Urgenthomework logo
UrgentHomeWork
Live chat

Loading..

ICT60215 Advanced Diploma of Network Security: Firewall Placement

  29 Download     📄   6 Pages / 1361 Words

Questions:

  1. On your design, determine the best location of your firewall. Explain why you chose this location and list the main advantages/disadvantages of this location

  2. On your design determine the best location of the 3 Cisco switches. Explain why you chose this location for the cisco switches and why you would not put the Net Gear Switches here.


  3. On your design determine the best location of the Net Gear switches. Explain why you chose this location for the net gear Switches and explain why you would not put the cisco Switches here. As well as technical consideration, you can consider all reasons such as costs port numbers etc

  4. Will you connect all switches together? Explain or why not

  5. Which device must connect to which switch? Explain why

Answers:

1: Firewall Placement Recommendation and its Pros and Cons 

Firewall placement location is not based on network engineers’ choice or design symmetry. The firewalls are placed in most cases as per specific requirements and for placing firewalls; internal and external threats are considered. For internal and external threats, firewalls are placed within the network perimeter and as well as in strategic locations too. In local networks, firewalls are placed at the core of the network for inspection and filtering network traffic between VLANs. When transparent firewalls are utilized; a firewall and router is combined together for merging them into a single device. For public network where everyone access a public internet source; additional security is mandatory and this security concern influences the firewall placement and configuration. The idea is for protecting all entry points in network; therefore, while placing firewall, the engineer should consider access layer with terminal users, wireless access, and internet. Finally, the protection options should be considered for placing firewall in network core.

Network location advantages and disadvantages are identified based on location choice and strategic alignment. Advantages are:

  1. Firewall protects network resources; being in core of the network, firewalls are able to offer mitigation of viruses and network threats.
  2. Firewall reduces ownership cost and other equipment costs regarding power consumption.

Some disadvantages in firewall placement are:

  • Placing in core of network; in case firewall is malfunctioning, entire network could be malfunctioning.
  • Firewall could distribute the mitigation techniques to every device causing each device to face more throughput time.   

2: Differences between Cisco and Netgear switches’ location choice 

Best location for three Cisco switches is to put them at the entry points of the network. Always, the Cisco switches are installed at the core of the network and when the network is distributed, and then switches should be installed at entry points. Cisco switches are generally located near routers and distribution between all desktop devices. The Cisco switches have different location choice rather than Netgear switches in network grid.

Netgear switches are installed following below requirements and location affects Netgear switch performance. The requirements are included as following:

Mounting: For rack-mounted installation, 19-inch EIA standard equipment is used along with physically secure and grounded. Power Source: For power source, 100-240V AC, 50-60 Hz capable power source is required. Access: Switch should be placed near all RJ-45 ports for all computer devices and switch should let other users to connect the device with LAN wires. Temperature: Switch should be placed near 0-500C; keeping it away from heat sources such as direct sunlight, warm air, and heaters.

Furthermore, the switch should be placed near ventilation and cables should be placed without discrepancy from other devices.     

3: Location Choice Differences 

Cisco and Netgear switches are different from each other regarding accessibility and network core placement. Best area for Cisco switches is to put them at the section purposes of the system. Continuously, the Cisco switches are introduced at the center of the system and when the system is conveyed, and after that switches ought to be introduced at passage focuses. Cisco switches are by and large situated close switches and appropriation between all desktop devices. The Cisco switches have diverse area decision as opposed to Netgear switches in organize framework.

Switches have two advantages: (1) they give each combine of discussing devices with a quick association; and (2) they isolate the correspondence so it doesn't enter different segments of the system. Netgear switches are introduced following underneath prerequisites and area influences Netgear switch execution. The necessities are incorporated as; mounting; for rack-mounted establishment, 19-inch EIA standard gear is utilized alongside physically secure and grounded. Power Source; for control source, 100-240V AC, 50-60 Hz proficient power source is required. Accessibility; switch ought to be set close to all RJ-45 ports for all PC devices and switch should let different clients to associate the device with LAN wires. Temperature; switch ought to be set close to other devices; keeping it far from warm sources, for example, coordinate daylight, warm air, and radiators. Besides, the switch ought to be set close ventilation and links ought to be set without disparity from different devices.

4: Connection of Switches

All switches should be placed near computer devices so that switch can divide each connection from router. Switches are generally put near devices and router serve as purpose of routing network addresses along with ports. Connection of switches allows circuit to exchange information momentarily between other devices inside the network. Each switch port defines collision domain inside Ethernet networks. The circuit guarantees that data transmits straightforwardly between the imparting PCs. This conduct contrasts notably from un-switched Ethernet systems. In un-switched systems, information from a transmitting PC is sent by the closest center to every single associated device (not simply to the beneficiary) and hence clogs parts of the system unnecessarily.

5: Connection Specifications

The network problems happen on the grounds that switches analyze the data inside each flag on your system (to decide the locations of the sender and collector) and in this manner procedure organize data more gradually than center points. Since switches rely on MAC addresses, we say in the speech of the OSI show that they are level 2 devices (level 2 deals with the structure and MAC addresses inside system signals). You should buy a switch that is good with your physical system and your information connects conventions. As of late, makers have started to offer switches that look at OSI level 3 (organize directing) data, for example, that contained in the IP parcels (as opposed to the information interface divides) of a system flag. Later in this part, you will find that switches likewise look at this data. Level 3 switches obscure the qualification amongst switches and switches. Level 3 switches can supplant switches inside your system or between your system and the Internet (while level 2 switches can supplant center points, yet not switches).

Bibliography 

Cardenas, A.A., Manadhata, P.K. and Rajan, S.P., 2013. Big data analytics for security. IEEE Security & Privacy, 11(6), pp.74-76.

Choyi, V.K. and Vinokurov, D., Alcatel Lucent, 2012. System and method of network access security policy management for multimodal device. U.S. Patent 8,191,106.

Cionca, V., Newe, T. and D?dârlat, V.T., 2012. Configuration tool for a wireless sensor network integrated security framework. Journal of Network and Systems Management, 20(3), pp.417-452.

Kramer, G.A. and Van Vleck, T.H., Bespoke Innovations SARL, 2012. Method for enhancing network application security. U.S. Patent 8,302,170.

Marin-Lopez, R., Pereniguez-Garcia, F., Gomez-Skarmeta, A.F. and Ohba, Y., 2012. Network access security for the internet: protocol for carrying authentication for network access. IEEE Communications Magazine, 50(3).

Peng, H., 2012, April. WIFI network information security analysis research. In Consumer Electronics, Communications and Networks (CECNet), 2012 2nd International Conference on (pp. 2243-2245). IEEE.

Sivaraman, V., Gharakheili, H.H., Vishwanath, A., Boreli, R. and Mehani, O., 2015, October. Network-level security and privacy control for smart-home IoT devices. In Wireless and Mobile Computing, Networking and Communications (WiMob), 2015 IEEE 11th International Conference on (pp. 163-167). IEEE.

WANG, X.Z., QU, J.X., HUANG, J.Q. and MA, C.G., 2012. Network Database Security Detection and the Realized Management Program Design [J]. Netinfo Security, 2, p.009.

Copyright © 2009-2023 UrgentHomework.com, All right reserved.