Tuesday, October 29, 2019

Network Planning - Proof Of Concept


-          How to design a secured network (methods) - Plan of proper secured network
-          The different types of network security designs that will aid good network security



1

        1-      Identify network assets.
        2-      Analyze security risks.
       3-      Analyze security requirements and tradeoffs.
       4-      Develop a security plan.
       5-      Define a security policy.
       6-      Develop procedures for applying security policies.
       7-      Develop a technical implementation strategy.
       8-      Achieve buy-in from users, managers, and technical staff.
       9-      Train users, managers, and technical staff.
     10-  Implement the technical strategy and security procedures.
     11-  Test the security and update it if any problems are found.
     12-  Maintain security.

or

1 - Set Clear Administrator Privileges. 
- Set up or having proper plan for who are authorize to get in (to install the software); to make any changes or to modify the configuration system.
  
2 - Secure Your Private Network.
- Set/design the network to get access straightly to their network, without passing other permission. 
3 - Secure Endpoints by Configuring Demilitarized Zone (DMZ).

4 - Monitor the Network.
- Monitor if there are data theft detected or unauthorized people that wants to access.

5 - Maintain Firewalls.
-

6 - Establish Intrusion Detection and Prevention Systems.
-

7 - Protect Remote Access.
-

8 - Isolate Guest Wireless Local Area Network (WLAN).
-

9 - Use Encryption Programs.
-

10 - Define and Practice Continuity Plans/Disaster Recovery.
-

Set Clear Administrator Privileges.  An important first step in providing security for your network is to establish and enforce administrator privileges, managing who has authorization to install software and change system configuration settings.



Secure Endpoints by Configuring Demilitarized Zone (DMZ).  In network security, endpoint security refers to protection of the private network where it intersects with public network. The common devices used at these endpoints to connect to the public network include mail servers to send and receive emails, web servers to host websites, and proxy servers to handle requests from clients seeking resources. 

A common security configuration to protect these endpoints is a Demilitarized Zone (DMZ). A DMZ is a computer network with firewalls and other prevention systems inserted as a "neutral zone" between a company's private network and the outside public network. All incoming and outgoing communications pass through the firewall and intrusion detection and prevention systems prior to entering the private network.

Monitor the Network.  You and your cyber security providers should implement network logging and monitoring strategies. These allow companies to monitor unauthorized data transfers and unauthorized attempts to access your private network. Detection systems should provide responsible parties with appropriate alerts and scheduled reports.

Maintain Firewalls.  Firewalls are a fundamental network security solution. They are used to permit only appropriate traffic to enter and leave the private computer network. In addition to using firewalls to protect your private network from the Internet, firewalls installed within your private network can be used to segment the network into unique security domains supporting enhanced layers of defense.

Establish Intrusion Detection and Prevention Systems.  Intrusion detection systems (IDS) and intrusion prevention systems (IPS) can work together with firewalls to analyze traffic to determine if it is legitimate. An IDS product will provide alerts on invalid traffic, while an IPS will block the traffic.

Protect Remote Access.  If your employees are allowed access to your private network from remote networks, this access should only be through a firewall that protects your private network. Another option is to utilize a Virtual Private Network (VPN) that uses encryption and multi-factor authentication to provide greater security.

Isolate Guest Wireless Local Area Network (WLAN).  If your company operates a wireless local area network (WLAN) for the use of customers, guests and visitors, it is important that it is kept separate from the main company network.

Use Encryption Programs. When used properly, encryption technologies can virtually prevent files, directories, or disks from falling into unauthorized hands.

Define and Practice Continuity Plans/Disaster Recovery.  Once you have completed mapping and securing your network, assess any critical equipment or systems and evaluate the potential business impact if they should fail or are breached.




2

1. Firewalls
Firewalls monitor the incoming and the outgoing traffic based on a set of predefined rules. It is a barrier that separates trusted networks from untrusted ones. Hardware, software, or both can serve as a firewall.
2. NAC

Network Access Control (NAC) strengthens your network by controlling its access. Not every user is an authorized person to access the network, and by blocking noncompliant endpoint devices, you can save your network against potential security breaches.
3. VPN

The act of encrypting a connection over the Internet from its endpoint to a network is defined as a Virtual Private Network (VPN). This technology allows remote access to secure corporate applications or other resources.
4. DLP

Data Loss Prevention (DLP) technology is responsible for securing the communication network of an organization in order to protect its sensitive data. These days, employees of an organization are prohibited to upload, forward, or sometimes to print critical information in an unprotected manner.
5. Endpoint Security

In network security, endpoint security or endpoint protection technology protects a corporate network when accessed from different remote devices. This remote access poses as a potential entry point for security threats.

6. Wireless Security
With the emergence of the mobile office culture, wireless networks and access points have become another channel for security breaches. Wireless security makes it challenging for any unauthorized access to damage your computer’s data.


References
Oppenheimer, P. (2019). Developing Network Security Strategies > Network Security Design. [online] Ciscopress.com. Available at: http://www.ciscopress.com/articles/article.asp?p=1626588 [Accessed 30 Oct. 2019].

EC-Council Official Blog. (2019). What Is Network Security? Types of Network Security - EC-Council Official Blog. [online] Available at: https://blog.eccouncil.org/what-is-network-security-types-of-network-security/ [Accessed 30 Oct. 2019].

Efraudprevention.net. (2019). 10 Steps to a More Secure Network. [online] Available at: https://efraudprevention.net/home/templates/?a=102 [Accessed 3 Nov. 2019].

-
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Key considerations for planning and undertaking research

Determine what the key considerations are for planning and undertaking research. Research questions.  Certain research quest...

  • Systems and Technologies
    Explain each system and include the features, advantages and disadvantages. Identify in which level it operates. Provide diagram where nec...
  • Activity: Types of Network
    Sabrena and Mizah. Research at least  FOUR (4) different types of network.  FOUR (4)  different types of network. 1. PAN 2. LAN 3. ...
  • Security Vulnerability Test - Penetration Testing
    Research activity Choose ONE (1) security vulnerability test. -Describe the test and purpose of the test -Discuss how it works -Pr...