Tuesday, May 5, 2020

Network and Security Architecture

Question: Describe about the Network and Security Architecture? Answer: Network security The network securities of the two different areas are control using the firewall and access control list in each router. Here the network analyzer indentify the initial data Security in networking refers to those practices, advancements and/or administrations used to guarantee that security shields was applied suitably to data, which is provides, handled and put away by the State. The network architecture is designed for connect two different WAN through the internet but this two different network has own security mechanism (Bae, 2015). Here the network designer implement one west building structure with many IP phones and another east building structure with a set of IP phones. These two buildings are set as different wide area network (WAN). The router DHCP server which is connected with the data center router (R_DC) and the ISP router (R_ISP), that is shown in the below figure 1. Figure 1: Network Architecture of two WAN connections. (Source: Created by author) Detail Network security in WAN Here the analyzer listed the entire information of two wide area network implementation in the above figure 1 it shown as west building and east building. The programmer use firewall and access control list in both section to restrict the unauthorized access. The router of west building filters all ICPM request come via the east-building router (Nogueira, Silva, Santos Pujolle, 2012). These two router is connected to the data center which also filter all packet using its routing table information. After verify a packet the router send this packet to the next hop which is Router(R_ISP) then the DHCP server assign the IP address to the requesting device (Polito, Zaghloul, Chamania Jukan, 2011). Figure 2: IP phone dialing (Source: Created by author) Now, using each router configuration the security methodology is describe in the below. The ACL and the firewall configuration is also mention in this part, which is implementing, in the above figure 1. Confirm that any gadget will not have the capacity to access the web (4.2.2.0/24), because the developer does not have NAT arranged. Presently, arrange NAT on the Data Center switch (Bae, 2015). The ACL was designed as takes after, deny VLAN 40 subnet in WB, deny VLAN 35 subnet in EB (with the exception of switches/administrator portable PC), and allow the various subnets. Here the software engineer did not allow any; license the particular subnets for practice. Shockingly, they did not do some other ACL hone; the developer was going to make an ACL in every building to prove the permit to the administrator tablets to telnet to the switches/switches (Saleh Liang Dong, 2013). Therefore, the programmer use this access control list and firewall configuration to some specific router to prevent the access to others unwanted gadgets. Here every connection is connecting through the serial DTE and copper cable connection at 200000-clock speed. The detail of the connection is given in the fig ure 4. Figure 3: IP phone Receiving (Source: Created by author) Network Security Tools This segment refers to those practices, advancements and administrations used to manage, break down, channel, test and/or control security shields. For instance, firewall innovation gives an instrument through which confirmation, approval, separating and guiding of remote clients to an inner framework can be suited. Regularly the analyzers security toolbox will be included a mix of commercial off-the support items, industry demonstrated free shareware, and Agency created programming instruments. The instruments may be situated on the edge of frameworks or incorporated into the frameworks; and may be sent on either an operational or as required premise. Samples of normal innovations inside of an association's security toolbox incorporate firewall innovation, weakness scanners, and sniffers (Nogueira, Silva, Santos Pujolle, 2012). Figure 4: access list and clock rate (Source: Created by author) Measures The utilization of TCP/IP must use firewall innovation. Every network must test its firewall innovation on an intermittent premise to guarantee consistence with security approaches. Every network must send multi-layered assurance at the Internet door, the system server and the desktop levels to keep the presentation of vindictive code into the framework (Polito, Zaghloul, Chamania Jukan, 2011). Best Practices Inside of the WAN, firewall innovation should to be actualizing to ensure delicate inward data. Every network ought to be able to screen and catch activity at any area inside of their system. Every WAN ought to utilize arrange and have helplessness scanners to test for the vulnerabilities of inward frameworks and of edge resistances, and their adherence to security strategy. Coming about vulnerabilities should be treatment for keep the network safe (Saleh Liang Dong, 2013). Every WAN have to examine all approaching email for presence of malignant code, contain, and annihilate that code. Every WAN area should keep Virus marks current by redesigning infection marks week after week at the very least. References Bae, W. (2015). Designing and verifying a P2P service security protocol in M2M environment. Peer-To-Peer Networking And Applications. https://dx.doi.org/10.1007/s12083-015-0396-1 Nogueira, M., Silva, H., Santos, A., Pujolle, G. (2012). A Security Management Architecture for Supporting Routing Services on WANETs. IEEE Transactions On Network And Service Management, 9(2), 156-168. https://dx.doi.org/10.1109/tnsm.2012.011812.100071 Polito, S., Zaghloul, S., Chamania, M., Jukan, A. (2011). Inter-Domain Path Provisioning with Security Features: Architecture and Signaling Performance. IEEE Transactions On Network And Service Management, 8(3), 219-233. https://dx.doi.org/10.1109/tcomm.2011.072611.100047 Saleh, M., Liang Dong,. (2013). Real-Time Scheduling with Security Enhancement for Packet Switched Networks. IEEE Transactions On Network And Service Management, 10(3), 271-285. https://dx.doi.org/10.1109/tnsm.2013.071813.120299

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.