SlideShare a Scribd company logo

Defense in Depth Network Design

Download as DOCX, PDF
L
LinaCovington707

DEFENSE IN DEPTH 6 Introduction The objective of this paper is to visually display a defense in depth model and explain features that will encourage an overall layered defense tactic to strategically mitigate against potential threats. The network is comprised of a corporate site in Chicago where all servers are located to include: Web server, file server, print server, mail server, and ftp server. This connection to the Internet has a speed of 50mbps with 300 employees that have access to the Internet, as well as local and corporate resources. There is also one remote site that is 8 miles away with 20 employees that need access to all resources at corporate as well as an Internet connection with the limitation of 3mbps. In this design all network devices will be utilized to include: routers, switches, hubs, firewalls, VPN’s, and proxies. Along with the devices being displayed the interconnections between these devices will be shown, the end user (client) devices (desktops, laptops), and the Internet cloud, which will generically be shown to represent the network’s interface to the Internet. In addition to the design this discussion will review the flow of data throughout the network to reveal security features that create that in depth design to protect any organization with similar requirements. I will first review the network diagram with physical features, locations, and Internet speeds; then discuss in depth, security features from each of the seven network domains (user, workstation, Local Area network (LAN), LAN-to-Wide Area Network (WAN), Remote Access, WAN, and Systems/Applications) and how they will be incorporated throughout the design and infrastructure of the network. The objective is to implement these features to enforce the confidentiality, integrity, availability, privacy, authenticity, authorization, non-repudiation, and accounting. (Stewart, J. M., 2011). Network Design, Data Flow, and Security Features The network design features the corporate headquarters site in Chicago that includes within the Information Technical (IT) department is a database server, an FTP server, application server, web server, email server, print server, and 30 workstations. The database server utilizes role-based access features as well as two-factor authentication for server and user access (Common Access Card and username/password). The FTP server utilizes the TCP protocols and is within the internal network with additional firewall rules, routing policies that limit open ports, and internal training on how to locate potential threats for the IT department to monitor. The Webserver must be held in the DMZ to allow additional port access to utilize the Internet. The email and print servers are also located within the internal network. Outside of the IT Department, this organization has six departments that are on three floors that include45 workstations and 5 printers per department. Each department is interconnected to corporate resources ...

Education
1 of 10
DEFENSE IN DEPTH 6 Introduction The objective of this paper is to visually display a defense in depth model and explain features that will encourage an overall layered defense tactic to strategically mitigate against potential threats. The network is comprised of a corporate site in Chicago where all servers are located to include: Web server, file server, print server, mail server, and ftp server. This connection to the Internet has a speed of 50mbps with 300 employees that have access to the Internet, as well as local and corporate resources. There is also one remote site that is 8 miles away with 20 employees that need access to all resources at corporate as well as an Internet connection with the limitation of 3mbps. In this design all network devices will be utilized to include: routers, switches, hubs, firewalls, VPN’s, and proxies. Along with the devices being displayed the interconnections between these devices will be shown, the end user (client) devices (desktops, laptops), and the Internet cloud, which will generically be shown to represent the network’s interface to the Internet. In addition to the design this discussion will review the flow of data throughout the network to reveal security features that create that in depth design to protect any organization with similar requirements. I will first review the network diagram with physical features, locations, and Internet speeds; then discuss in depth, security features from each of the seven network domains (user, workstation, Local Area network (LAN), LAN-to-Wide Area Network (WAN), Remote Access, WAN, and Systems/Applications) and how they will be incorporated throughout the design and infrastructure of the network.
The objective is to implement these features to enforce the confidentiality, integrity, availability, privacy, authenticity, authorization, non-repudiation, and accounting. (Stewart, J. M., 2011). Network Design, Data Flow, and Security Features The network design features the corporate headquarters site in Chicago that includes within the Information Technical (IT) department is a database server, an FTP server, application server, web server, email server, print server, and 30 workstations. The database server utilizes role-based access features as well as two-factor authentication for server and user access (Common Access Card and username/password). The FTP server utilizes the TCP protocols and is within the internal network with additional firewall rules, routing policies that limit open ports, and internal training on how to locate potential threats for the IT department to monitor. The Webserver must be held in the DMZ to allow additional port access to utilize the Internet. The email and print servers are also located within the internal network. Outside of the IT Department, this organization has six departments that are on three floors that include45 workstations and 5 printers per department. Each department is interconnected to corporate resources via CAT5 cables and a 48 port switch connections, allows for 10Gbps, and is housed in an Intermediary Distribution Facility (IDF) on each floor. The 1st and 4th department are on the bottom (1st) floor with one IDF, the 3rd and 6th department are on the top (3rd) floor that houses another IDF, and the 2nd and 5th department are on the middle (2nd) floor, which interconnects both IDF’s via a fiber cable. The IDF’s house cables on the floor it is associated with and the MDF can house cables as well as server racks, patch panels, routers, and switches. However, in this case the server racks, routers, and switches are in a separate locked room to limit access and secure the servers. (E., 2011, February 17).
All departments switches are connected to one router that connects to two separate routers; one router is protected via a firewall that connects the departments to the IT resources; the other router leads to the De-Militarized Zone (DMZ) and out onto the network. The DMZ provides a space within the network to have points of less secure features. For instance, the Web server and Virtual Private Network (VPN) Gateway is in the DMZ along with firewalls and routers. The firewalls and routers in the DMZ can be configured to have specific open ports versus the routers outside of the DMZ which may have only the necessary ports open. Continuing the network design, the Web server within the DMZ has four routers surrounding it with firewalls from the routers to a VPN Gateway or the Internet. One VPN Gateways connects to the internal network via a router and the other VPN Gateway leads to the Internet access then from the Internet via a firewall Remote access is available. Remote access is available via Virtual Machines (VM) on personal devices that use the VLAN to utilize the VPN. Within the DMZ two of the routers surrounding the Web server are protected via two firewalls on either side with access to the Internet via a 3 Mbps. This connection is through the cable Internet Service Provider(ISP) and divided into three connections by three different cable Internet Service Providers. The reason for three cable connections is if one connection is not available due to weather for instance, the other providers can provide constant service and lessons the chance of a single point of failure. This network design is set up in such a manner to compartmentalize information based on the sensitivity levels, risk tolerance levels, and threat susceptibility levels of specific resources. This portion of the design secures the confidentiality of data. This includes specific parts of domains; for instance, the remote domain will have a different data flow of information than the LAN and workstation domains within the corporate office and the remote sites. The next stage in the
design is to limit accessbased on the principle of least privilege which means creating a Role Based Access Control list for all employees in every department to ensure that each user has only the privilege necessary for his or her duties. The next phase is to provide high availability through the implementation of redundant configurations of links and devices on the network path between the user and mission critical resources. This prevents a single point of failure and provides the user with insurance of use throughout outages. Also, to encourage this policies such as ‘Separation of Duty’, which states important tasks should be performed by two or more employees and ‘Job Rotation,’ which dictates that employees in important positions should rotate. (Stawowski, M., 2009, October). The objective is to eliminate single points of failure, this is true throughout the dataflow process as well. Data that is to be sent between networks from an internal resource to a resource outside of the network begins at the network layer of the Transmission Control Protocol/Internet Protocol. The network layer is where physical addresses (device address, logical network address, and the source address) are used in message routing. This address is attached to the packet (data) that will be sent. Next the packet will move into the data link layer which adds an additional physical address (device address) and attempts to locate the destination device. If the destination device is on a separate network the source device will locate the next physical address in the patch, which is a router. The router reviews the destination address at the network layer and eliminates the data link physical address, then notices that the next link in the network path is another router therefore, repackages the message at the data link layer and attaches its own physical address as the source address and the next routers address as the destination. The next router re-assembles that packet at the data link layer and sends it to the destination address where it reaches the physical layer. (Jois, S., 2013, January 21).
Throughout this process the information must maintain confidentiality, integrity, and authentication. This is completed via avoiding a single point of failure, previously mentioned and protecting assets by dividing and conquering. This network utilizes physical securities to include: gates, security guards, and cameras, access cards to enter specific portions of the building, Uninterrupted Power Supplies (UPS), and servers with encryption certificates available. Additional security features include the use of Internet Protocol version 6 (IPv6) for applications that offers default encryption transmissions, the use of an encryption tunneling protocol, IPSec, security policies such as an access policy, accountability policy, authentication policy, private policy, computer-technology purchasing guideline policy, training policies and procedures. In addition to security procedures, operations, disaster recovery plan and a plan to maintain the security. (Oppenheimer, P., 2010, October 04). Conclusion In conclusion, materials discussed includethe design of a network with a corporate site that includes: servers, a 50 mbps connection to the Internet, and 300 employees that need access to corporate resources and the Internet. In addition, the design includes one remote site with 20 employees with a 3 mbps Internet access and require access to corporate resources and the Internet as well. A review of the physical layout of the design as well as how data flows throughout the network and ways to ensure the confidentiality, integrity, and authentication of information via physical security measures, utilizing cryptography, ensure network design, and implementing a policies and procedures to mitigate against threats. References E. (2011, February 17). Physical Network Segmentation. Retrieved May 04, 2014, from http://www.youtube.com/watch?v=cLNCYg5RorY
Jois, S. (2013, January 21). How Data Flow Between Network.wmv. Retrieved May 4, 2014, from https://www.youtube.com/watch?v=SnFau2xFD4A Oppenheimer, P. (2010, October 04). Developing Network Security Strategies. Retrieved May 04, 2014, from http://www.ciscopress.com/articles/article.asp?p=1626588 Stawowski, M. (2009, October). The Principles of Network Security Design. Retrieved May 04, 2014, from http://www.clico.pl/services/Principles_Network_Security_Desi gn.pdf Stewart, J. M. (2011). Network Security, Firewalls, and VPNs . Sudbury, MA: JONES & BARTLETT LEARNING. Defense-in-Depth Design: Dept 1 Dept 2 Dept 3 Dept 4 Dept 5 Dept 6 Workstations (X45) Printer (x5) Workstations (X45) Printer (x5) Workstations
(X45) Printer (x5) Workstations (X45) Printer (x5) Workstations (X45) Printer (x5) Workstations (X45) Printer (x5) Switch 10Gbps Switch 10Gbps Switch 10Gbps Switch 10Gbps Switch 10Gbps Switch 10Gbps IT Department VPN Gateway Off-site Workstations (X45) Printer (x5) IT Department Database
Server FTP Server Application Server Web Server Email Server Print Server Workstation (x30) Database Server FTP Server Application Server Web Server Email Server Print Server Internet VPN Gateway Remote Access Internet Firewal Firewal Firewal Firewal Firewal Firewal Web
Server DMZ Firewal Firewall IDS/IPS Corporate Site (Chicago) Remote Site (8 miles away) (50mbps) connection (3mbps) connection Router Router RouterRouter RouterRouter RouterRouter _1464589415.vsd � � � � � text � � Laptop � � � �
Defense in Depth Network Design

Recommended

Lis 4482 final report
Lis 4482 final reportLis 4482 final report
Lis 4482 final reportPeterCummingsIII
 
Basic networking tutorial
Basic networking tutorialBasic networking tutorial
Basic networking tutorialreddydivakara
 
Networking tutorial
Networking tutorialNetworking tutorial
Networking tutorialajaymane22
 
Basic lecture
Basic lectureBasic lecture
Basic lectureBatzaya Dashdondog
 
Cn
CnCn
Cnriyasekaran
 
Cnetworks
CnetworksCnetworks
Cnetworksriyasekaran
 
fmxhnkmcjbg,lBasics of network
fmxhnkmcjbg,lBasics of networkfmxhnkmcjbg,lBasics of network
fmxhnkmcjbg,lBasics of networkammulu99
 
Basic networking tutorial
Basic networking tutorialBasic networking tutorial
Basic networking tutorialRodel Morales
 

Recommended

Lis 4482 final report
Lis 4482 final reportLis 4482 final report
Lis 4482 final reportPeterCummingsIII
 
Basic networking tutorial
Basic networking tutorialBasic networking tutorial
Basic networking tutorialreddydivakara
 
Networking tutorial
Networking tutorialNetworking tutorial
Networking tutorialajaymane22
 
Basic lecture
Basic lectureBasic lecture
Basic lectureBatzaya Dashdondog
 
Cn
CnCn
Cnriyasekaran
 
Cnetworks
CnetworksCnetworks
Cnetworksriyasekaran
 
fmxhnkmcjbg,lBasics of network
fmxhnkmcjbg,lBasics of networkfmxhnkmcjbg,lBasics of network
fmxhnkmcjbg,lBasics of networkammulu99
 
Basic networking tutorial
Basic networking tutorialBasic networking tutorial
Basic networking tutorialRodel Morales
 
934 Ch1 Networks
934 Ch1 Networks934 Ch1 Networks
934 Ch1 Networkstechbed
 
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docx
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docxRunning head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docx
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docxtodd581
 
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docx
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docxRunning head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docx
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docxglendar3
 
A Deep Dive in the World of IT Networking (Part 2)
A Deep Dive in the World of IT Networking (Part 2)A Deep Dive in the World of IT Networking (Part 2)
A Deep Dive in the World of IT Networking (Part 2)Tuan Yang
 
Chapter 6.0
Chapter 6.0Chapter 6.0
Chapter 6.0Adebisi Tolulope
 
Running head NETWORK DESIGN PROPOSALNETWORK DESIGN PROPOSAL.docx
Running head NETWORK DESIGN PROPOSALNETWORK DESIGN PROPOSAL.docxRunning head NETWORK DESIGN PROPOSALNETWORK DESIGN PROPOSAL.docx
Running head NETWORK DESIGN PROPOSALNETWORK DESIGN PROPOSAL.docxtoltonkendal
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperShakas Technologies
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperShakas Technologies
 
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEA SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEKate Campbell
 
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEA SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEIRJET Journal
 
Multi port network ethernet performance improvement techniques
Multi port network ethernet performance improvement techniquesMulti port network ethernet performance improvement techniques
Multi port network ethernet performance improvement techniquesIJARIIT
 
IP ADDRESSING AND SUBNETTING REPORT
IP ADDRESSING AND SUBNETTING REPORTIP ADDRESSING AND SUBNETTING REPORT
IP ADDRESSING AND SUBNETTING REPORTRajat Kumar
 
76924356 synopsis-network
76924356 synopsis-network76924356 synopsis-network
76924356 synopsis-networklklokesh
 
CompTIA Security Plus Mini Bootcamp Session
CompTIA Security Plus Mini Bootcamp Session CompTIA Security Plus Mini Bootcamp Session
CompTIA Security Plus Mini Bootcamp Session Joseph Holbrook, Chief Learning Officer (CLO)
 
The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)theijes
 
Computer network
Computer networkComputer network
Computer networkNajmulIslam38
 
Nt1310 Unit 3 Data Analysis Essay
Nt1310 Unit 3 Data Analysis EssayNt1310 Unit 3 Data Analysis Essay
Nt1310 Unit 3 Data Analysis EssayAntoinette Williams
 
Ccna exploration network fundamentals
Ccna exploration network fundamentalsCcna exploration network fundamentals
Ccna exploration network fundamentalsIT Tech
 
Evaluation the performanc of dmz
Evaluation the performanc of dmzEvaluation the performanc of dmz
Evaluation the performanc of dmzBaha Rababah
 
Network Advantages And Disadvantages
Network Advantages And DisadvantagesNetwork Advantages And Disadvantages
Network Advantages And DisadvantagesRenee Jones
 
ESSAY #4In contrast to thinking of poor people as deserving of bei.docx
ESSAY #4In contrast to thinking of poor people as deserving of bei.docxESSAY #4In contrast to thinking of poor people as deserving of bei.docx
ESSAY #4In contrast to thinking of poor people as deserving of bei.docxLinaCovington707
 
Essay # 3 Instructions Representations of War and Genocide .docx
Essay # 3 Instructions Representations of War and Genocide .docxEssay # 3 Instructions Representations of War and Genocide .docx
Essay # 3 Instructions Representations of War and Genocide .docxLinaCovington707
 

More Related Content

Similar to Defense in Depth Network Design

934 Ch1 Networks
934 Ch1 Networks934 Ch1 Networks
934 Ch1 Networkstechbed
 
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docx
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docxRunning head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docx
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docxtodd581
 
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docx
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docxRunning head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docx
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docxglendar3
 
A Deep Dive in the World of IT Networking (Part 2)
A Deep Dive in the World of IT Networking (Part 2)A Deep Dive in the World of IT Networking (Part 2)
A Deep Dive in the World of IT Networking (Part 2)Tuan Yang
 
Running head NETWORK DESIGN PROPOSALNETWORK DESIGN PROPOSAL.docx
Running head NETWORK DESIGN PROPOSALNETWORK DESIGN PROPOSAL.docxRunning head NETWORK DESIGN PROPOSALNETWORK DESIGN PROPOSAL.docx
Running head NETWORK DESIGN PROPOSALNETWORK DESIGN PROPOSAL.docxtoltonkendal
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperShakas Technologies
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperShakas Technologies
 
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEA SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEKate Campbell
 
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEA SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEIRJET Journal
 
Multi port network ethernet performance improvement techniques
Multi port network ethernet performance improvement techniquesMulti port network ethernet performance improvement techniques
Multi port network ethernet performance improvement techniquesIJARIIT
 
IP ADDRESSING AND SUBNETTING REPORT
IP ADDRESSING AND SUBNETTING REPORTIP ADDRESSING AND SUBNETTING REPORT
IP ADDRESSING AND SUBNETTING REPORTRajat Kumar
 
76924356 synopsis-network
76924356 synopsis-network76924356 synopsis-network
76924356 synopsis-networklklokesh
 
The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)theijes
 
Nt1310 Unit 3 Data Analysis Essay
Nt1310 Unit 3 Data Analysis EssayNt1310 Unit 3 Data Analysis Essay
Nt1310 Unit 3 Data Analysis EssayAntoinette Williams
 
Ccna exploration network fundamentals
Ccna exploration network fundamentalsCcna exploration network fundamentals
Ccna exploration network fundamentalsIT Tech
 
Evaluation the performanc of dmz
Evaluation the performanc of dmzEvaluation the performanc of dmz
Evaluation the performanc of dmzBaha Rababah
 
Network Advantages And Disadvantages
Network Advantages And DisadvantagesNetwork Advantages And Disadvantages
Network Advantages And DisadvantagesRenee Jones
 

Similar to Defense in Depth Network Design (20)

934 Ch1 Networks
934 Ch1 Networks934 Ch1 Networks
934 Ch1 Networks
 
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docx
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docxRunning head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docx
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docx
 
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docx
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docxRunning head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docx
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docx
 
A Deep Dive in the World of IT Networking (Part 2)
A Deep Dive in the World of IT Networking (Part 2)A Deep Dive in the World of IT Networking (Part 2)
A Deep Dive in the World of IT Networking (Part 2)
 
Chapter 6.0
Chapter 6.0Chapter 6.0
Chapter 6.0
 
Running head NETWORK DESIGN PROPOSALNETWORK DESIGN PROPOSAL.docx
Running head NETWORK DESIGN PROPOSALNETWORK DESIGN PROPOSAL.docxRunning head NETWORK DESIGN PROPOSALNETWORK DESIGN PROPOSAL.docx
Running head NETWORK DESIGN PROPOSALNETWORK DESIGN PROPOSAL.docx
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
 
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEA SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
 
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEA SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
 
Multi port network ethernet performance improvement techniques
Multi port network ethernet performance improvement techniquesMulti port network ethernet performance improvement techniques
Multi port network ethernet performance improvement techniques
 
IP ADDRESSING AND SUBNETTING REPORT
IP ADDRESSING AND SUBNETTING REPORTIP ADDRESSING AND SUBNETTING REPORT
IP ADDRESSING AND SUBNETTING REPORT
 
76924356 synopsis-network
76924356 synopsis-network76924356 synopsis-network
76924356 synopsis-network
 
CompTIA Security Plus Mini Bootcamp Session
CompTIA Security Plus Mini Bootcamp Session CompTIA Security Plus Mini Bootcamp Session
CompTIA Security Plus Mini Bootcamp Session
 
The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)
 
Computer network
Computer networkComputer network
Computer network
 
Nt1310 Unit 3 Data Analysis Essay
Nt1310 Unit 3 Data Analysis EssayNt1310 Unit 3 Data Analysis Essay
Nt1310 Unit 3 Data Analysis Essay
 
Ccna exploration network fundamentals
Ccna exploration network fundamentalsCcna exploration network fundamentals
Ccna exploration network fundamentals
 
Evaluation the performanc of dmz
Evaluation the performanc of dmzEvaluation the performanc of dmz
Evaluation the performanc of dmz
 
Network Advantages And Disadvantages
Network Advantages And DisadvantagesNetwork Advantages And Disadvantages
Network Advantages And Disadvantages
 

More from LinaCovington707

ESSAY #4In contrast to thinking of poor people as deserving of bei.docx
ESSAY #4In contrast to thinking of poor people as deserving of bei.docxESSAY #4In contrast to thinking of poor people as deserving of bei.docx
ESSAY #4In contrast to thinking of poor people as deserving of bei.docxLinaCovington707
 
Essay # 3 Instructions Representations of War and Genocide .docx
Essay # 3 Instructions Representations of War and Genocide .docxEssay # 3 Instructions Representations of War and Genocide .docx
Essay # 3 Instructions Representations of War and Genocide .docxLinaCovington707
 
Essay 1 What is the role of the millennial servant leader on Capito.docx
Essay 1 What is the role of the millennial servant leader on Capito.docxEssay 1 What is the role of the millennial servant leader on Capito.docx
Essay 1 What is the role of the millennial servant leader on Capito.docxLinaCovington707
 
ESSAY #6Over the course of the quarter, you have learned to apply .docx
ESSAY #6Over the course of the quarter, you have learned to apply .docxESSAY #6Over the course of the quarter, you have learned to apply .docx
ESSAY #6Over the course of the quarter, you have learned to apply .docxLinaCovington707
 
ErrorsKeyboarding ErrorsCapitlalization ErrorsAbbreviation err.docx
ErrorsKeyboarding ErrorsCapitlalization ErrorsAbbreviation err.docxErrorsKeyboarding ErrorsCapitlalization ErrorsAbbreviation err.docx
ErrorsKeyboarding ErrorsCapitlalization ErrorsAbbreviation err.docxLinaCovington707
 
Epidemiological ApplicationsDescribe how the concept of multifacto.docx
Epidemiological ApplicationsDescribe how the concept of multifacto.docxEpidemiological ApplicationsDescribe how the concept of multifacto.docx
Epidemiological ApplicationsDescribe how the concept of multifacto.docxLinaCovington707
 
Epidemic, Endemic, and Pandemic Occurrence of Disease(s)One aspect.docx
Epidemic, Endemic, and Pandemic Occurrence of Disease(s)One aspect.docxEpidemic, Endemic, and Pandemic Occurrence of Disease(s)One aspect.docx
Epidemic, Endemic, and Pandemic Occurrence of Disease(s)One aspect.docxLinaCovington707
 
ENVIRONMENTShould the US support initiatives that restrict carbo.docx
ENVIRONMENTShould the US support initiatives that restrict carbo.docxENVIRONMENTShould the US support initiatives that restrict carbo.docx
ENVIRONMENTShould the US support initiatives that restrict carbo.docxLinaCovington707
 
ePortfolio CompletionResourcesDiscussion Participation Scoring.docx
ePortfolio CompletionResourcesDiscussion Participation Scoring.docxePortfolio CompletionResourcesDiscussion Participation Scoring.docx
ePortfolio CompletionResourcesDiscussion Participation Scoring.docxLinaCovington707
 
eproduction and Animal BehaviorReproduction Explain why asexually.docx
eproduction and Animal BehaviorReproduction Explain why asexually.docxeproduction and Animal BehaviorReproduction Explain why asexually.docx
eproduction and Animal BehaviorReproduction Explain why asexually.docxLinaCovington707
 
Envisioning LeadershipIdentifying a challenge that evokes your pas.docx
Envisioning LeadershipIdentifying a challenge that evokes your pas.docxEnvisioning LeadershipIdentifying a challenge that evokes your pas.docx
Envisioning LeadershipIdentifying a challenge that evokes your pas.docxLinaCovington707
 
EnvironmentOur environment is really important. We need to under.docx
EnvironmentOur environment is really important. We need to under.docxEnvironmentOur environment is really important. We need to under.docx
EnvironmentOur environment is really important. We need to under.docxLinaCovington707
 
Environmental Awareness and Organizational Sustainability  Please .docx
Environmental Awareness and Organizational Sustainability  Please .docxEnvironmental Awareness and Organizational Sustainability  Please .docx
Environmental Awareness and Organizational Sustainability  Please .docxLinaCovington707
 
EnterobacteriaceaeThe family Enterobacteriaceae contains some or.docx
EnterobacteriaceaeThe family Enterobacteriaceae contains some or.docxEnterobacteriaceaeThe family Enterobacteriaceae contains some or.docx
EnterobacteriaceaeThe family Enterobacteriaceae contains some or.docxLinaCovington707
 
Ensuring your local region is prepared for any emergency is a comp.docx
Ensuring your local region is prepared for any emergency is a comp.docxEnsuring your local region is prepared for any emergency is a comp.docx
Ensuring your local region is prepared for any emergency is a comp.docxLinaCovington707
 
ENG 2480 Major Assignment #3Essay #2 CharacterAnaly.docx
ENG 2480 Major Assignment #3Essay #2 CharacterAnaly.docxENG 2480 Major Assignment #3Essay #2 CharacterAnaly.docx
ENG 2480 Major Assignment #3Essay #2 CharacterAnaly.docxLinaCovington707
 
English EssayMLA format500 words or moreThis is Caue types of .docx
English EssayMLA format500 words or moreThis is Caue types of .docxEnglish EssayMLA format500 words or moreThis is Caue types of .docx
English EssayMLA format500 words or moreThis is Caue types of .docxLinaCovington707
 
Eng 2480 British Literature after 1790NameApplying Wilde .docx
Eng 2480 British Literature after 1790NameApplying Wilde .docxEng 2480 British Literature after 1790NameApplying Wilde .docx
Eng 2480 British Literature after 1790NameApplying Wilde .docxLinaCovington707
 
English 1C Critical Thinking Essay (6 - 6 12 pages, MLA 12pt font .docx
English 1C Critical Thinking Essay (6 - 6 12 pages, MLA 12pt font .docxEnglish 1C Critical Thinking Essay (6 - 6 12 pages, MLA 12pt font .docx
English 1C Critical Thinking Essay (6 - 6 12 pages, MLA 12pt font .docxLinaCovington707
 
ENGL 227World FictionEssay #2Write a 2-3 page essay (with work.docx
ENGL 227World FictionEssay #2Write a 2-3 page essay (with work.docxENGL 227World FictionEssay #2Write a 2-3 page essay (with work.docx
ENGL 227World FictionEssay #2Write a 2-3 page essay (with work.docxLinaCovington707
 

More from LinaCovington707 (20)

ESSAY #4In contrast to thinking of poor people as deserving of bei.docx
ESSAY #4In contrast to thinking of poor people as deserving of bei.docxESSAY #4In contrast to thinking of poor people as deserving of bei.docx
ESSAY #4In contrast to thinking of poor people as deserving of bei.docx
 
Essay # 3 Instructions Representations of War and Genocide .docx
Essay # 3 Instructions Representations of War and Genocide .docxEssay # 3 Instructions Representations of War and Genocide .docx
Essay # 3 Instructions Representations of War and Genocide .docx
 
Essay 1 What is the role of the millennial servant leader on Capito.docx
Essay 1 What is the role of the millennial servant leader on Capito.docxEssay 1 What is the role of the millennial servant leader on Capito.docx
Essay 1 What is the role of the millennial servant leader on Capito.docx
 
ESSAY #6Over the course of the quarter, you have learned to apply .docx
ESSAY #6Over the course of the quarter, you have learned to apply .docxESSAY #6Over the course of the quarter, you have learned to apply .docx
ESSAY #6Over the course of the quarter, you have learned to apply .docx
 
ErrorsKeyboarding ErrorsCapitlalization ErrorsAbbreviation err.docx
ErrorsKeyboarding ErrorsCapitlalization ErrorsAbbreviation err.docxErrorsKeyboarding ErrorsCapitlalization ErrorsAbbreviation err.docx
ErrorsKeyboarding ErrorsCapitlalization ErrorsAbbreviation err.docx
 
Epidemiological ApplicationsDescribe how the concept of multifacto.docx
Epidemiological ApplicationsDescribe how the concept of multifacto.docxEpidemiological ApplicationsDescribe how the concept of multifacto.docx
Epidemiological ApplicationsDescribe how the concept of multifacto.docx
 
Epidemic, Endemic, and Pandemic Occurrence of Disease(s)One aspect.docx
Epidemic, Endemic, and Pandemic Occurrence of Disease(s)One aspect.docxEpidemic, Endemic, and Pandemic Occurrence of Disease(s)One aspect.docx
Epidemic, Endemic, and Pandemic Occurrence of Disease(s)One aspect.docx
 
ENVIRONMENTShould the US support initiatives that restrict carbo.docx
ENVIRONMENTShould the US support initiatives that restrict carbo.docxENVIRONMENTShould the US support initiatives that restrict carbo.docx
ENVIRONMENTShould the US support initiatives that restrict carbo.docx
 
ePortfolio CompletionResourcesDiscussion Participation Scoring.docx
ePortfolio CompletionResourcesDiscussion Participation Scoring.docxePortfolio CompletionResourcesDiscussion Participation Scoring.docx
ePortfolio CompletionResourcesDiscussion Participation Scoring.docx
 
eproduction and Animal BehaviorReproduction Explain why asexually.docx
eproduction and Animal BehaviorReproduction Explain why asexually.docxeproduction and Animal BehaviorReproduction Explain why asexually.docx
eproduction and Animal BehaviorReproduction Explain why asexually.docx
 
Envisioning LeadershipIdentifying a challenge that evokes your pas.docx
Envisioning LeadershipIdentifying a challenge that evokes your pas.docxEnvisioning LeadershipIdentifying a challenge that evokes your pas.docx
Envisioning LeadershipIdentifying a challenge that evokes your pas.docx
 
EnvironmentOur environment is really important. We need to under.docx
EnvironmentOur environment is really important. We need to under.docxEnvironmentOur environment is really important. We need to under.docx
EnvironmentOur environment is really important. We need to under.docx
 
Environmental Awareness and Organizational Sustainability  Please .docx
Environmental Awareness and Organizational Sustainability  Please .docxEnvironmental Awareness and Organizational Sustainability  Please .docx
Environmental Awareness and Organizational Sustainability  Please .docx
 
EnterobacteriaceaeThe family Enterobacteriaceae contains some or.docx
EnterobacteriaceaeThe family Enterobacteriaceae contains some or.docxEnterobacteriaceaeThe family Enterobacteriaceae contains some or.docx
EnterobacteriaceaeThe family Enterobacteriaceae contains some or.docx
 
Ensuring your local region is prepared for any emergency is a comp.docx
Ensuring your local region is prepared for any emergency is a comp.docxEnsuring your local region is prepared for any emergency is a comp.docx
Ensuring your local region is prepared for any emergency is a comp.docx
 
ENG 2480 Major Assignment #3Essay #2 CharacterAnaly.docx
ENG 2480 Major Assignment #3Essay #2 CharacterAnaly.docxENG 2480 Major Assignment #3Essay #2 CharacterAnaly.docx
ENG 2480 Major Assignment #3Essay #2 CharacterAnaly.docx
 
English EssayMLA format500 words or moreThis is Caue types of .docx
English EssayMLA format500 words or moreThis is Caue types of .docxEnglish EssayMLA format500 words or moreThis is Caue types of .docx
English EssayMLA format500 words or moreThis is Caue types of .docx
 
Eng 2480 British Literature after 1790NameApplying Wilde .docx
Eng 2480 British Literature after 1790NameApplying Wilde .docxEng 2480 British Literature after 1790NameApplying Wilde .docx
Eng 2480 British Literature after 1790NameApplying Wilde .docx
 
English 1C Critical Thinking Essay (6 - 6 12 pages, MLA 12pt font .docx
English 1C Critical Thinking Essay (6 - 6 12 pages, MLA 12pt font .docxEnglish 1C Critical Thinking Essay (6 - 6 12 pages, MLA 12pt font .docx
English 1C Critical Thinking Essay (6 - 6 12 pages, MLA 12pt font .docx
 
ENGL 227World FictionEssay #2Write a 2-3 page essay (with work.docx
ENGL 227World FictionEssay #2Write a 2-3 page essay (with work.docxENGL 227World FictionEssay #2Write a 2-3 page essay (with work.docx
ENGL 227World FictionEssay #2Write a 2-3 page essay (with work.docx
 

Recently uploaded

Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...DhatriParmar
 
Textual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSTextual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSMae Pangan
 
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvRicaMaeCastro1
 
ICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfVanessa Camilleri
 
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptxDecoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptxDhatriParmar
 
Expanded definition: technical and operational
Expanded definition: technical and operationalExpanded definition: technical and operational
Expanded definition: technical and operationalssuser3e220a
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 
ICS 2208 Lecture Slide Notes for Topic 6
ICS 2208 Lecture Slide Notes for Topic 6ICS 2208 Lecture Slide Notes for Topic 6
ICS 2208 Lecture Slide Notes for Topic 6Vanessa Camilleri
 
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptxmary850239
 
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...DhatriParmar
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management SystemChristalin Nelson
 
4.9.24 School Desegregation in Boston.pptx
4.9.24 School Desegregation in Boston.pptx4.9.24 School Desegregation in Boston.pptx
4.9.24 School Desegregation in Boston.pptxmary850239
 
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...Nguyen Thanh Tu Collection
 
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxGrade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxkarenfajardo43
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxlancelewisportillo
 
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptx
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptxUnraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptx
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptxDhatriParmar
 
CLASSIFICATION OF ANTI - CANCER DRUGS.pptx
CLASSIFICATION OF ANTI - CANCER DRUGS.pptxCLASSIFICATION OF ANTI - CANCER DRUGS.pptx
CLASSIFICATION OF ANTI - CANCER DRUGS.pptxAnupam32727
 
4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptx4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptxmary850239
 
Oppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmOppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmStan Meyer
 

Recently uploaded (20)

Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
 
Textual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSTextual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHS
 
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
 
ICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdf
 
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptxDecoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
 
Expanded definition: technical and operational
Expanded definition: technical and operationalExpanded definition: technical and operational
Expanded definition: technical and operational
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 
ICS 2208 Lecture Slide Notes for Topic 6
ICS 2208 Lecture Slide Notes for Topic 6ICS 2208 Lecture Slide Notes for Topic 6
ICS 2208 Lecture Slide Notes for Topic 6
 
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx
 
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management System
 
4.9.24 School Desegregation in Boston.pptx
4.9.24 School Desegregation in Boston.pptx4.9.24 School Desegregation in Boston.pptx
4.9.24 School Desegregation in Boston.pptx
 
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
 
Faculty Profile prashantha K EEE dept Sri Sairam college of Engineering
Faculty Profile prashantha K EEE dept Sri Sairam college of EngineeringFaculty Profile prashantha K EEE dept Sri Sairam college of Engineering
Faculty Profile prashantha K EEE dept Sri Sairam college of Engineering
 
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxGrade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
 
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptx
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptxUnraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptx
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptx
 
CLASSIFICATION OF ANTI - CANCER DRUGS.pptx
CLASSIFICATION OF ANTI - CANCER DRUGS.pptxCLASSIFICATION OF ANTI - CANCER DRUGS.pptx
CLASSIFICATION OF ANTI - CANCER DRUGS.pptx
 
4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptx4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptx
 
Oppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmOppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and Film
 

Defense in Depth Network Design

  • 1. DEFENSE IN DEPTH 6 Introduction The objective of this paper is to visually display a defense in depth model and explain features that will encourage an overall layered defense tactic to strategically mitigate against potential threats. The network is comprised of a corporate site in Chicago where all servers are located to include: Web server, file server, print server, mail server, and ftp server. This connection to the Internet has a speed of 50mbps with 300 employees that have access to the Internet, as well as local and corporate resources. There is also one remote site that is 8 miles away with 20 employees that need access to all resources at corporate as well as an Internet connection with the limitation of 3mbps. In this design all network devices will be utilized to include: routers, switches, hubs, firewalls, VPN’s, and proxies. Along with the devices being displayed the interconnections between these devices will be shown, the end user (client) devices (desktops, laptops), and the Internet cloud, which will generically be shown to represent the network’s interface to the Internet. In addition to the design this discussion will review the flow of data throughout the network to reveal security features that create that in depth design to protect any organization with similar requirements. I will first review the network diagram with physical features, locations, and Internet speeds; then discuss in depth, security features from each of the seven network domains (user, workstation, Local Area network (LAN), LAN-to-Wide Area Network (WAN), Remote Access, WAN, and Systems/Applications) and how they will be incorporated throughout the design and infrastructure of the network.
  • 2. The objective is to implement these features to enforce the confidentiality, integrity, availability, privacy, authenticity, authorization, non-repudiation, and accounting. (Stewart, J. M., 2011). Network Design, Data Flow, and Security Features The network design features the corporate headquarters site in Chicago that includes within the Information Technical (IT) department is a database server, an FTP server, application server, web server, email server, print server, and 30 workstations. The database server utilizes role-based access features as well as two-factor authentication for server and user access (Common Access Card and username/password). The FTP server utilizes the TCP protocols and is within the internal network with additional firewall rules, routing policies that limit open ports, and internal training on how to locate potential threats for the IT department to monitor. The Webserver must be held in the DMZ to allow additional port access to utilize the Internet. The email and print servers are also located within the internal network. Outside of the IT Department, this organization has six departments that are on three floors that include45 workstations and 5 printers per department. Each department is interconnected to corporate resources via CAT5 cables and a 48 port switch connections, allows for 10Gbps, and is housed in an Intermediary Distribution Facility (IDF) on each floor. The 1st and 4th department are on the bottom (1st) floor with one IDF, the 3rd and 6th department are on the top (3rd) floor that houses another IDF, and the 2nd and 5th department are on the middle (2nd) floor, which interconnects both IDF’s via a fiber cable. The IDF’s house cables on the floor it is associated with and the MDF can house cables as well as server racks, patch panels, routers, and switches. However, in this case the server racks, routers, and switches are in a separate locked room to limit access and secure the servers. (E., 2011, February 17).
  • 3. All departments switches are connected to one router that connects to two separate routers; one router is protected via a firewall that connects the departments to the IT resources; the other router leads to the De-Militarized Zone (DMZ) and out onto the network. The DMZ provides a space within the network to have points of less secure features. For instance, the Web server and Virtual Private Network (VPN) Gateway is in the DMZ along with firewalls and routers. The firewalls and routers in the DMZ can be configured to have specific open ports versus the routers outside of the DMZ which may have only the necessary ports open. Continuing the network design, the Web server within the DMZ has four routers surrounding it with firewalls from the routers to a VPN Gateway or the Internet. One VPN Gateways connects to the internal network via a router and the other VPN Gateway leads to the Internet access then from the Internet via a firewall Remote access is available. Remote access is available via Virtual Machines (VM) on personal devices that use the VLAN to utilize the VPN. Within the DMZ two of the routers surrounding the Web server are protected via two firewalls on either side with access to the Internet via a 3 Mbps. This connection is through the cable Internet Service Provider(ISP) and divided into three connections by three different cable Internet Service Providers. The reason for three cable connections is if one connection is not available due to weather for instance, the other providers can provide constant service and lessons the chance of a single point of failure. This network design is set up in such a manner to compartmentalize information based on the sensitivity levels, risk tolerance levels, and threat susceptibility levels of specific resources. This portion of the design secures the confidentiality of data. This includes specific parts of domains; for instance, the remote domain will have a different data flow of information than the LAN and workstation domains within the corporate office and the remote sites. The next stage in the
  • 4. design is to limit accessbased on the principle of least privilege which means creating a Role Based Access Control list for all employees in every department to ensure that each user has only the privilege necessary for his or her duties. The next phase is to provide high availability through the implementation of redundant configurations of links and devices on the network path between the user and mission critical resources. This prevents a single point of failure and provides the user with insurance of use throughout outages. Also, to encourage this policies such as ‘Separation of Duty’, which states important tasks should be performed by two or more employees and ‘Job Rotation,’ which dictates that employees in important positions should rotate. (Stawowski, M., 2009, October). The objective is to eliminate single points of failure, this is true throughout the dataflow process as well. Data that is to be sent between networks from an internal resource to a resource outside of the network begins at the network layer of the Transmission Control Protocol/Internet Protocol. The network layer is where physical addresses (device address, logical network address, and the source address) are used in message routing. This address is attached to the packet (data) that will be sent. Next the packet will move into the data link layer which adds an additional physical address (device address) and attempts to locate the destination device. If the destination device is on a separate network the source device will locate the next physical address in the patch, which is a router. The router reviews the destination address at the network layer and eliminates the data link physical address, then notices that the next link in the network path is another router therefore, repackages the message at the data link layer and attaches its own physical address as the source address and the next routers address as the destination. The next router re-assembles that packet at the data link layer and sends it to the destination address where it reaches the physical layer. (Jois, S., 2013, January 21).
  • 5. Throughout this process the information must maintain confidentiality, integrity, and authentication. This is completed via avoiding a single point of failure, previously mentioned and protecting assets by dividing and conquering. This network utilizes physical securities to include: gates, security guards, and cameras, access cards to enter specific portions of the building, Uninterrupted Power Supplies (UPS), and servers with encryption certificates available. Additional security features include the use of Internet Protocol version 6 (IPv6) for applications that offers default encryption transmissions, the use of an encryption tunneling protocol, IPSec, security policies such as an access policy, accountability policy, authentication policy, private policy, computer-technology purchasing guideline policy, training policies and procedures. In addition to security procedures, operations, disaster recovery plan and a plan to maintain the security. (Oppenheimer, P., 2010, October 04). Conclusion In conclusion, materials discussed includethe design of a network with a corporate site that includes: servers, a 50 mbps connection to the Internet, and 300 employees that need access to corporate resources and the Internet. In addition, the design includes one remote site with 20 employees with a 3 mbps Internet access and require access to corporate resources and the Internet as well. A review of the physical layout of the design as well as how data flows throughout the network and ways to ensure the confidentiality, integrity, and authentication of information via physical security measures, utilizing cryptography, ensure network design, and implementing a policies and procedures to mitigate against threats. References E. (2011, February 17). Physical Network Segmentation. Retrieved May 04, 2014, from http://www.youtube.com/watch?v=cLNCYg5RorY
  • 6. Jois, S. (2013, January 21). How Data Flow Between Network.wmv. Retrieved May 4, 2014, from https://www.youtube.com/watch?v=SnFau2xFD4A Oppenheimer, P. (2010, October 04). Developing Network Security Strategies. Retrieved May 04, 2014, from http://www.ciscopress.com/articles/article.asp?p=1626588 Stawowski, M. (2009, October). The Principles of Network Security Design. Retrieved May 04, 2014, from http://www.clico.pl/services/Principles_Network_Security_Desi gn.pdf Stewart, J. M. (2011). Network Security, Firewalls, and VPNs . Sudbury, MA: JONES & BARTLETT LEARNING. Defense-in-Depth Design: Dept 1 Dept 2 Dept 3 Dept 4 Dept 5 Dept 6 Workstations (X45) Printer (x5) Workstations (X45) Printer (x5) Workstations
  • 9. Server DMZ Firewal Firewall IDS/IPS Corporate Site (Chicago) Remote Site (8 miles away) (50mbps) connection (3mbps) connection Router Router RouterRouter RouterRouter RouterRouter _1464589415.vsd � � � � � text � � Laptop � � � �