Wait a second!
More handpicked essays just for you.
More handpicked essays just for you.
Security issues with cloud computing
Don’t take our word for it - see why 10 million students trust us with their essay needs.
Recommended: Security issues with cloud computing
Running Header: GFI: Risk Assessment UNCLASSIFIED 1
GFI: Risk Assessment UNCLASSIFED 19
GFI: Risk Assessment
SGTs Cranston, Patterson, Zagurski
NCOA
SSG Fekete
Contents
1. Background and Purpose
2. Network Inventory, Value, and Priority
3. Perimeter Security: Access Vectors, Vulnerabilities, and Solutions
4. Remote Access Vulnerabilities and Solutions
5. Authentication and Data Protection for Mobile Devices
6. Wireless Security, Vulnerabilities, and Mitigations
7. Evaluate the Authentication Protocols in the Networks
a. Wired
b. Wireless
c. Mobility
8. Web System Protocols and Vulnerabilities
9. Web Access
10. Cloud Computing
11. Final Thoughts
Background and Purpose
Global Finance, Inc.
…show more content…
Two routers demark the border between internet and intranet. Internal to these routers are two more routers, creating the appearance of a demilitarized zone (DMZ). However, there are access points, the wireless antenna system and the remote access server (RAS), that provide deeper intranet access that do not rely on the DMZ, rendering the latter rather decorative than substantial. Lastly, there is the virtual private network (VPN) that makes use of the edge routers and provides greater intranet access. Over all, there are four access points: VPN, two edge routers, the RAS, and the wireless system. The RAS, VPN, and wireless provide internal access.
The wireless antenna array is vulnerable to masquerade (with credentials taken from and evil-twin attack or dumpster dive). Combining a MAC address or IP spoofing attack to work around any whitelist efforts would gain access to the internal network. The router that services the VPN likely just forwards all traffic as port and IPs to filter on would be inapplicable. This, for all intent, puts the VPN on the edge making it
…show more content…
This allows us to establish the wireless network with a simple WPA2 password for employee access. We also recommend establishing a guest wireless network with limited capability to browse the internet that doesn?t require a password for authentication.
Another benefit of an online portal is that users can work from home or from satellite offices as needed. For the sake of redundancy, it may be prudent to keep the Virtual Private Network (VPN) connection to our satellite office; however, it would not be necessary. It would also be wise to remove the RAS and PBX from the company network. These legacy systems allow remote dial-up users to authenticate to the network, but their functionality could be accomplished through a web browser under the new system.
Though it may be initially costly to implement, the increased functionality and ease of access to a browser-based portal system should provide exceptional returns on investment. This scalable selection will also improve the security of the network and proprietary
In order to protect the application servers from the internet, the most common un-trusted network, the proposal suggests a firewall to be installed between the internal network and external router. The firewall would be an Adaptive Security Appliance (ASA) firewall, "the ASA is not just a pure hardware firewall. In brief, the Cisco ASA is a security device that combines firewall, antivirus, intrusion prevention, and virtual private network (VPN) capabilities. It provides proactive
The current information regarding the security of Riordan Manufacturing's WAN is sparse at best. The diagrams supplied to our organization show the network setup for each facility. Information regarding the port configuration, router configuration, and any security software is not available at this time. An inventory of each site and a brief description of possible security settings and procedures for each facility will follow.
DMZ – Demilitarized Zone - (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the
The deployed wireless network automatically disables rogue access points when required. In order to connect to the wireless network, all wireless laptops are required to be the current domain members. A group policy is enforced to all domain members so as to lock their system to SSID access point. For network layer protection, firewalls must be installed throughout the network. Wireless connections should always be WPA2 secured. All systems must have anti-virus software which provides protection from viruses. To ensure that only valid users access the network system, server certificates are installed in the
As an IT manager It has probably already been beaten into you that you must use Wi-Fi Protected Access. However, it shouldn’t stop there. Other aspects for your business to consider is the ability to support a high-density of mobile devices, PCI Compliance, or HIPPA Compliance and Reporting? Is ease of deployment and use important because of limited IT resources? Is your business looking for additional features such as social login, analytics and so on...
Describe the policies for remote user access and authentication via dial-in user services and Virtual Private Networks (VPN)
ABC healthcare senior management should specify what is deemed acceptable using personal computers devices when connected to the ABC healthcare network. Also if a wireless network is available one wireless need to be connected to the domain with a WPA2 encryption and the other for the public with an acceptable use of policy notice agreement before connected to the open network.
In conclusion, a local area network is made up of computers and a myriad of devices, such as routers, servers, switches, and firewalls. In order for it to connect to the Internet, a router must be installed. Servers provide special functions such as printing, file sharing, etc. Switches connect the computers together from different parts of the network. Firewalls prevent unauthorized access. There are a host of other devices that may be used as well. These devices are hubs, gateways, repeaters, wireless access points,
Virtual Private Network presents some advantages over the traditional network technologies. VPN offers direct cost savings over leased lines or long-distance calls for remote access, savings resulting from reduced training requirements and equipment, increased flexibility, scalability, and security. The main advantage of VPN is the cost savings of Internet VPN when compared to networks built using conventional leased lines. Leased lines include tariffs that have an installation fee, a fixed monthly cost, and a mileage charge. The cost to an organization of traditional leased lines may be reasonable at first but can increase exponentially as the organization grows. As an organization grows and more companies must be added to the network, the number of leased lines required increases dramatically. VPN that utilizes the Internet avoids this problem by simply tapping into the geographically distributed access already available. Another way VPN reduces costs is by reducing the need for long-distance telephone charges for remote access. Instead of having the offsite team of a company dial into the corporate modem bank via long distance lines, the company’s VPN allows them to simply place local calls to the ISP’s POP in order to connect to the corporate network.
This proposal is for a small office that will have users who are connected by Wi-Fi or cable. The network will include devices and resources that is shared among all the users. The network will need to have security measures in place to protect the entire network and keep the wireless access secure and available only to employees of the company.
Virtual private networks (VPN) provide an encrypted connection between distributed sites over a public network (e.g., the Internet). By contrast, a private network uses dedicated circuits and possibly encryption. The basic idea is to provide an encrypted IP tunnel through the Internet that permits distributed sites to communicate securely. VPN's permit secure, encrypted connections between a company's private network and remote users through a third-party service provider. A VPN can grow to accommodate more users and different locations much easier than a leased line. In fact, scalability is a major advantage that VPN's have over typical leased lines (dedicated circuits). Unlike with leased lines, where the cost increases in proportion to the distances involved, the geographic locations of each office matter little in the creation of a VPN.
For the most part we have addresses the needs of our sales force on a case by case basis but going forward we really need to ensure we have a defined policy to streamline remote access. To accomplish this there are a few benchmarks we need to achieve. First of all the network has to be reliable or in more technical terms it needs to have high availability. Most importantly we need to make sure that the network is secure as much as it is possible with all the different types of users asking for access. Lastly, we need to address how we handle employees using personal or non-company issued computers and how we ensure that those machines meet of other remote access policies.
Lock Down Your Wi-Fi Network: 8 Tips for Small Businesses | PCWorld. (n.d.). Retrieved from http://www.pcworld.com/article/244012/lock_down_your_wi_fi_network_8_tips_for_small_businesses.html
Introduction: This is a 21th century, technology is the most important and improved thing of the human life. It makes life easier and faster. Development of faster sophisticated technology we have better and fast life. So all we are connect each other by computer network. There are two different way of network: Wired and wireless. Now day we can found network almost everywhere. Home, business, public place, Airport, Planes, hospitals, school, train everywhere we can found networking. Therefore, almost every sector of the economy that has affected by wired and wireless technology. Wired network and wireless protect both has security, But in general wireless network is less secure than wired networks. For proper security AP (access point) and its antenna should be right position. Also add a wireless access point or use a wireless router we can connect to network wirelessly. AS we using more and more of devices (smart phones, tablet and computers) rely on wireless networking, we have to improve our network security too.
The Internet has revolutionized the computer and communications world like nothing before. The Internet enables communication and transmission of data between computers at different locations. The Internet is a computer application that connects tens of thousands of interconnected computer networks that include 1.7 million host computers around the world. The basis of connecting all these computers together is by the use of ordinary telephone wires. Users are then directly joined to other computer users at there own will for a small connection fee per month. The connection conveniently includes unlimited access to over a million web sites twenty-four hours a day, seven days a week. There are many reasons why the Internet is important these reasons include: The net adapts to damage and error, data travels at 2/3 the speed of light on copper and fiber, the internet provides the same functionality to everyone, the net is the fastest growing technology ever, the net promotes freedom of speech, the net is digital, and can correct errors. Connecting to the Internet cost the taxpayer little or nothing, since each node was independent, and had to handle its own financing and its own technical requirements.