IMPLEMENTING NETWORK SECURITY
Download
Report
Transcript IMPLEMENTING NETWORK SECURITY
Implementing Network Security
SCCS SECURIT Y INC.
P R E PA R E D F O R
FRANKLIN MEDICAL SUPPLIES
ITEC495 – TEAM D
Introduction
NETWORK SECURITY OVERVIEW
“The protection of networking components, connections, and content”
(Whitman & Mattord, 2005).
Small piece of the overall information security pie.
Management, computer and data, policy, and network security.
Focus on network security.
Provide tools for a proactive approach
to information security overall.
IMPLEMENTING NETWORK SECURITY | SCCS SECURITY INC.
Scenario | Franklin Medical Supplies Needs
PROBLEM IDENTIFICATION
Franklin Medical Supplies is looking for a solution to secure their
outdated network.
CURRENT OPERATING ENVIRONMENT
Franklin Medical Supplies has one three-floor building with one leased
cable broadband connection entering the building.
The broadband connection connects the Franklin Medical Supplies local
area network (LAN) to the metropolitan area network (MAN) hosted by their
internet service provider.
The broadband connection is connected to a centrally located 24-port 10BaseT hub that networks four 24-port 10-BaseT bridges on each floor of
the building.
IMPLEMENTING NETWORK SECURITY | SCCS SECURITY INC.
Scenario | Franklin Medical Supplies Needs
CURRENT OPERATING ENVIRONMENT (Continued)
The current 10-BaseT hub is using outdated software with no firewall
protection.
Of the 120 networked nodes, there are 85 workstations running Windows
XP—each with outdated virus protection, security software patches, an no
firewall protection.
The protocols used are a mesh of IPX/SPX (printers) and TCP/IP (servers,
workstations, laptops).
During normal business operating hours, system uptime is considered
critical and any amount of considerable downtime can cause severe
revenue loss for Franklin Medical Supplies.
IMPLEMENTING NETWORK SECURITY | SCCS SECURITY INC.
Scenario | SCCS Security Inc. Solutions
SOLUTION RECOMMENDATION
SCCS Security Inc. to provide a complete network security solution for
Franklin Medical Supplies.
DELIVERABLES
A detailed threat analysis will be performed on the Franklin Medical
Supplies Network.
A Cisco Catalyst Express 500 10/100/1000Base-t switch will replace the
centrally located 24-port hub.
Each floor’s bridge will also be replaced with a Cisco Catalyst Express 500
switch.
IMPLEMENTING NETWORK SECURITY | SCCS SECURITY INC.
Scenario | SCCS Security Inc. Solutions
DELIVERABLES (Continued)
All unused ports on the switch will be disabled through the switches
management interface, protecting from unauthorized device plug-ins.
The main internet connection will have a Cisco Catalyst 6500 firewall that
can control and block unnecessary traffic.
A corporate version of Symantec Antivirus will be used that will allow
symmetrical deployment of antivirus updates that will protect all computers
from the latest virus threats, and periodically update with zero
administration.
Microsoft’s Windows Server Update Service (WSUS) will be configured,
allowing control over deployment of Windows security updates.
IMPLEMENTING NETWORK SECURITY | SCCS SECURITY INC.
Scenario | SCCS Security Inc. Solutions
DELIVERABLES (Continued)
TCP/IP protocol will be the only network protocol used on the network,
eliminating any open communicating devices.
Active Directory accounts will be set to allow scheduled work time access
only. Any access needs that fall out of the normal business day needs
approval from the CIO.
End user training material will be disseminated to all employees,
empowering the users to make wise use of information resources.
Training will occur for all Franklin Medical Supplies personnel impacted by
the project.
A security handbook will be developed and will encompass all aspects of
network security.
IMPLEMENTING NETWORK SECURITY | SCCS SECURITY INC.
Scenario | SCCS Security Inc. Solutions
DELIVERABLES (Continued)
IMPLEMENTING NETWORK SECURITY | SCCS SECURITY INC.
Scenario | Solution Explanation
A NOVEL APPROACH
Our solution approaches the problem of network security as a process,
not a goal.
THE PROCESS
After hardware and software are installed, management begins.
Management of policies and procedures.
Overall system management and maintenance.
Ensure the process is constantly evolving with the trends in information
technology.
IMPLEMENTING NETWORK SECURITY | SCCS SECURITY INC.
Scenario | Solution Explanation
MANAGEMENT OF POLICIES & PROCEDURES
Instituting an effective policy and procedure management scheme should
not only encompass network security; but, software, hardware, data,
people, and the actual policies and procedures themselves (Whitman &
Mattord, 2005).
It is impossible to obtain a perfect information security scheme, the
process of implementing policies and procedures of how to act and react to
malicious attempts is crucial..
Training on the policies and procedures must begin at the user level and
move up to the executive levels.
Policies and procedures must be reviewed and adapted to meet the
organizational goals while maintaining security.
IMPLEMENTING NETWORK SECURITY | SCCS SECURITY INC.
Scenario | Solution Explanation
MANAGEMENT OF NETWORK SECURITY
The ISO Network Management Model can be adjusted to fit the needs of
network security and includes five areas of focus (Whitman & Mattord,
2005):
Fault management
• Configuration and change management
• Accounting and auditing management
• Performance management
• Security program management
Fault management in an information security management model involves
identifying faults in the applied information security profile and then
addressing them through remediation (Whitman & Mattord, 2005).
•
IMPLEMENTING NETWORK SECURITY | SCCS SECURITY INC.
Scenario | Solution Explanation
MANAGEMENT OF NETWORK SECURITY (Continued)
Configuration and change management in regards to network security
entails the continued administration of system and policy configuration
and the changes involved with strategy, operation, or components of the
network security program (Whitman & Mattord, 2005).
Accounting and auditing within the network security model involves the
management of monitoring internal and external system usage and
reviewing (auditing) the usage reports to identify any potential malicious
attempts or network misuse (Whitman & Mattord, 2005).
Performance management requires information technology personnel to
continually monitor the performance of all network security hardware and
software and ensure that everything is working effectively.
IMPLEMENTING NETWORK SECURITY | SCCS SECURITY INC.
Scenario | Solution Explanation
MANAGEMENT OF NETWORK SECURITY (Continued)
Security program management is closely related to the management of
policies and procedures. Once the network security infrastructure has been
implemented, the devised policies and procedures should be designed to
assist security program management (Whitman & Mattord, 2005):
“Plan-Do-Check-Act” Process
•
Plan: Planning of the risks and vulnerabilities.
•
Do: Application of internal controls to manage the risks.
•
Check: Periodic and frequent review of all policies and procedures.
•
Act: Incident response and escalation.
IMPLEMENTING NETWORK SECURITY | SCCS SECURITY INC.
Scenario | Solution Explanation
MAINTENANCE OF NETWORK SECURITY
An effective maintenance model includes external monitoring, internal
monitoring, planning and risk assessment, vulnerability assessment and
remediation, and readiness review (Whitman & Mattord, 2005).
The implementation of each of these domains will ensure that the network
security model is effectively maintained.
IMPLEMENTING NETWORK SECURITY | SCCS SECURITY INC.
Class Project | Major Challenge
COMMUNICATION
One major challenge we encountered during this project was
communication amongst our team. At times, it was difficult to get everyone
on the same page or to meet at the same times. This proved to be difficult
in the beginning and left many members wondering what the other was
doing.
LESSON LEARNED
We learned that collaborative communication—whether through e-mail or
Franklin Live—proved to be the major lesson learned during this project.
Understanding from each of the team members that not everyone had the
same schedules or could participate in the chosen capacity was crucial for
the success of this project
IMPLEMENTING NETWORK SECURITY | SCCS SECURITY INC.
Class Project | Working Prototype
SECURITY HANDBOOK
The major limit to our project, in regards to a working prototype, is the
scope of our project—installing a scenario-based network for a scenariobased company.
Although we did not install actual equipment, we devised a project timeline
and worked as though we were meeting actual deadlines.
Because we did not have anything tangible to
use for the project deliverable (like a website,
code, or database), we developed a network
security handbook that encompasses the
project as a whole from a management
perspective for our scenario-based client.
IMPLEMENTING NETWORK SECURITY | SCCS SECURITY INC.
Class Project | Q & A
QUESTIONS & ANSWERS SESSION
IMPLEMENTING NETWORK SECURITY | SCCS SECURITY INC.
Class Project | Presentation References
Whitman, M. E., & Mattord, H. J. (2005). Principles of Information Security
(2nd Edition ed.). Boston: Thomson Course Technology.
IMPLEMENTING NETWORK SECURITY | SCCS SECURITY INC.
Implementing Network Security
SCCS SECURIT Y INC.
P R E PA R E D F O R
FRANKLIN MEDICAL SUPPLIES
ITEC495 – TEAM D | SCOTT BOYD| CHRISTOPHER CARUSO | CHAZ MINTON | SHAWN NUNNALLY