Deric Law CGS00479903
1. Improving Network Topology Draw the topology of the network that you are currently using. Be sure to include addressing structures, network architecture, and include devices such as core switches, workgroup switches, firewalls, routers, and other network devices. Analyze the security of the topology and then draw a proposed new topology. Be sure to include security detection systems as well as security zones. Kazakhstan International School had implemented their network infrastructure since 2007. The school had around 100 computers and every computer is connected to Internet, serving more than 200 users. The school uses 3 subnets to divide the general administration, computer laboratory and Classrooms. Internet service provider (ISP) of the school is Corporate Telecommunication System (CTC), provided the Fibre Optic network connection for the school. The internal network IP addresses make up of 192.168.1.1 - 192.168.1.254, (General Administration) 192.168.2.1 – 192.168.2.254, (Classroom PC) 192.168.3.1 – 192.168.3.254 (Computer Laboratory) With the subnet 255.255.255.0 Majority of the network topology in the school are makeup of star topology. The figure below shows a section of the network topology (Star Topology) in Kazakhstan International School.
The school do not have managed switch, all of the switches in the school are of unmanaged switches. The number of ports of the switch range from 4 to 24. The models of the switches are D-Link DES-1024D, D-Link DES-1008D, and D-Link DES-1005D. They support the network speed up to 100 Mbps.
Deric Law CGS00479903
As of the internet connection, the school had setup a proxy server with the firewall software in between the ISP and the user. The Router from the ISP provides two external connections for the school through its fibre optic network: 1. External IP address 172.25.146.1 Subnet Mask 188.8.131.52 Connection within Kazakhstan WAN 100 Megabits per second (Download and Upload Speed) Internet Connection 10 Megabits per second (Download) & 5 Megabits per second (Upload Speed)
2. External IP address 172.18.146.1 Subnet Mask 184.108.40.206 Connection within Kazakhstan WAN 100 Megabits per second (Download and Upload Speed) Internet Connection 512 Kilobits per second (Download & Upload speed)
The proxy server directs network traffic according to the school network policy rules. The entire Internet access was monitored and filtered through its software. It produces a monthly user usage report and the result was then emailed to the user by the system. The school apply a very strict filtering scheme, since all the students had access to the internet through the school network. The proxy server also adds a layer of firewall through its software. As of the wireless network, the school using the static TCPIP address through the RJ45 connection. The wireless networks follow the 801.11g IEEE standard which uses Wi-Fi Protected Access Pre-Shared Key (WPA-PSK) wireless security. The speed provided for the WIFI users can go up to 54 Megabits per second. The School uses a few Netgear WGR614 Wireless-G Routers to manage the wireless network. The wireless router provides a built-in layer of firewall for all the WIFI users. The users must also provide the user login information for the proxy server in order to access the internet on top of the usual wireless connection password. The Local Area Network (LAN) of the school connects the computers together throughout the entire campus. There are a few solutions and software build on top of the LAN, 1. The Vypress Chat enable PC users to chat with each other, send documents across the different PCs, read & post bulletins, participate in the school forum only using the LAN connection. 2. The NetSupport enable the IT Department to provide instant Help-desk operation on any PC within the campus. It allowed screen-sharing, monitoring, control and other...
References: Scarfone, Karen; Mell, Peter (February 2007). "Guide to Intrusion Detection and Prevention Systems (IDPS)". Computer Security Resource Center (National Institute of Standards and Technology) (800-94). http://csrc.ncsl.nist.gov/publications/nistpubs/800-94/SP800-94.pdf. Retrieved 1 January 2010. Whitman, Michael E.; Mattord, Herbert J. (2008). Principles of Information Security. Course Technology. pp. 290–301. ISBN 9781423901778. Anderson, Ross (2001). Security Engineering: A Guide to Building Dependable Distributed Systems. New York: John Wiley & Sons. pp. 387–388. ISBN 9780471389224. Anderson, James P., "Computer Security Threat Monitoring and Surveillance," Washing, PA, James P. Anderson Co., 1980. Denning, Dorothy E., "An Intrusion Detection Model," Proceedings of the Seventh IEEE Symposium on Security and Privacy, May 1986, pages 119–131 Lunt, Teresa F., "IDES: An Intelligent System for Detecting Intruders," Proceedings of the Symposium on Computer Security; Threats, and Countermeasures; Rome, Italy, November 22–23, 1990, pages 110–121. Lunt, Teresa F., "Detecting Intruders in Computer Systems," 1993 Conference on Auditing and Computer Technology, SRI International Sebring, Michael M., and Whitehurst, R. Alan., "Expert Systems in Intrusion Detection: A Case Study," The 11th National Computer Security Conference, October, 1988 Smaha, Stephen E., "Haystack: An Intrusion Detection System," The Fourth Aerospace Computer Security Applications Conference, Orlando, FL, December, 1988 Vaccaro, H.S., and Liepins, G.E., "Detection of Anomalous Computer Session Activity," The 1989 IEEE Symposium on Security and Privacy, May, 1989 Teng, Henry S., Chen, Kaihu, and Lu, Stephen C-Y, "Adaptive Real-time Anomaly Detection Using Inductively Generated Sequential Patterns," 1990 IEEE Symposium on Security and Privacy
Deric Law CGS00479903
Heberlein, L. Todd, Dias, Gihan V., Levitt, Karl N., Mukherjee, Biswanath, Wood, Jeff, and Wolber, David, "A Network Security Monitor," 1990 Symposium on Research in Security and Privacy, Oakland, CA, pages 296–304 Winkeler, J.R., "A UNIX Prototype for Intrusion and Anomaly Detection in Secure Networks," The Thirteenth National Computer Security Conference, Washington, DC., pages 115–124, 1990 Dowell, Cheri, and Ramstedt, Paul, "The ComputerWatch Data Reduction Tool," Proceedings of the 13th National Computer Security Conference, Washington, D.C., 1990 Snapp, Steven R, Brentano, James, Dias, Gihan V., Goan, Terrance L., Heberlein, L. Todd, Ho, Che-Lin, Levitt, Karl N., Mukherjee, Biswanath, Smaha, Stephen E., Grance, Tim, Teal, Daniel M. and Mansur, Doug, "DIDS (Distributed Intrusion Detection System) -- Motivation, Architecture, and An Early Prototype," The 14th National Computer Security Conference, October, 1991, pages 167– 176. Jackson, Kathleen, DuBois, David H., and Stallings, Cathy A., "A Phased Approach to Network Intrusion Detection," 14th National Computing Security Conference, 1991 Paxson, Vern, "Bro: A System for Detecting Network Intruders in Real-Time," Proceedings of The 7th USENIX Security Symposium, San Antonio, TX, 1998 Amoroso, Edward, "Intrusion Detection: An Introduction to Internet Surveillance, Correlation, Trace Back, Traps, and Response," Intrusion.Net Books, Sparta, New Jersey, 1999, ISBN 0-9666700-7-8 Kohlenberg, Toby (Ed.), Alder, Raven, Carter, Dr. Everett F. (Skip), Jr., Esler, Joel., Foster, James C., Jonkman Marty, Raffael, and Poor, Mike, "Snort IDS and IPS Toolkit," Syngress, 2007, ISBN 978-1-59749-099-3 Barbara, Daniel, Couto, Julia, Jajodia, Sushil, Popyack, Leonard, and Wu, Ningning, "ADAM: Detecting Intrusions by Data Mining," Proceedings of the IEEE Workshop on Information Assurance and Security, West Point, NY, June 5–6, 2001 Intrusion Detection Techniques for Mobile Wireless Networks, ACM WINET 2003
Please join StudyMode to read the full document