Transcript network security

Hajir Abu-Khamsin
200900598
Marwa Al-Homoud
200900997
Fatimah Al-Saffar
200800488
Batool Al-Muslim
200800541
Fatimah Al-Saihati
200801239
Network Management Project
SNC-Lavalin Fayez Engineering
Company.
Course Instructor
Ms. Wesal Mohamed Ali.
Section
201
INTRODUCTION
 SNC-Lavalin Fayez Engineering Company (SLFE ) is one of the leading
engineering and construction groups in the world.
 SLFE is engineering consultancy joint venture between SNC-Lavin and
its local partners.
 SLFE was formed partly in response to Saudi Aramco’s General
Engineering service Plus.
 Projects will include:
•
On and offshore oil and gas production
•
Processing facilities infrastructure projects
•
Refining and petrochemical facilities.
NETWORK INFRASTRUCTURE
 eight floors, 600 computers.
 connected in server-client connection
All the computers of each floor are connected together using switches.
 switches connected to access points to the Nortel WLAN.
 the access points are connected to a core servers and switch using the
primary and secondary cables
 the last floor there is an IP Tel switch
 the core switches and the IP Tel switch is connected with the secure
router and juniper firewall switch using UTP/C cable.
CABLES
fiber optic cables:
Is a flexible, transparent fiber made of glass transmit light between the
two ends of the fiber.
A UTP / copper caber link:
Unshielded copper cable link that is a cable made of pairs of copper wires
that are twisted around each other
Purpose:
 Canceling out electromagnetic interference from external sources.
 Found in many Ethernet networks and telephone systems
 The switches also included
IP TELEPHONY SWITCH
 Uses the internet protocol (IP) to transmit voice or fax traffic.
 High quality voice communications.
 Requires sufficient bandwidth to ensure transmission delay is
minimized.
 Cost saving to by eliminating the need for long distance charges.
 Provide enhanced service levels to companies using the internet for
commerce or service application.
This technology brings a lot of benefits to AL-Fayez
Company since they have offshore servers and are
connected with many different networks in the region.
SWITCH AND ROUTER
switch is a small hardware device
that joins multiple computers together
within one LAN Technically, network
switches operate at layer two (Data
Link Layer) of the OSI model On the
other hand, a router is a device that
forwards data packets along networks
A router is connected to at least
two networks, commonly two
LANs or WANS or a LAN and its
ISPs network. Routers are
located at gateways, the places
where two or more networks
connect.
SATROP and SA
Secure router and a “Juniber” firewall.
Secure router and a switch.
Internet Service Providers (ISPs):
Is the company that provides its customers with access to the Internet.
It provide to the customers using a data transmission technology
appropriate for delivering Internet data packages, such as dial-up, digital
subscriber line (DSL), cable modem, wireless, and hoc link high speed.
Also, it may
provide e-mail
accounts to users
which allow them
to communicate
with each other by
sending and
receiving
electronic
messages through
server.
Internet Service Providers (ISPs):
ISP can offer us other services such as remote data storage on behalf of their
customers, as well as other services unique to each ISP.
Some examples of Internet service providers (ISPs) in our country KSA: Saudi
net in Al-Riyadh, Etihad Etisalat (Mobile) in Al-Riyadh and Sahara network
commercial Island Foundation in Al-Dammam.
Internet Service Providers (ISPs):
to choose the best ISP, there are a numbers of criteria that are building them
chose Internet service provider both at the level of the home user interested
get a link for Web browsing and e-mail or user at the level of companies or
organizations that have their own websites and may run some online business,
the most important of these criteria the number of different Internet
connections required, prices and other variables
Ways to connect to the Internet:
1. Technical.
• Dial-up.
• By direct contact Direct-Connection.
2. Through wireless technology.
All the methods required an ISP to connect to the Internet.
SERVERS
 Exchanger Server
 Domain controller
 Cluster
BACKBONE
Backbone interconnects various pieces of network,
providing a path for the exchange of information
between different LANs.
ETHERNET
The Ethernet is a type of architecture used in many local area networks
(LANs). It sets of protocols which serves the physical and data link layers.
WLAN (wireless LANs)
 uses radio waves to connect devices such as laptops to the Internet
and to your business network and applications
 They use a wireless Ethernet bridge converts a wired Ethernet device
for use on a wireless computer network.
 they use 1GB of Ethernet .
 The company they use Nortel wireless technology, Nortel Networks
Corporation, formerly known as Northern Telecom Limited and
sometimes known simply as Nortel
NETWORK TOPOLOGY
Network topology defines how the computers, or nodes, within the
network are arranged and connected to each other.
The company used bus topology, which is the simplest way that uses a
common backbone to connect all devices
The main advantages of bus topology:
 Allows relatively high rate of data transmitting.
 Failure of one of the station does not affect others
 The main disadvantages of bus topology:
 It is difficult to troubleshoot a bus
 It requires a network to detect when two nodes are transmitting at the
same time.
BACKUP
The main purpose of back up is to make copies of particular data in order
to use those copies for restoring the information in case of equipment
failure occurs or other catastrophe.
Backup Procedure:
 Daily backup (ex. Monday to Thursday for most offices)
 Weekly backup (ex. Friday for most offices)
 Quarterly backup: The company said that on the first weekend of
April, July and October, two full backups must be performed.
 Yearly backup: The company said that on the first weekend of January,
two full backups must be performed.
Backup tape storage:
If it is not possible to store the tapes offsite, they should at least be kept
in a secured place, other than the “servers room.”
The company does backup for the system on daily base and D 2 D (disc to
disc) backup.
DATA TRANSMISSION
SLFE Company using different kinds of Data transmission,
digital transmission, or digital communications is the physical
transfer of data .
Data transmission is a subset of the field of data
communications, which also includes computer networking or
computer communication applications and networking
protocols.
Is the company they rely on fiber optic cables and UTP/C
cables for transmitting data also transmit data wirelessly
through the Ethernet.
TYPES of APPLICATIONS
In SLFE Company they rely on Microsoft SQL server and Microsoft
Dynamics GP for applications.
Microsoft SQL Server continues as the database used by the company. Is a
standard programming language for retrieving information from and
updating databases .
and enables user to select, insert, update, and delete data from database
TYPES of APPLICATIONS
Microsoft Dynamics GP (formerly Great Plains):
it is software that delivers comprehensive out-of-the-box business
management functionality, from operations management and financial
management to human resource management and manufacturing.
Helps them to grow and manage them distribution business better
through:
 Improve operational efficiency
 Save time
 Reduce costs by transforming time-consuming manual processes into
automated tasks that can be executed quickly and accurately.
NETWORK SECURITY
 Involves the authorization of access to data in a network, which is
controlled by the network administrator.
 Users choose or are assigned an ID and password or other
authenticating information that allows them access to information and
programs within their authority.
 In AlFayez Company they have a very good security system where they
use a Nortel secure router.
NETWORK SECURITY
 The Nortel Secure Router 3120 is a powerful modular system that
converges routing, security and multimedia traffic forwarding in a
single cost-effective platform for enterprises.
 Makes the Secure Router 3120 ideal for high-speed Internet access,
private line WAN connectivity, IP Telephony and multimedia, IPsec
VPN, state ful firewall or data backup applications. Comprehensive
NETWORK SECURITY
They also use Juniper firewall system
is a vendor or manufacturer of Firewall appliances.
A firewall is a set of related programs, located at a network gateway
server that protects the resources of a private network from users from
other networks.
An enterprise with an intranet that allows its workers access to the wider
Internet installs a firewall to prevent outsiders from accessing its own
private data resources and for controlling what outside resources its own
users have access to.
SURF CONTROL: to monitor internet activity.
The company use Surf Control to monitor internet activity which offers a total
content security solution that combines Web and e-mail filtering technology
with the industry's largest, most accurate and relevant content database and
adaptive reasoning tools to automate content recognition.
Surf Control's Internet monitoring and policy management solutions are
flexible, saleable and interoperable to meet the diverse needs of all its
markets - corporate, education, home and OEM. Surf Control offers a choice
of platform independent or integrated solutions, and the software can be
installed in any network environment.
SURF CONTROL: to monitor internet activity.
Surf Control Web Filter provides Real-Time Monitoring, Reporting and
Analysis, as well as Categorization of URL Content to allow organizations to
effectively manage their employees' Internet Usage.
It is available as a stand-alone product for Windows NT & Windows 2000, or as
an integrated product into Microsoft Proxy Server, Microsoft ISA Server 2000,
Novell Border Manager as well as FireWall-1.
SURF CONTROL: to monitor internet activity.
Surf Control E-mail Filter manages content security of all inbound,
outbound and internal email transmissions. Surf Control Email Filter allows
for content rule definition in order to implement and enforce an
organization's Acceptable Use Policy (AUP).
Surf Control solutions
Increase Employee
Productivity, Increase
Network Bandwidth,
Reduce Legal Liability,
Protect Intellectual
Property & Improve
Security.
STRENGTHS
 The type of cabling used in this company is extraordinary.
 The company uses WLAN instead of usual wired LAN.
 Security in the company is noticeably high
 The company doesn’t use hubs which are poor kind of connectivity
devices instead they use access points.
 They use also Cisco backbone system and Nortel Ethernet technology.
WEAKNESSES
 Although using fiber optic cables and UTP/C cables is a strength to the
company it can also be some kind of weakness since it is highly
expensive.
 The company only uses Bus topology.
 The servers are stored in rooms that has windows and maybe it would
be better to not use windows to prevent sun of rain to come in the
servers room and it would provide better conditions to it.
CONCLUSION
 SNC-Lavalin is one of the leading engineering and construction groups
in the world and has offices across Canada and in other 40 countries
around the world.
 The company as mentioned above provides different consulting and
designs to different companies such as Aramco and SATROP, thus it
shares its servers with them.
 Finally SLFE Company will improve the weakness in company .such as
will improve to use another types of topology!
 But and there is a list of strength that we have found in company. the
security in the company is noticeably high since they use a very good
back up system and they use juniper switch and firewalls which
provide secure network to the company.
THANK YOU FOR LISTENING ..