CS 313 Networking And Telecommunications

Hello, this question is here because we've worked on this and other similar assignments. If you don't know the answer, you can ask us for help. We guarantee an original paper free from Plagiarism.

Order a Similar Paper Order Different Paper

We got you covered for the whole semester.

Question:

You will need to prepare a proposal that will design and implement a secure campus networking.

Answer:

Proposal

This agenda includes a proposal to discuss secure campus network concept as well as a security model.

The paper presents a proposal to show security considerations as well as the factors that must be addressed when implementing network.

This proposal includes a list of aspects that should be included in the discussion to help evaluate campus networks. It also provides recommendations for best practices in reducing data confidentiality.

The primary goal of the study is to identify and provide security mitigation practices.

Topic Description

This proposal will outline the process for designing and implementing campus networks that are secure.

The principal goal of the proposal is security on campus networks.

Innovation and new technology utilization, such as universal computing (Scott-Hayward), enterprise mobility (Natarajan) and ecommerce (Sezer 2016).

But network security is an important part of campus network implementation. It presents a significant challenge.

There are many vulnerabilities that campus networks face when trying to address major issues like network architecture vulnerabilities.

This problem can occur during open network access like wireless access for many students. The secured network access should protect against network security attacks (Dacier, et al.

A secured network should be capable of protecting against certain attacks during teaching, learning, research, and other activities.

The proposal’s theoretical contribution is to provide a reference design that allows campus networks to be adopted or adapted with a flexible and robust network design.

Outline

The purpose of this study is to collect data from secondary sources to study the topic.

It is important to consider the practical implications of these data when designing secure campus networks.

The outline of the research should include a theoretical framework for designing security in LAN or WAN connection configuration.

Additionally, the proposal must consider security issues and potential threats to mitigation.

The study should show how to mitigate attacks such as ARP spoofing, Denial of Services and ARP spoofing.

This study should consist of gathering information on security issues and analysing data about security scenarios.

Introduction

Network-related issues should be considered first.

The evolution of network technology and the use of new technology in internet has increased security threats to network grids.

There are many other threats that can be used to cause damage and commit theft.

As internet use increases inexorably, so does the LAN/Ethernet network (Kreutz Ramos and Verissimo, 2013).

Network security is the procedure of selecting a method to protect and preserve a network as well as information as an asset.

The data security and privacy objectives of any network are to protect data confidentiality, maintain data integrity, guarantee data availability, and ensure data accessibility (Sezer et. al.

Consider the security objectives. It is crucial to look at the networks to ensure security and to resolve any vulnerabilities.

This proposal paper examines security from attacks on routers to network configuration vulnerabilities that can be minimized to ensure data confidentiality and integrity.

So that network security and operation can be maintained, firewalls and routers are essential components of the network.

A proper management of network security, along with digital auditing can help to reduce internet downtime and prevent hacking attacks.

It is possible to reduce network threats and aid in security breach analysis.

Literature Review

The threats to network are usually considered to be persistent, which means that they pose a threat to network security. This could lead to network vulnerabilities due incorrectly configured hardware or software.

Network threats include bad network design, poor internet technology, and weaknesses.

The network devices are essential for security.

Because routers enable services in the network grid, they are selected as a particular device.

Although the services aren’t necessary, attackers can access the router boundary to the network (Porras et.al.

Therefore, attackers should not configure router settings that aren’t necessary to protect the network from data theft and other network configuration problems.

The applications were used to access the internet in a variety of situations, including personal, government, or business-critical cases. This has led to increasing network grid issues and increased problems.

With increasing information sources to government and companies, the security risks and threats posed by network-related services and applications could be increased.

Marsa-Maestre et.al. reported that the network grids also became insecure as a result of poor network security.

Information should be considered an asset by organizations to ensure their network design.

If the government fails to enforce proper network security procedures, it and other individuals could lose the information asset.

Protection of assets over network grids is a security aspect (Porras and al.

2015; Shiravi Shiravi & Ghorbani (2012).

The configuration of LANs and personal computers is a common problem.

In order to minimize vulnerabilities on major internet-based websites and applications, it is necessary to find a balance between secure and isolated configurations.

Security vulnerabilities such as those listed below can lead to security breaches.

Security Weakness

Security weaknesses can be exploited in several ways

Accounts of insecure users

User accounts can be insecure because users might share credentials.

Accounts that are compromised by the sharing of sensitive information or account information can be made insecure.

Systeme and accounts that have easy to guess passwords

This problem is often caused by poor selection of usernames and passwords that can be easily guessed (Yi Qin, Li 2015).

Incorrectly configured internet services

JavaScript can be accessed via web browser to identify a common problem that allows attacks on hostile JavaScript.

JavaScript is able to access IIS, untrusted websites, FTP, as well as posing problems with terminal services.

Unsecured settings are default in network device products

Some network devices may have default settings that enable security issues (Kim, Feamster 2013).

Incorrectly configured network equipment

Wrongly configured equipment could increase vulnerability to security protocol. SNMP with community strings opens up additional security holes.

Table 1: Common weaknesses in network configurations

Many security issues can arise from the increase in LANs and personal computer users.

Software, Firewall devices and hardware can enforce access control policy between multiple networks under security consideration (Shang, et al.

Technology that allowed business to balance outbound and security access to the internet was mostly used for web surfing or e-mail.

Network security is the most important component of information security. The network security can also be considered to be responsible for protecting information and other assets passing through networked computers.

Network security includes hardware and software functions, features and operational procedures. Accounting measures and network characteristics are all part of the equation.

In addition, network security policy should be considered for administrative and network control over the available level of hardware or software in the network information.

For data loss prevention, network configuration and security can be successful by following some basic perceptions.

First, secure networks should consider data integrity and stored information to protect data from data problems (Bari et. al.

For data confidentiality, integrity, accessibility, and security, it is important to secure a network.

It is possible to share information via a network grid for certain people.

For certain data exceptions, network security may be necessary in order to maintain information availability for the required recipients (Zaalouk and al.

The following principles can be used to ensure network security. They are based on year-wise network security practice and enforced security.

Common terms for network security are vulnerabilities, threats, or risks.

Some vulnerabilities can also be considered weaknesses in the network security systems themselves.

There are three types of weaknesses or vulnerabilities:

Technology weaknesses: Both network devices and computers can have security vulnerabilities.

Operating system weaknesses, TCP/IP protocol weaknesses and other network equipment weaknesses are some of the weaknesses.

Configuration weaknesses of Network Devices: Network administrations and network engineers can learn more about configuration weaknesses of Network Devices (Scott Hayward, Natarajan, and Sezer 2016).

Configuration weaknesses should be considered by network administrators when configuring network device with compensations.

Here are the configuration weaknesses:

Configuration issues

How to exploit the weakness

Absence of a written policy

Policies that are not clearly written can’t be applied consistently.

Politics

Consider political factors when attempting to implement consistent security.

Mangel of a working community

Frequent replacements can increase the risk of taking an erratic approach to security issues.

Access control isn’t used

Unsanctioned access control may cause the default password to malfunction, which could lead to unauthorized access (Mohaien and al.

Policy doesn’t apply to software or hardware installation and modifications

Unauthorized or unprecedented access to network topologies, and unauthorized changes to networks, can all create security vulnerabilities in any system.

A disaster recovery plan cannot be applied

Failure to plan for disaster recovery could lead to chaos and panic (Lara, Kolasani, and Ramamurthy 2014.

Table 2: Common security weaknesses in network security policies

Source: Rani and Singh 2012 pp.

Security policy weaknesses

These are the common security policy weaknesses identified in the following table:

Threat

Internal / Extern

Potential threats

E-mail virus

Both external origination and internal usage

A threat consequence could be that an infected system reads email and then spreads throughout the entire organization.

Network virus

External

Threat consequences could be introduced into unprotected ports and compromise entire network (Nunes, et al.

Viral Web-Based

Search for an external site from within the browser

The threat consequences compromise the system browsing, subsequently affecting on internal networks

Extern over web servers

Hacker could gain access to internal networks if web servers can be compromised (Olivier Carlos and Florent 2015).

Denial of Service attack (DOS).

External

External services can cause web, email, or ftp to become unavailable. If a router is attacked, the entire network might be affected.

From the inside to anywhere

Firewalls can have a traditional boundary that is ineffective against attacks; however, the firewalls with internal segmentation may still be effective (Scott-Hayward 2015).

Table 3: Threat identification

Source: Mainanwal Gupta & Upadhayay 2015 (pp.

Inadequate security policies could lead to people being eager and willing to take advantage of threats.

Staff can continuously search for weaknesses and vulnerabilities; they also have access to a wide range of tools, scripts, programs, and other means for attacking networks (Gao, et al.

The researchers will discuss primary types of threats to network security. These include the internal and external threats.

The network security can be strained by internal threats (Hong and al.

Unethical employees may be removed from these threats.

Research Methodology

This chapter helps in defining how to study in the most appropriate way during research.

It is used to discuss security vulnerabilities and network issues.

For this particular study, the formative research format will be used to describe network threats.

Another work to be addressed in the analysis/discussion section is the design of a secure campus network.

The essentiality of creating and implementing secure campus networks is reflected in this proposal.

This is because security constraints should be considered when designing the descriptive design.

The study is considered to be completely secondary.

You should also research relevant secondary articles online, and look at previous works that relate to the secondary study.

This is the outline of research for the study.

Types Of Attacks: Network attack classes can be identified by passive or active monitoring communications. The attacks are classified as passive attack and active attack, distributed attack and insider attack.

However, there are some attacks that can be described as follows:

Denial Of Service (DOS), is the act of interrupting service by making the main system unavailable temporarily.

An attacker might destroy hard drives or physical infrastructure. Or, they could use free memory to access a resource.

ARP Spoofing Attack: ARPspoofing is a type of attack in which a malicious actor sends a false Address Resolution Protocol (ARP), message to local network (Shiravi Shiravi, Ghorbani 2012).

This attack involves linking victim’s MAC with an IP address over a computer or server in a network.

These are the steps and activities that can be taken to reduce attacks.

VLANs (Virtual LANs) can be created for security.

To install firewalls to provide both external and internal security

Relevance of the stages: If these stages are valid, it is important to do research about design and implementation.

These steps will be discussed in this section to show how they can be used as mitigation steps to create and implement a safer campus network.

Secure and cost-effective campus network design could be a way to reduce security gaps within network architecture (Zaalouk, et al.

Separate configurations should be included for different purposes, such as campus, staff area, and library.

A firewall should be present and a DMZ should also be used to protect the web, DNS, as well as educational ERP system servers.

VLANs are another option that allows for all network sizes to be supported.

Multiple VLANs within a single network can reduce headaches associated with maintaining multiple cables.

VLANs segment the network and allow traffic to flow properly through multiple broadcast domains.

A firewall is a tool that can be used to protect and monitor network traffic internally and externally.

It can be used to allow certain outbound traffic but block some inbound traffic.

Virtual Private Network (VPN), which can be used to establish a private network for sending and receiving data, over shared or public networks (Bari et.al.

VPN can be created using P2P virtual network with dedicated connections, tunneling or traffic encryption.

Open VPN and IPSec can be used to create campus networks.

Conclusion

This paper examines security flaws in firewall configurations and devices.

The paper examined the risks that can arise from internet connections and discussed how one can conduct an extensive research using this proposal document.

This paper outlined the proper way to conduct the study using secondary sources and information.

This paper presents some facts that can help you identify the weaknesses in your network and how they can be exploited.

The paper has identified vulnerabilities, threats and attacks by examining security configurations on network devices.

These findings can help to create a proper security policy that complies with best practices in data confidentiality and computer security.

According to research, the firewall provides additional access control over network traffic and connections.

A firewall and router can be used to provide better security and configuration settings across the network grid.

Poor routing filter settings can make it more difficult to secure a network grid. This could expose internal network components and devices for attackers.

This proposal should be used to guide the final research. Security and proper network design are crucial for every organization.

Hierarchical network design will make the network more flexible, secure, and perform better.

Network engineers will find it easier to maintain hierarchical network designs.

A proper budget allocation, as well as a consideration of time and cost can help with the planning for the implementation.

The proper network structure is essential to ensure flexibility, security, and scalability for multiple users.

For a campus network, the network design and implementation must be done based on security and risk identification. The proposal also provided best practices in identifying risks and threats.

References

Security Challenges and Opportunities in Software-Defined Networking.

IEEE Security & Privacy 15, pp. 96-100.

Sezer S. Scott-Hayward S. Chouhan P.K. Fraser B., Fraser B., Lake D. Finnegan J. Viljoen N. Miller M. Rao N.

Are we ready for SDN technology?

Software-defined networks: Implementation challenges

IEEE Communications Magazine 51(7), pp. 36-43.

Security of self-organizing networks: MANET. WSN. WMN. VANET.

CRC press.

Porras P., Shin S.., Yegneswaran V.. Fong M.. Tyson M., and Gu G. 2012, August

OpenFlow networks: Security enforcement kernel.

Proceedings of the First Workshop on Hot Topics in Software Defined Networks (pp.

Lopez-Carmona M.A.

Design and evaluation of a learning space to provide network security skills.

Computers & Education 69, pp.225-236.

Porras P.A. (Cheung, S.), Fong M.W. Skinner K. and Yegneswaran V. (2015).

Securing the Software Defined Network Control Level.

In NDSS.

Shiravi H. Shiravi A. Shiravi A. Shiravi A. Shiravi A. Shiravi A. Shiravi A. Shiravi and Ghorbani A.A. 2012

Survey of visualization systems for network security.

IEEE Transactions, 18(8). pp. 1313-1329.

Kim, H., and Feamster N., 2013.

Software defined networking: Improving network management

IEEE Communications Magazine, 51(2). pp.114-119.

Shang W., Ding Q. Marianantoni A. Burke J. Zhang L., 2014

Secure building management systems with named data networking

IEEE Network, 28(3). pp.50-56.

Ali, S.T.

An analysis of the security of networks using software defined networking.

IEEE Transactions on reliability, 64(3) pp.1086-1097.

Chen, Z. Han F. Han Jiang X. Chen S.

Cloud computing-based forensic analysis for collaborative network security management systems.

Tsinghua science technology, 18(1) pp. 40-50

Bari M.F. Boutaba R. Esteves R. Granville L.Z. Granville Podlesny M. Rabbani M.G. Zhang Q. Zhani M.F.

IEEE Communications Surveys & Tutorials 15, pp.909-928.

Ding A.Y. Crowcroft J. Tarkoma S. and Flinck H., 2014.

Software defined networking allows for security enhancements in wireless mobile networks.

Computer Networks, 64, pp.94–101.

Scott-Hayward S.; Natarajan S.; and Sezer S., 2016.

An assessment of security in software defined networks.

IEEE Communications Surveys & Tutorials (18(1)), pp.623-654.

Secure encounter-based mobile social networking: Design considerations, requirements, and tradeoffs.

IEEE Transactions on Dependable & Secure Computing, 10(6).

Lara A., Kolasani A. and Ramamurthy B. (2014)

Network innovation using openflow: An investigation.

Ahmad, I. Namal, S.; Ylianttila M. and Gurtov A.

Security in software-defined networks: A survey.

IEEE Communications Surveys & Tutorials (17(4)), pp.2317–2346.

Nunes B.A.A.A. Mendonca M. Mendonca M. Obraczka K. Turletti T.

Software-defined networking: Past and present.

IEEE Communications Surveys & Tutorials (16(3)), pp.1617-1634.

Olivier F., Carlos G. and Florent N. (2015)

Security architecture for IoT network.

Procedia Computer Science, 52. pp.1028-1033.

Gao Z., Zhu H.., Li S. Du, S. and Li X. 2012.

Security and privacy in collaborative spectrum sensing for cognitive radio networks

IEEE Wireless Communications 19(6).

Rani, S., and Singh, V. 2012.

SNORT: An open-source network security program for intrusion detection in campus networks.

International Journal of Computer Technology and Electronics Engineering. 2(1). pp.137-142.

Dong, X. Lin H. Lin Tan R.K. Iyer R.K. Kalbarczyk Z. (2015). April

Software-defined networks for smart grid resilience: Opportunities, challenges

Proceedings of the 1st ACM Workshop on Cyber-Physical System Security (pp.

Kreutz D., Ramos F., and Verissimo P., August 2013.

Software-defined networks: Secure and reliable.

Proceedings of the ACM SIGCOMM second workshop on hot topics in software defined networking (pp.

A. Zaalouk. R. Khondoker. R. Marx. K. Bayarou. 2014, May.

Orchsec: An orchestrator-based architecture to enhance network-security through network monitoring, sdn control functions and other methods.

Network Operations and Management Symposium (NOMS), 2014. IEEE (pp.

Hong, S. (February 2015), Xu L. Wang H. and Gu G.

Poisoning Network Visibility In Software-Defined Systems: New Attacks & Countermeasures

In NDSS.

Mainanwal V. Mainanwal, Gupta M. and Upadhayay S.K. 2015 March

A survey on wireless area networks: Security technology issues and their design methodology.

Innovations in Information, Embedded and Communication Systems, 2015 International Conference on (pp.

Design and deployment resilient, secure, and robust SDN Controllers.

Network Softwarization 2015 (NetSoft), (pp.

Yi, S. Qin Z. and Li Q. 2015 August.

Security and privacy issues in fog computing: An investigation.

International Conference on Wireless Algorithms, Systems, and Applications, pp.

If you don't know the answer to this question, you can ask us for help. We guarantee an original paper free from Plagiarism.

Order a Similar Paper Order Different Paper

You can trust us with any of your assignments. We got you covered for the whole semester. We dedicate one writer to do all your assignments

Leave a Reply

Your email address will not be published. Required fields are marked *