SlideShare a Scribd company logo

Brian cernypeer 3

Download as PPT, PDF
B
bricer1272

This document discusses the proposed merger and network integration of Blue Corp and Cern Corp. It outlines the current networks of each company and proposes integrating them into a single, secure network. The proposed network includes firewalls, NIPS sensors, and HIDS to protect servers. A DMZ would be created to buffer external users from the internal network. The document recommends Cisco ASA 5585-X firewalls and Sourcefire 8350 NIPS sensors to provide security for the integrated network based on their performance, capacity, and reviews. The goal is to securely merge the networks of the two companies during their merger.

1 of 23
NETWORK MERGER AND SECURITYBrian Cerny ECPI Cap480 Instructor: Heather Willis
OPENING • The orientation: the task of the mission is to merge and secure the networks in the presentation, This is important because companies merge all the time and they bring there networks along with them. Security is the most important thing for a network with out it you are vulnerable and susceptible to attacks. • Blue Corp. “We are driven by our vision and mission to transform the treatment of expensive epidemic diseases, including atrial fibrillation, heart failure, stroke, coronary artery disease, congenital heart defects, Parkinson’s disease and chronic pain”(St. Jude Medical, n.d.).Blue Corp “is uniquely positioned to achieve our goal by providing innovative solutions that reduce the economic burden of costly diseases on health care systems worldwide and provide improved outcomes for patients” (St. Jude Medical, n.d.) • Cerny Corp. “is a leading distributor of electrical stimulation and other orthopedic products used for pain management, orthopedic rehabilitation, physical therapy, fitness and sport performance enhancement. We are committed to delivering positive patient outcomes and providing leading- edge products specifically designed to meet the needs of the patient and medical professional.”(EMPI, n.d.)
GOAL: INTEGRATE AND SECURE THE NETWORK MERGER OF CERN CORP. AND BLUE CORP. •Cern Corp. is merging with Blue Corp. to fall in line and better the pain management program within Blue Corp. •There will be many task to be completed for the merger, there is not only the need to merge the networks together but a need to secure and protect the network from attackers, and unauthorized access to the intra networks. • There will be a creation of a DMZ( demilitarize zone) for email servers and such other services for clientele access. •The presentation will be showing how the networks are laid out, how they will be transformed, and our different options for the security devices.
NETWORK GUIDE • ISP( internet service provider): this is the company that links us to the internet. This will always be a cloud icon (Gibson, 2012, page 102); • End users: this will always be the representation of all of the computers that we have on our intra network; • Switch: This is the device that we connect all of the computers to get them connected to the internet, this allows for separation and multiple section to split up the departments (Gibson, 2012, page 62); • Router: this is the device that transfers the communication between all of the devices on the network ( it routes the traffics like on a highway) (Gibson, 2012, page 62); • Server: This is like a work station computer, but this is were we hold all of the records, this is a device that we have to protect the most because of the data we store. (Cerny, 2015)
SECURITY GIUDE • Firewall: “A firewall is a network security system, either hardware- or software- based, that controls incoming and outgoing network traffic based on a set of rules” (Rouse, n.d.).In other words it is a wall that has a guard who knows who is allowed in and who is not (Rouse, n.d.); • NIPS (network intrusion prevention system): NIPS is a detection system that “is focused on detecting attacks and modifying access control list”, it is a hardware detection system that can act upon the detection of someone attacking the system (Gibson, 2012, p. 226); • HIDS ( host based intrusion detection system): This is similar to the device above, the only difference is that it is software base system ( would be installed on PC or server), and that it can only monitor it cant act on an attack (Gibson, 2012, p. 226).
NETWORK MERGER We will look at the networks and see how I will merger them together
BLUE CORP. CURRENT NETWORK • multiple internal and external clients both propitiatory and public • There are many types of data and systems on this network • Right now, the only security that the network has is antivirus system and firewall that are installed on the network • There is no physical security on the network and the server and the network definitely need to be protected (Cerny, 2015)
CERN CORP. CURRENT NETWORK • The network is the same as Blue Corps. there is only basic security on the network and that leaves the system extremely vulnerable to attack and viruses • the network shares the same types of connections, the connections are at a smaller scale (Cerny, 2015)
PROPOSED INTEGRATED NETWORK • The network has strong security and is simple to manage • 5 hardware firewalls, three NIPS sensors, and have HIDS on the two servers • there will be an added server to the network to go into the DMZ • The DMZ acts like a buffer between users outside of the network, and for people that use our email service/ It helps protect the network from unwanted access (Gibson, 2012, page 81) • all of the workstations come with firewall and antivirus software, they will remain active • There will also be encryption used on all of the workstation data, servers, router and switches • The fallowing slides have each area separated, the DMZ, Blue Corp., and Cern Corp. DMZ Blue Corp. Cern Corp. (Cerny, 2015, Sanket, n.d,SecurEdge Networks, n.d.)
PROPOSED DMZ• we will have access for clients to our network email, website, and customer account area. • The DMZ is a protection zone to keep people out of our intra network. • This area is protected by two firewalls and a NIPS • For the DMZ to work with out buying another router for the company we would use one from the Blue Corp. network, The network will not be affected by the change (Gibson, 2012, page 81); • The NIPS is in a good place it will protect the firewall and be able to stop negative traffic before it hits the firewall (Cerny, 2015, Sanket, n.d,SecurEdge Networks, n.d.)
PROPOSED BLUE CORP. SECTION • two firewalls, NIPS and HIDS • A firewall controls the access to areas, this being said I have placed the firewall directly in front of the server. This is allow me to configure who is allowed to access it and who can not. (Rouse, n.d.) • The best place to put the NIPS is right in line with the first router connection. Again, this should be able to prevent an attack from going further in to the network • The HIDS is going to be installed on the server, the program will be able to notify in the event that it is being attacked. • The network also allows for trunking. trunking allows the network to keep the same number of mini networks but use less routers to perform the same task.
PROPOSED CERN CORP. SECTION • Cern Corp. Section is similar in fashion as Blue Corp. • This section will use all same means of protection.
EQUIPMENT This next section is the different type of equipment we should use
FIREWALL(PART 1) • CISCO ASA 5585-X • This was chosen by two different source as the best hardware firewall on the market, according to SC magazine, and Redmond magazine. (SC Magazine, n.d., Redmond Magazine, n.d.) • “The Cisco ASA 5585-X combines a proven firewall with the a comprehensive IPS and a high performance VPN. The ASA 5585-X hardware delivers 8X performance density of competitive firewalls by supporting the highest VPN session counts, twice as many connections per second, and 4X the connection capacity of competitive firewalls”(SC Magazine, n.d.) • This gives great control of your network, allows for high speed connection, and traffic in and out of the network. (TigerDirect Business, n.d.) (TigerDirect Business, n.d.) ( Sanket, n.d,)
FIREWALL(PART 2) • “It significantly reduces initial procurement costs by 80 percent, power consumption costs by 85 percent, and rack space requirements by 88 percent”(CISCO, n.d.) • this is a huge deal when it comes to making up the cost for the equipment because it takes less to run the system and takes up less space, also if I was to get certified in cisco equipment we would also be able to get the equipment at a lower cost from CISCO. • I am very comfortable and trust in the CISCO products, our routers are cisco as well they are the best in the business in my opinion. • The equipment is worth the cost, they run between $13000 and $200,000 That is a big range but the type for the integrated network is 40,565 at Tiger direct, Tiger direct is a company I have bought from before and trust there equipment sales. (TigerDirect Business, n.d.) (TigerDirect Business, n.d.) (TigerDirect Business, n.d.)
NIPS ( NETWORK INTRUSION PREVENTION SYSTEM) PART 1• According to SC magazine one of the top devices for security for network intrusion prevention system is the Sourcefire Next- Generation IPS (NGIPS) (SC Magazine, n.d.) • “FirePOWER received top ranking in NSS Labs’ 2012 Security Value Map for IPS and in NSS Labs’ 2013 Security Value Map for NGFW which measures security effectiveness and TCO”(Sourcefire, n.d.) • Sourcefire is a part of the Cisco corporation(Sourcefire, n.d.) • The device is call the firepower 8350, it is a part of the 8000 series(Sourcefire, n.d.) • The 7000 series would not be able to handle the amount of traffic or network protection(Sourcefire, n.d.) • “Sourcefire is a world leader in intelligent cybersecurity solutions. Our flagship family of intrusion detection and prevention systems (IDS/IPS) lies at the heart of our security solutions portfolio. We offer standalone Next-Generation IPS (NGIPS) solutions, the only Next-Generation Firewall solution with NGIPS built-in, as well as several complementary products to protect your network.” (Spiceworks, n.d.) (Cisco, n.d.) (Cisco, n.d.) (,SecurEdge Networks, n.d.)
NIPS ( NETWORK INTRUSION PREVENTION SYSTEM) PART 2• The 8350 Gives great security for the system, allows for up to 4 intrusion prevention connection to defend and protect the network(Ashlin technology solutions, n.d.). • The device comes with either a one year or a three year support, updates for current attack, and service for the equipment(Ashlin technology solutions, n.d.). • The best selection would be the whole system plus a 3 year service subscription for $124,684.69 through ashlin technology solutions (Ashlin technology solutions, n.d.). • Keep in mind that this allows for 4 different network connections to protect and the integrated network only calls for three, this allows us to expand (Cisco, n.d.) (Cisco, n.d.)
HIDS (HOST BASED INTRUSION DETECTION SYSTEM) • SC magazine covered only one software that is based for the computer as the top in its class "IBM Security Network IPS / Network Protection ” (SC Magazine, n.d.) • The product that would be used is there Security Server Protection, this will work perfectly for the servers keeping them protected. • “IBM® Security Server Protection offers multilayered protection against known and unknown threats. It protects servers running IBM AIX®, Linux, Solaris and Windows. IBM Security Server Protection enables compliance with host network security and system integrity monitoring and auditing capabilities” (IBM, n.d.) • It would protect the system from threats, be able to detect and report attacks on the system • The price is unknown at this time, There is still a wait on the quote request from IBM
CLOSING
FINAL THOUGHTS • I fully believe that this layout is the best protection we can use. It gives us control of everything in the network and protects our assets. There is still a chance that we could get attacked but we wont be breached with out a fight. • Since there was not budget given yet for this project I feel that even at the prices I have quoted we are still in a very good spot to add these new pieces of equipment. • I am sure with all of the medical records that we control, I think this system will be above the HIPA standards. We also can assure our customers that their information is protect and secure. • We also are giving ourselves a system that will give us more flexibility for what we can do with and for our customer in our DMZ area, while still protecting us • Thank you for your time during this PowerPoint, feel free to ask me any questions. • There was a lot that I cover in all of these slides, when you review this project please let me know if there is anything that I need to change or further explain to correct the errors.
REFERENCES • Ashlin technology solutions. (n.d.). Cisco FirePOWER 8350 Chassis 2U 7 Slots. Retrieved from https://www.ashlintech.com/a/Miscellaneous_Cisco_Systems_Inc_FP8350-K9_Cisco_FirePOWER_8350_Chass • Cerny, B.(2015) designed image through Cisco Packet Tracer • Cisco. (n.d.). Cisco FirePOWER 8000 Series Appliances Data Sheet - Cisco. Retrieved from http://www.cisco.com/c/en/us/products/collateral/security/firepower-8000-series-appliances/datasheet-c78 • CISCO.Retrieved from http://www.cisco.com/c/dam/en/us/products/security/firepower-8000-series-appliances/product-large.jpg • EMPI. (n.d.). Orthopedic Braces, Orthopedic Rehabilitation Braces | Empi | DJO Global. Retrieved from http://www.djoglobal.com/our-brands/empi • Gibson, D. (2012). SSCP systems security certified practitioner: Exam guide : all in one. New York: McGraw-Hill. • IBM. (n.d.). IBM Security Server Protection. Retrieved from http://www-03.ibm.com/software/products/en/server-protection
REFERENCES • Redmond Magazine. (n.d.). 2013 Reader's Choice Awards: Third-Party Products Shine -- Redmondmag.com. Retrieved from http://redmondmag.com/articles/2013/02/01/readers-choice-awards.aspx • Rouse, M. (n.d.). What is firewall? - Definition from WhatIs.com. Retrieved from http://searchsecurity.techtarget.com/definition/firewall • Sanket, J. (n.d.). Intrusion Detection and Prevention Systems| Information Security | Sanket R Jain. Retrieved from http://sanketrjain.com/intrusion-detection-and-prevention-systems/ • SecurEdge Networks. (n.d.). SecurEdge Networks | What is a Next Generation Firewall? Retrieved from http://www.securedgenetworks.com/security-blog/What-is-a-Next-Generation-Firewall • SC Magazine. (n.d.). 2013 SC Awards US Finalists: Round Four - SC Magazine. Retrieved from http://www.scmagazine.com/2013-sc-awards-us-finalists-round-four/article/270296/ • SC Magazine. (n.d.). Best Enterprise Firewall - SC Magazine. Retrieved from http://www.scmagazine.com/best-enterprise-firewall/article/196005/ • Sourcefire. (n.d.). Next Gen Network Security | Sourcefire. Retrieved from http://www.sourcefire.com/products/firepower-appliances
REFERENCES • Spiceworks. (n.d.). SourceFire Network Security Reviews, Price Quotes, Problems, Support | Reviews | Spiceworks. Retrieved from http://community.spiceworks.com/product/50908-sourcefire- network-security • St. Jude Medical. (n.d.). Vision and Mission | St. Jude Medical. Retrieved from http://www.sjm.com/corporate/about-us/mission • TigerDirect Business. (n.d.). Enterprise Networking | Enterprise Networking Firewalls | Cisco ASA 5585-X Firewall Appliance | YYT1-10116238 - TigerDirect Business. Retrieved from http://biz.tigerdirect.com/p/networking-products/enterprise_networking/firewalls/cisco-asa-5585- x-firewall-appliance

Recommended

Hope Is Not A Strategy - Ivor Sequiera, Neustar
Hope Is Not A Strategy - Ivor Sequiera, NeustarHope Is Not A Strategy - Ivor Sequiera, Neustar
Hope Is Not A Strategy - Ivor Sequiera, Neustar
ResellerClub
 
SD ADN.v.1.02
SD ADN.v.1.02SD ADN.v.1.02
SD ADN.v.1.02
Nimit Shishodia
 
Beyond BYOD
Beyond BYODBeyond BYOD
Beyond BYOD
Cisco Mobility
 
Beyond BYOD: Uncompromised Experience for Any Workspace
Beyond BYOD: Uncompromised Experience for Any WorkspaceBeyond BYOD: Uncompromised Experience for Any Workspace
Beyond BYOD: Uncompromised Experience for Any WorkspaceCisco Mobility
 
iPads on Your Network? Real, Secure Mobile Solutions
iPads on Your Network? Real, Secure Mobile SolutionsiPads on Your Network? Real, Secure Mobile Solutions
iPads on Your Network? Real, Secure Mobile SolutionsCisco Mobility
 
GR - Security Economics in IoT 150817- Rel.1
GR - Security Economics in IoT 150817- Rel.1GR - Security Economics in IoT 150817- Rel.1
GR - Security Economics in IoT 150817- Rel.1Clay Melugin
 
Dwa 182 c1-manual_v3.11(di)
Dwa 182 c1-manual_v3.11(di)Dwa 182 c1-manual_v3.11(di)
Dwa 182 c1-manual_v3.11(di)
Alexandre Marques
 
Guide Report - Wireless Fundementals v1.0 150114
Guide Report - Wireless Fundementals v1.0 150114Guide Report - Wireless Fundementals v1.0 150114
Guide Report - Wireless Fundementals v1.0 150114Clay Melugin
 

Recommended

Hope Is Not A Strategy - Ivor Sequiera, Neustar
Hope Is Not A Strategy - Ivor Sequiera, NeustarHope Is Not A Strategy - Ivor Sequiera, Neustar
Hope Is Not A Strategy - Ivor Sequiera, Neustar
ResellerClub
 
SD ADN.v.1.02
SD ADN.v.1.02SD ADN.v.1.02
SD ADN.v.1.02
Nimit Shishodia
 
Beyond BYOD
Beyond BYODBeyond BYOD
Beyond BYOD
Cisco Mobility
 
Beyond BYOD: Uncompromised Experience for Any Workspace
Beyond BYOD: Uncompromised Experience for Any WorkspaceBeyond BYOD: Uncompromised Experience for Any Workspace
Beyond BYOD: Uncompromised Experience for Any WorkspaceCisco Mobility
 
iPads on Your Network? Real, Secure Mobile Solutions
iPads on Your Network? Real, Secure Mobile SolutionsiPads on Your Network? Real, Secure Mobile Solutions
iPads on Your Network? Real, Secure Mobile SolutionsCisco Mobility
 
GR - Security Economics in IoT 150817- Rel.1
GR - Security Economics in IoT 150817- Rel.1GR - Security Economics in IoT 150817- Rel.1
GR - Security Economics in IoT 150817- Rel.1Clay Melugin
 
Dwa 182 c1-manual_v3.11(di)
Dwa 182 c1-manual_v3.11(di)Dwa 182 c1-manual_v3.11(di)
Dwa 182 c1-manual_v3.11(di)
Alexandre Marques
 
Guide Report - Wireless Fundementals v1.0 150114
Guide Report - Wireless Fundementals v1.0 150114Guide Report - Wireless Fundementals v1.0 150114
Guide Report - Wireless Fundementals v1.0 150114Clay Melugin
 
St. Vincents Private Hospital Physical Security
St. Vincents Private Hospital Physical SecuritySt. Vincents Private Hospital Physical Security
St. Vincents Private Hospital Physical Securitynmullen
 
DreamHack
DreamHack DreamHack
DreamHack
Cisco Case Studies
 
How secure are your IT systems? (Darrell Burkey, CASE)
How secure are your IT systems? (Darrell Burkey, CASE)How secure are your IT systems? (Darrell Burkey, CASE)
How secure are your IT systems? (Darrell Burkey, CASE)
makinglinks
 
What we do at Abacus
What we do at AbacusWhat we do at Abacus
What we do at AbacusNovember014
 
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
Real-Time Innovations (RTI)
 
The Network Enabled EOC
The Network Enabled EOCThe Network Enabled EOC
The Network Enabled EOC
Cisco Crisis Response
 
ITE v5.0 - Chapter 2
ITE v5.0 - Chapter 2ITE v5.0 - Chapter 2
ITE v5.0 - Chapter 2
Irsandi Hasan
 
IT Guide for Mobility: Making the case for Security leaders
IT Guide for Mobility: Making the case for Security leadersIT Guide for Mobility: Making the case for Security leaders
IT Guide for Mobility: Making the case for Security leaders
Cisco Mobility
 
(ATS4-GS03) Partner Session - Intel Balanced Cloud Solutions for the Healthca...
(ATS4-GS03) Partner Session - Intel Balanced Cloud Solutions for the Healthca...(ATS4-GS03) Partner Session - Intel Balanced Cloud Solutions for the Healthca...
(ATS4-GS03) Partner Session - Intel Balanced Cloud Solutions for the Healthca...
BIOVIA
 
CenturyLink Network
CenturyLink NetworkCenturyLink Network
CenturyLink Network
Jake Weaver
 
Catalogo Allied Telesis
Catalogo Allied TelesisCatalogo Allied Telesis
Catalogo Allied Telesis
Spark Controles
 
Collaborative Contingency in the Cloud
Collaborative Contingency in the CloudCollaborative Contingency in the Cloud
Collaborative Contingency in the Cloud
Glen Roberts, CISSP
 
SDN Application Delivery
SDN Application DeliverySDN Application Delivery
SDN Application DeliveryNimit Shishodia
 
Sfa community of practice a natural way of building
Sfa community of practice a natural way of buildingSfa community of practice a natural way of building
Sfa community of practice a natural way of building
Charles "Chuck" Speicher Jr.
 
The Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
The Inside Story: How OPC UA and DDS Can Work Together in Industrial SystemsThe Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
The Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
Real-Time Innovations (RTI)
 
Zenith Infotech Mirror Cloud Presentation. 112211
Zenith Infotech Mirror Cloud Presentation. 112211Zenith Infotech Mirror Cloud Presentation. 112211
Zenith Infotech Mirror Cloud Presentation. 112211
hdmchughgmailcom
 
Evolve_positioning_ss_v.1.03
Evolve_positioning_ss_v.1.03Evolve_positioning_ss_v.1.03
Evolve_positioning_ss_v.1.03
Nimit Shishodia
 
Document Security
Document SecurityDocument Security
Document Security
JohnTileyITQ
 
WICSA 2012 tutorial
WICSA 2012 tutorialWICSA 2012 tutorial
WICSA 2012 tutorial
Len Bass
 
Clavister Csp Sit Group
Clavister Csp Sit GroupClavister Csp Sit Group
Clavister Csp Sit Group
twproject
 
Fog computing
Fog computingFog computing
Fog computing
Ankit_ap
 
Anti Hack Solution
Anti Hack Solution Anti Hack Solution
Anti Hack Solution
Naved Ahmed
 

More Related Content

What's hot

St. Vincents Private Hospital Physical Security
St. Vincents Private Hospital Physical SecuritySt. Vincents Private Hospital Physical Security
St. Vincents Private Hospital Physical Securitynmullen
 
DreamHack
DreamHack DreamHack
DreamHack
Cisco Case Studies
 
How secure are your IT systems? (Darrell Burkey, CASE)
How secure are your IT systems? (Darrell Burkey, CASE)How secure are your IT systems? (Darrell Burkey, CASE)
How secure are your IT systems? (Darrell Burkey, CASE)
makinglinks
 
What we do at Abacus
What we do at AbacusWhat we do at Abacus
What we do at AbacusNovember014
 
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
Real-Time Innovations (RTI)
 
The Network Enabled EOC
The Network Enabled EOCThe Network Enabled EOC
The Network Enabled EOC
Cisco Crisis Response
 
ITE v5.0 - Chapter 2
ITE v5.0 - Chapter 2ITE v5.0 - Chapter 2
ITE v5.0 - Chapter 2
Irsandi Hasan
 
IT Guide for Mobility: Making the case for Security leaders
IT Guide for Mobility: Making the case for Security leadersIT Guide for Mobility: Making the case for Security leaders
IT Guide for Mobility: Making the case for Security leaders
Cisco Mobility
 
(ATS4-GS03) Partner Session - Intel Balanced Cloud Solutions for the Healthca...
(ATS4-GS03) Partner Session - Intel Balanced Cloud Solutions for the Healthca...(ATS4-GS03) Partner Session - Intel Balanced Cloud Solutions for the Healthca...
(ATS4-GS03) Partner Session - Intel Balanced Cloud Solutions for the Healthca...
BIOVIA
 
CenturyLink Network
CenturyLink NetworkCenturyLink Network
CenturyLink Network
Jake Weaver
 
Catalogo Allied Telesis
Catalogo Allied TelesisCatalogo Allied Telesis
Catalogo Allied Telesis
Spark Controles
 
Collaborative Contingency in the Cloud
Collaborative Contingency in the CloudCollaborative Contingency in the Cloud
Collaborative Contingency in the Cloud
Glen Roberts, CISSP
 
SDN Application Delivery
SDN Application DeliverySDN Application Delivery
SDN Application DeliveryNimit Shishodia
 
Sfa community of practice a natural way of building
Sfa community of practice a natural way of buildingSfa community of practice a natural way of building
Sfa community of practice a natural way of building
Charles "Chuck" Speicher Jr.
 
The Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
The Inside Story: How OPC UA and DDS Can Work Together in Industrial SystemsThe Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
The Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
Real-Time Innovations (RTI)
 
Zenith Infotech Mirror Cloud Presentation. 112211
Zenith Infotech Mirror Cloud Presentation. 112211Zenith Infotech Mirror Cloud Presentation. 112211
Zenith Infotech Mirror Cloud Presentation. 112211
hdmchughgmailcom
 
Evolve_positioning_ss_v.1.03
Evolve_positioning_ss_v.1.03Evolve_positioning_ss_v.1.03
Evolve_positioning_ss_v.1.03
Nimit Shishodia
 
Document Security
Document SecurityDocument Security
Document Security
JohnTileyITQ
 
WICSA 2012 tutorial
WICSA 2012 tutorialWICSA 2012 tutorial
WICSA 2012 tutorial
Len Bass
 
Clavister Csp Sit Group
Clavister Csp Sit GroupClavister Csp Sit Group
Clavister Csp Sit Group
twproject
 

What's hot (20)

St. Vincents Private Hospital Physical Security
St. Vincents Private Hospital Physical SecuritySt. Vincents Private Hospital Physical Security
St. Vincents Private Hospital Physical Security
 
DreamHack
DreamHack DreamHack
DreamHack
 
How secure are your IT systems? (Darrell Burkey, CASE)
How secure are your IT systems? (Darrell Burkey, CASE)How secure are your IT systems? (Darrell Burkey, CASE)
How secure are your IT systems? (Darrell Burkey, CASE)
 
What we do at Abacus
What we do at AbacusWhat we do at Abacus
What we do at Abacus
 
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
Upgrade Your System’s Security - Making the Jump from Connext DDS Professiona...
 
The Network Enabled EOC
The Network Enabled EOCThe Network Enabled EOC
The Network Enabled EOC
 
ITE v5.0 - Chapter 2
ITE v5.0 - Chapter 2ITE v5.0 - Chapter 2
ITE v5.0 - Chapter 2
 
IT Guide for Mobility: Making the case for Security leaders
IT Guide for Mobility: Making the case for Security leadersIT Guide for Mobility: Making the case for Security leaders
IT Guide for Mobility: Making the case for Security leaders
 
(ATS4-GS03) Partner Session - Intel Balanced Cloud Solutions for the Healthca...
(ATS4-GS03) Partner Session - Intel Balanced Cloud Solutions for the Healthca...(ATS4-GS03) Partner Session - Intel Balanced Cloud Solutions for the Healthca...
(ATS4-GS03) Partner Session - Intel Balanced Cloud Solutions for the Healthca...
 
CenturyLink Network
CenturyLink NetworkCenturyLink Network
CenturyLink Network
 
Catalogo Allied Telesis
Catalogo Allied TelesisCatalogo Allied Telesis
Catalogo Allied Telesis
 
Collaborative Contingency in the Cloud
Collaborative Contingency in the CloudCollaborative Contingency in the Cloud
Collaborative Contingency in the Cloud
 
SDN Application Delivery
SDN Application DeliverySDN Application Delivery
SDN Application Delivery
 
Sfa community of practice a natural way of building
Sfa community of practice a natural way of buildingSfa community of practice a natural way of building
Sfa community of practice a natural way of building
 
The Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
The Inside Story: How OPC UA and DDS Can Work Together in Industrial SystemsThe Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
The Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
 
Zenith Infotech Mirror Cloud Presentation. 112211
Zenith Infotech Mirror Cloud Presentation. 112211Zenith Infotech Mirror Cloud Presentation. 112211
Zenith Infotech Mirror Cloud Presentation. 112211
 
Evolve_positioning_ss_v.1.03
Evolve_positioning_ss_v.1.03Evolve_positioning_ss_v.1.03
Evolve_positioning_ss_v.1.03
 
Document Security
Document SecurityDocument Security
Document Security
 
WICSA 2012 tutorial
WICSA 2012 tutorialWICSA 2012 tutorial
WICSA 2012 tutorial
 
Clavister Csp Sit Group
Clavister Csp Sit GroupClavister Csp Sit Group
Clavister Csp Sit Group
 

Similar to Brian cernypeer 3

Fog computing
Fog computingFog computing
Fog computing
Ankit_ap
 
Anti Hack Solution
Anti Hack Solution Anti Hack Solution
Anti Hack Solution
Naved Ahmed
 
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Zscaler
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
CloudExpoEurope
 
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsUsing NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
Emulex Corporation
 
Presentation1 shweta
Presentation1 shweta Presentation1 shweta
Presentation1 shweta
swet4
 
Protecting the movable Endeavor with Network-Based validation and Virtual Com...
Protecting the movable Endeavor with Network-Based validation and Virtual Com...Protecting the movable Endeavor with Network-Based validation and Virtual Com...
Protecting the movable Endeavor with Network-Based validation and Virtual Com...
IOSR Journals
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourley
GovCloud Network
 
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
Savvius, Inc
 
deceptionGUARD by GrayMatter
deceptionGUARD by GrayMatterdeceptionGUARD by GrayMatter
deceptionGUARD by GrayMatter
GrayMatter
 
Private sector cyber resilience and the role of data diodes
Private sector cyber resilience and the role of data diodesPrivate sector cyber resilience and the role of data diodes
Private sector cyber resilience and the role of data diodes
Ollie Whitehouse
 
Execution Analysis of Different Cryptographic Encryption Algorithms on Differ...
Execution Analysis of Different Cryptographic Encryption Algorithms on Differ...Execution Analysis of Different Cryptographic Encryption Algorithms on Differ...
Execution Analysis of Different Cryptographic Encryption Algorithms on Differ...
IRJET Journal
 
Nas nie zaatakują!
Nas nie zaatakują!Nas nie zaatakują!
Nas nie zaatakują!
Biznes to Rozmowy
 
Cloud security
Cloud securityCloud security
Cloud security
Niharika Varshney
 
Beachbody, LLC
Beachbody, LLCBeachbody, LLC
Beachbody, LLC
Cisco Case Studies
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
Waqas Ahmed Nawaz
 
ICRTITCS-2012 Conference Publication
ICRTITCS-2012 Conference PublicationICRTITCS-2012 Conference Publication
ICRTITCS-2012 Conference Publication
Tejaswi Agarwal
 
DDoS Mitigator. Personal control panel for each hosting clients.
DDoS Mitigator. Personal control panel for each hosting clients.DDoS Mitigator. Personal control panel for each hosting clients.
DDoS Mitigator. Personal control panel for each hosting clients.
Глеб Хохлов
 
Conférence ARBOR ACSS 2018
Conférence ARBOR ACSS 2018Conférence ARBOR ACSS 2018
Conférence ARBOR ACSS 2018
African Cyber Security Summit
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa Presentation
Scalar Decisions
 

Similar to Brian cernypeer 3 (20)

Fog computing
Fog computingFog computing
Fog computing
 
Anti Hack Solution
Anti Hack Solution Anti Hack Solution
Anti Hack Solution
 
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsUsing NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
 
Presentation1 shweta
Presentation1 shweta Presentation1 shweta
Presentation1 shweta
 
Protecting the movable Endeavor with Network-Based validation and Virtual Com...
Protecting the movable Endeavor with Network-Based validation and Virtual Com...Protecting the movable Endeavor with Network-Based validation and Virtual Com...
Protecting the movable Endeavor with Network-Based validation and Virtual Com...
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourley
 
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
 
deceptionGUARD by GrayMatter
deceptionGUARD by GrayMatterdeceptionGUARD by GrayMatter
deceptionGUARD by GrayMatter
 
Private sector cyber resilience and the role of data diodes
Private sector cyber resilience and the role of data diodesPrivate sector cyber resilience and the role of data diodes
Private sector cyber resilience and the role of data diodes
 
Execution Analysis of Different Cryptographic Encryption Algorithms on Differ...
Execution Analysis of Different Cryptographic Encryption Algorithms on Differ...Execution Analysis of Different Cryptographic Encryption Algorithms on Differ...
Execution Analysis of Different Cryptographic Encryption Algorithms on Differ...
 
Nas nie zaatakują!
Nas nie zaatakują!Nas nie zaatakują!
Nas nie zaatakują!
 
Cloud security
Cloud securityCloud security
Cloud security
 
Beachbody, LLC
Beachbody, LLCBeachbody, LLC
Beachbody, LLC
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
 
ICRTITCS-2012 Conference Publication
ICRTITCS-2012 Conference PublicationICRTITCS-2012 Conference Publication
ICRTITCS-2012 Conference Publication
 
DDoS Mitigator. Personal control panel for each hosting clients.
DDoS Mitigator. Personal control panel for each hosting clients.DDoS Mitigator. Personal control panel for each hosting clients.
DDoS Mitigator. Personal control panel for each hosting clients.
 
Conférence ARBOR ACSS 2018
Conférence ARBOR ACSS 2018Conférence ARBOR ACSS 2018
Conférence ARBOR ACSS 2018
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa Presentation
 

Recently uploaded

Obesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditionsObesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditions
Faculty of Medicine And Health Sciences
 
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
OECD Directorate for Financial and Enterprise Affairs
 
0x01 - Newton's Third Law: Static vs. Dynamic Abusers
0x01 - Newton's Third Law: Static vs. Dynamic Abusers0x01 - Newton's Third Law: Static vs. Dynamic Abusers
0x01 - Newton's Third Law: Static vs. Dynamic Abusers
OWASP Beja
 
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Sebastiano Panichella
 
Acorn Recovery: Restore IT infra within minutes
Acorn Recovery: Restore IT infra within minutesAcorn Recovery: Restore IT infra within minutes
Acorn Recovery: Restore IT infra within minutes
IP ServerOne
 
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdfBonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
khadija278284
 
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Orkestra
 
International Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software TestingInternational Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software Testing
Sebastiano Panichella
 
Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...
Sebastiano Panichella
 
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXOBitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Matjaž Lipuš
 
Eureka, I found it! - Special Libraries Association 2021 Presentation
Eureka, I found it! - Special Libraries Association 2021 PresentationEureka, I found it! - Special Libraries Association 2021 Presentation
Eureka, I found it! - Special Libraries Association 2021 Presentation
Access Innovations, Inc.
 
Getting started with Amazon Bedrock Studio and Control Tower
Getting started with Amazon Bedrock Studio and Control TowerGetting started with Amazon Bedrock Studio and Control Tower
Getting started with Amazon Bedrock Studio and Control Tower
Vladimir Samoylov
 
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptxsomanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
Howard Spence
 

Recently uploaded (13)

Obesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditionsObesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditions
 
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
 
0x01 - Newton's Third Law: Static vs. Dynamic Abusers
0x01 - Newton's Third Law: Static vs. Dynamic Abusers0x01 - Newton's Third Law: Static vs. Dynamic Abusers
0x01 - Newton's Third Law: Static vs. Dynamic Abusers
 
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
 
Acorn Recovery: Restore IT infra within minutes
Acorn Recovery: Restore IT infra within minutesAcorn Recovery: Restore IT infra within minutes
Acorn Recovery: Restore IT infra within minutes
 
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdfBonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
 
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
 
International Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software TestingInternational Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software Testing
 
Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...
 
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXOBitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXO
 
Eureka, I found it! - Special Libraries Association 2021 Presentation
Eureka, I found it! - Special Libraries Association 2021 PresentationEureka, I found it! - Special Libraries Association 2021 Presentation
Eureka, I found it! - Special Libraries Association 2021 Presentation
 
Getting started with Amazon Bedrock Studio and Control Tower
Getting started with Amazon Bedrock Studio and Control TowerGetting started with Amazon Bedrock Studio and Control Tower
Getting started with Amazon Bedrock Studio and Control Tower
 
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptxsomanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
 

Brian cernypeer 3

  • 1. NETWORK MERGER AND SECURITYBrian Cerny ECPI Cap480 Instructor: Heather Willis
  • 2. OPENING • The orientation: the task of the mission is to merge and secure the networks in the presentation, This is important because companies merge all the time and they bring there networks along with them. Security is the most important thing for a network with out it you are vulnerable and susceptible to attacks. • Blue Corp. “We are driven by our vision and mission to transform the treatment of expensive epidemic diseases, including atrial fibrillation, heart failure, stroke, coronary artery disease, congenital heart defects, Parkinson’s disease and chronic pain”(St. Jude Medical, n.d.).Blue Corp “is uniquely positioned to achieve our goal by providing innovative solutions that reduce the economic burden of costly diseases on health care systems worldwide and provide improved outcomes for patients” (St. Jude Medical, n.d.) • Cerny Corp. “is a leading distributor of electrical stimulation and other orthopedic products used for pain management, orthopedic rehabilitation, physical therapy, fitness and sport performance enhancement. We are committed to delivering positive patient outcomes and providing leading- edge products specifically designed to meet the needs of the patient and medical professional.”(EMPI, n.d.)
  • 3. GOAL: INTEGRATE AND SECURE THE NETWORK MERGER OF CERN CORP. AND BLUE CORP. •Cern Corp. is merging with Blue Corp. to fall in line and better the pain management program within Blue Corp. •There will be many task to be completed for the merger, there is not only the need to merge the networks together but a need to secure and protect the network from attackers, and unauthorized access to the intra networks. • There will be a creation of a DMZ( demilitarize zone) for email servers and such other services for clientele access. •The presentation will be showing how the networks are laid out, how they will be transformed, and our different options for the security devices.
  • 4. NETWORK GUIDE • ISP( internet service provider): this is the company that links us to the internet. This will always be a cloud icon (Gibson, 2012, page 102); • End users: this will always be the representation of all of the computers that we have on our intra network; • Switch: This is the device that we connect all of the computers to get them connected to the internet, this allows for separation and multiple section to split up the departments (Gibson, 2012, page 62); • Router: this is the device that transfers the communication between all of the devices on the network ( it routes the traffics like on a highway) (Gibson, 2012, page 62); • Server: This is like a work station computer, but this is were we hold all of the records, this is a device that we have to protect the most because of the data we store. (Cerny, 2015)
  • 5. SECURITY GIUDE • Firewall: “A firewall is a network security system, either hardware- or software- based, that controls incoming and outgoing network traffic based on a set of rules” (Rouse, n.d.).In other words it is a wall that has a guard who knows who is allowed in and who is not (Rouse, n.d.); • NIPS (network intrusion prevention system): NIPS is a detection system that “is focused on detecting attacks and modifying access control list”, it is a hardware detection system that can act upon the detection of someone attacking the system (Gibson, 2012, p. 226); • HIDS ( host based intrusion detection system): This is similar to the device above, the only difference is that it is software base system ( would be installed on PC or server), and that it can only monitor it cant act on an attack (Gibson, 2012, p. 226).
  • 6. NETWORK MERGER We will look at the networks and see how I will merger them together
  • 7. BLUE CORP. CURRENT NETWORK • multiple internal and external clients both propitiatory and public • There are many types of data and systems on this network • Right now, the only security that the network has is antivirus system and firewall that are installed on the network • There is no physical security on the network and the server and the network definitely need to be protected (Cerny, 2015)
  • 8. CERN CORP. CURRENT NETWORK • The network is the same as Blue Corps. there is only basic security on the network and that leaves the system extremely vulnerable to attack and viruses • the network shares the same types of connections, the connections are at a smaller scale (Cerny, 2015)
  • 9. PROPOSED INTEGRATED NETWORK • The network has strong security and is simple to manage • 5 hardware firewalls, three NIPS sensors, and have HIDS on the two servers • there will be an added server to the network to go into the DMZ • The DMZ acts like a buffer between users outside of the network, and for people that use our email service/ It helps protect the network from unwanted access (Gibson, 2012, page 81) • all of the workstations come with firewall and antivirus software, they will remain active • There will also be encryption used on all of the workstation data, servers, router and switches • The fallowing slides have each area separated, the DMZ, Blue Corp., and Cern Corp. DMZ Blue Corp. Cern Corp. (Cerny, 2015, Sanket, n.d,SecurEdge Networks, n.d.)
  • 10. PROPOSED DMZ• we will have access for clients to our network email, website, and customer account area. • The DMZ is a protection zone to keep people out of our intra network. • This area is protected by two firewalls and a NIPS • For the DMZ to work with out buying another router for the company we would use one from the Blue Corp. network, The network will not be affected by the change (Gibson, 2012, page 81); • The NIPS is in a good place it will protect the firewall and be able to stop negative traffic before it hits the firewall (Cerny, 2015, Sanket, n.d,SecurEdge Networks, n.d.)
  • 11. PROPOSED BLUE CORP. SECTION • two firewalls, NIPS and HIDS • A firewall controls the access to areas, this being said I have placed the firewall directly in front of the server. This is allow me to configure who is allowed to access it and who can not. (Rouse, n.d.) • The best place to put the NIPS is right in line with the first router connection. Again, this should be able to prevent an attack from going further in to the network • The HIDS is going to be installed on the server, the program will be able to notify in the event that it is being attacked. • The network also allows for trunking. trunking allows the network to keep the same number of mini networks but use less routers to perform the same task.
  • 12. PROPOSED CERN CORP. SECTION • Cern Corp. Section is similar in fashion as Blue Corp. • This section will use all same means of protection.
  • 13. EQUIPMENT This next section is the different type of equipment we should use
  • 14. FIREWALL(PART 1) • CISCO ASA 5585-X • This was chosen by two different source as the best hardware firewall on the market, according to SC magazine, and Redmond magazine. (SC Magazine, n.d., Redmond Magazine, n.d.) • “The Cisco ASA 5585-X combines a proven firewall with the a comprehensive IPS and a high performance VPN. The ASA 5585-X hardware delivers 8X performance density of competitive firewalls by supporting the highest VPN session counts, twice as many connections per second, and 4X the connection capacity of competitive firewalls”(SC Magazine, n.d.) • This gives great control of your network, allows for high speed connection, and traffic in and out of the network. (TigerDirect Business, n.d.) (TigerDirect Business, n.d.) ( Sanket, n.d,)
  • 15. FIREWALL(PART 2) • “It significantly reduces initial procurement costs by 80 percent, power consumption costs by 85 percent, and rack space requirements by 88 percent”(CISCO, n.d.) • this is a huge deal when it comes to making up the cost for the equipment because it takes less to run the system and takes up less space, also if I was to get certified in cisco equipment we would also be able to get the equipment at a lower cost from CISCO. • I am very comfortable and trust in the CISCO products, our routers are cisco as well they are the best in the business in my opinion. • The equipment is worth the cost, they run between $13000 and $200,000 That is a big range but the type for the integrated network is 40,565 at Tiger direct, Tiger direct is a company I have bought from before and trust there equipment sales. (TigerDirect Business, n.d.) (TigerDirect Business, n.d.) (TigerDirect Business, n.d.)
  • 16. NIPS ( NETWORK INTRUSION PREVENTION SYSTEM) PART 1• According to SC magazine one of the top devices for security for network intrusion prevention system is the Sourcefire Next- Generation IPS (NGIPS) (SC Magazine, n.d.) • “FirePOWER received top ranking in NSS Labs’ 2012 Security Value Map for IPS and in NSS Labs’ 2013 Security Value Map for NGFW which measures security effectiveness and TCO”(Sourcefire, n.d.) • Sourcefire is a part of the Cisco corporation(Sourcefire, n.d.) • The device is call the firepower 8350, it is a part of the 8000 series(Sourcefire, n.d.) • The 7000 series would not be able to handle the amount of traffic or network protection(Sourcefire, n.d.) • “Sourcefire is a world leader in intelligent cybersecurity solutions. Our flagship family of intrusion detection and prevention systems (IDS/IPS) lies at the heart of our security solutions portfolio. We offer standalone Next-Generation IPS (NGIPS) solutions, the only Next-Generation Firewall solution with NGIPS built-in, as well as several complementary products to protect your network.” (Spiceworks, n.d.) (Cisco, n.d.) (Cisco, n.d.) (,SecurEdge Networks, n.d.)
  • 17. NIPS ( NETWORK INTRUSION PREVENTION SYSTEM) PART 2• The 8350 Gives great security for the system, allows for up to 4 intrusion prevention connection to defend and protect the network(Ashlin technology solutions, n.d.). • The device comes with either a one year or a three year support, updates for current attack, and service for the equipment(Ashlin technology solutions, n.d.). • The best selection would be the whole system plus a 3 year service subscription for $124,684.69 through ashlin technology solutions (Ashlin technology solutions, n.d.). • Keep in mind that this allows for 4 different network connections to protect and the integrated network only calls for three, this allows us to expand (Cisco, n.d.) (Cisco, n.d.)
  • 18. HIDS (HOST BASED INTRUSION DETECTION SYSTEM) • SC magazine covered only one software that is based for the computer as the top in its class "IBM Security Network IPS / Network Protection ” (SC Magazine, n.d.) • The product that would be used is there Security Server Protection, this will work perfectly for the servers keeping them protected. • “IBM® Security Server Protection offers multilayered protection against known and unknown threats. It protects servers running IBM AIX®, Linux, Solaris and Windows. IBM Security Server Protection enables compliance with host network security and system integrity monitoring and auditing capabilities” (IBM, n.d.) • It would protect the system from threats, be able to detect and report attacks on the system • The price is unknown at this time, There is still a wait on the quote request from IBM
  • 20. FINAL THOUGHTS • I fully believe that this layout is the best protection we can use. It gives us control of everything in the network and protects our assets. There is still a chance that we could get attacked but we wont be breached with out a fight. • Since there was not budget given yet for this project I feel that even at the prices I have quoted we are still in a very good spot to add these new pieces of equipment. • I am sure with all of the medical records that we control, I think this system will be above the HIPA standards. We also can assure our customers that their information is protect and secure. • We also are giving ourselves a system that will give us more flexibility for what we can do with and for our customer in our DMZ area, while still protecting us • Thank you for your time during this PowerPoint, feel free to ask me any questions. • There was a lot that I cover in all of these slides, when you review this project please let me know if there is anything that I need to change or further explain to correct the errors.
  • 21. REFERENCES • Ashlin technology solutions. (n.d.). Cisco FirePOWER 8350 Chassis 2U 7 Slots. Retrieved from https://www.ashlintech.com/a/Miscellaneous_Cisco_Systems_Inc_FP8350-K9_Cisco_FirePOWER_8350_Chass • Cerny, B.(2015) designed image through Cisco Packet Tracer • Cisco. (n.d.). Cisco FirePOWER 8000 Series Appliances Data Sheet - Cisco. Retrieved from http://www.cisco.com/c/en/us/products/collateral/security/firepower-8000-series-appliances/datasheet-c78 • CISCO.Retrieved from http://www.cisco.com/c/dam/en/us/products/security/firepower-8000-series-appliances/product-large.jpg • EMPI. (n.d.). Orthopedic Braces, Orthopedic Rehabilitation Braces | Empi | DJO Global. Retrieved from http://www.djoglobal.com/our-brands/empi • Gibson, D. (2012). SSCP systems security certified practitioner: Exam guide : all in one. New York: McGraw-Hill. • IBM. (n.d.). IBM Security Server Protection. Retrieved from http://www-03.ibm.com/software/products/en/server-protection
  • 22. REFERENCES • Redmond Magazine. (n.d.). 2013 Reader's Choice Awards: Third-Party Products Shine -- Redmondmag.com. Retrieved from http://redmondmag.com/articles/2013/02/01/readers-choice-awards.aspx • Rouse, M. (n.d.). What is firewall? - Definition from WhatIs.com. Retrieved from http://searchsecurity.techtarget.com/definition/firewall • Sanket, J. (n.d.). Intrusion Detection and Prevention Systems| Information Security | Sanket R Jain. Retrieved from http://sanketrjain.com/intrusion-detection-and-prevention-systems/ • SecurEdge Networks. (n.d.). SecurEdge Networks | What is a Next Generation Firewall? Retrieved from http://www.securedgenetworks.com/security-blog/What-is-a-Next-Generation-Firewall • SC Magazine. (n.d.). 2013 SC Awards US Finalists: Round Four - SC Magazine. Retrieved from http://www.scmagazine.com/2013-sc-awards-us-finalists-round-four/article/270296/ • SC Magazine. (n.d.). Best Enterprise Firewall - SC Magazine. Retrieved from http://www.scmagazine.com/best-enterprise-firewall/article/196005/ • Sourcefire. (n.d.). Next Gen Network Security | Sourcefire. Retrieved from http://www.sourcefire.com/products/firepower-appliances
  • 23. REFERENCES • Spiceworks. (n.d.). SourceFire Network Security Reviews, Price Quotes, Problems, Support | Reviews | Spiceworks. Retrieved from http://community.spiceworks.com/product/50908-sourcefire- network-security • St. Jude Medical. (n.d.). Vision and Mission | St. Jude Medical. Retrieved from http://www.sjm.com/corporate/about-us/mission • TigerDirect Business. (n.d.). Enterprise Networking | Enterprise Networking Firewalls | Cisco ASA 5585-X Firewall Appliance | YYT1-10116238 - TigerDirect Business. Retrieved from http://biz.tigerdirect.com/p/networking-products/enterprise_networking/firewalls/cisco-asa-5585- x-firewall-appliance