - 50 workstations
- Research Office - 25 workstations
- Sales Office - 25 workstations
- Information technology - 250 workstations
- Head Office - 50 workstations
The company is also looking to implement a proper sub network system within the organization that would be completely secured logically and also by means encryption techniques so that proper authentication within the network is maintained.
Design of the Security Network
Description of the Security Network
The network solution that is provided above is divided into six distinct sub networks. The design provides the information about the sub netting technique that is used on the physical network and the logical calculation about the network is provided below.
Major Network: 10.0.0.0/22
Available IP addresses in major network: 1022
Number of IP addresses needed: 500.
Available IP addresses in allocated subnets: 564.
About 56% of available major network address space is used.
About 89% of subnetted network address space is used.
|
Subnet Name |
Needed Size |
Allocated Size |
Address |
Mask |
Dec Mask |
Assignable Range |
Broadcast |
|
Information_Technology |
250 |
254 |
10.0.0.0 |
/24 |
255.255.255.0 |
10.0.0.1 - 10.0.0.254 |
10.0.0.255 |
|
Finance_Offfice |
100 |
126 |
10.0.1.0 |
/25 |
255.255.255.128 |
10.0.1.1 - 10.0.1.126 |
10.0.1.127 |
|
Head_Office |
50 |
62 |
10.0.1.128 |
/26 |
255.255.255.192 |
10.0.1.129 - 10.0.1.190 |
10.0.1.191 |
|
Transport_Office |
50 |
62 |
10.0.1.192 |
/26 |
255.255.255.192 |
10.0.1.193 - 10.0.1.254 |
10.0.1.255 |
|
Research_Office |
25 |
30 |
10.0.2.0 |
/27 |
255.255.255.224 |
10.0.2.1 - 10.0.2.30 |
10.0.2.31 |
|
Sales_Office |
25 |
30 |
10.0.2.32 |
/27 |
255.255.255.224 |
10.0.2.33 - 10.0.2.62 |
10.0.2.63 |
This configuration would be implemented for the network this would help in sub netting the network for the system efficiently.
Risks to the network
There are various types of risks that are involved with the implementation of a network within an organization. The most likely risks that can occur within the network are:
Data Breaches: Various type of data breaches can occur within the network. Data theft can occur in the network. The data within the network can also be hampered and tampered with. If the data of the organization is leaked out the organization can be hampered badly.
Employee Theft: The data from within the organization can also be leaked by an employee of the organization. The data from the company can acquired and the can be handed over to the rival organization and also if the attackers gate the access to the network they can very easily perform the DoS attack on the network.
Weak Access Control: The weak access control within the network would allow easy access to the attackers and they can perform the man in the middle attacks within the network to obtain sensitive data from the network and also the security within the network would be hampered.
Privilege Misuse: The network would consist of different levels of authentication and different staffs of the organization would be assigned different levels of privileges within the network. Hence, this would provide the staffs within the organization the chance to misuse these opportunities.
Considering all the risks and the requirements of the company some further assumptions were made before the designing of the network. It was assumed that the 10.0.0.0/21 subnet would be used for the network. In addition to this, there can be additional systems installed in the network and hence, the scope for the installation of the additional machines within the system was also made.
Hardware Requirements for the network
For the implementation of the network the Cisco SPA122 Small Business ATA with Router are being used. These are a product of Cisco. The price of each router is about $1000. In addition to this the connection to the machine can be done with the help of the CAT5 cables. The network would also require some additional switches to spread the network among the six different departments and also within the departments. The D-Link 24 port switches can be used in the network and cost of these switches is around $150 each.
Justification of the network design
The network that is designed is done as per the instruction of the company and the requirement criteria provided by them. This design is very useful in proving ample amount of security to the network and also is very helpful in dividing the network successfully into six divisions. The network design would be useful in providing the options of authentication for the systems and this would also effect in avoiding any type of external intrusions for the networking system. The network would into the following sub divisions as provided below:
Information Technology- 10.0.0.0/24 255.255.255.0 10.0.0.1 - 10.0.0.254 10.0.0.255
Finance Office- 10.0.1.0/25 255.255.255.128 10.0.1.1 - 10.0.1.126 10.0.1.127
Head Office- 10.0.1.128/26 255.255.255.192 10.0.1.129 - 10.0.1.190 10.0.1.191
Transport Office- 10.0.1.192/26 255.255.255.192 10.0.1.193 10.0.1.254 10.0.1.255
Research Office- 10.0.2.0/27 255.255.255.224 10.0.2.1 - 10.0.2.30 10.0.2.31
Sales Office- 10.0.2.32/27 255.255.255.224 10.0.2.33 - 10.0.2.62 10.0.2.63
In addition to this, the firewalls are installed into the network for the security of the network and for protecting the data packets that are flowing within the network. Encryption and decryption techniques are also incorporated within the network. The network is encrypted with the 3 DES encryption system.
Conclusion
For conclusion it can be said that the security in any particular network is very important. Main concern in our report is regarding the B2B company and the company is looking to implement a subnetwork for their company. I am the Network Security Architect and I have been handed the role of Network Administrator and I am responsible for designing the network for the company. This report provides the information about the network design of the company and also the required sub networking of the network into different divisions. This report consists of the information about the network design and a brief discussion about the network design is also provided in this report. The justification about the network and the hardware requirements for the network that is to be constructed for the company is also provided in this report.
Bibliography
- Anandakumar, S., 2015. Image Cryptography Using RSA Algorithm in Network Security. International Journal of Computer Science & Engineering Technology, 5(9).
- Bhatia, P. and Sumbaly, R., 2014. Framework for wireless network security using quantum cryptography. arXiv preprint arXiv:1412.2495.
- Gill, M. and Kakkar, A.G., 2016. Wireless Sensor Network Security Using Certificateless Cryptography(Doctoral dissertation).
- Joshi, M.R. and Karkade, R.A., 2015. Network security with cryptography. IJCSMC, 4(1), pp.201-204.
- Kapoor, V. and Yadav, R., 2016. A Hybrid Cryptography Technique for Improving Network Security. International Journal of Computer Applications (0975–8887) Volume.
- Kumar, A. and Bose, S., 2017. Cryptography and network security. Pearson Education India.
- Manshaei, M.H., Zhu, Q., Alpcan, T., Bac?ar, T. and Hubaux, J.P., 2013. Game theory meets network security and privacy. ACM Computing Surveys (CSUR), 45(3), p.25.
- Stallings, W. and Tahiliani, M.P., 2014. Cryptography and network security: principles and practice(Vol. 6). London: Pearson.
- Van Tilborg, H.C. and Jajodia, S. eds., 2014. Encyclopedia of cryptography and security. Springer Science & Business Media.
Buy BN203 Network Security: Network Design for B2B Solutions Answers Online
Talk to our expert to get the help with BN203 Network Security: Network Design for B2B Solutions Answers to complete your assessment on time and boost your grades now
The main aim/motive of the management assignment help services is to get connect with a greater number of students, and effectively help, and support them in getting completing their assignments the students also get find this a wonderful opportunity where they could effectively learn more about their topics, as the experts also have the best team members with them in which all the members effectively support each other to get complete their diploma assignments. They complete the assessments of the students in an appropriate manner and deliver them back to the students before the due date of the assignment so that the students could timely submit this, and can score higher marks. The experts of the assignment help services at urgenthomework.com are so much skilled, capable, talented, and experienced in their field of programming homework help writing assignments, so, for this, they can effectively write the best economics assignment help services.
