Académique Documents
Professionnel Documents
Culture Documents
Jacob Kline
IS3220 Charleston
May 25, 2016
Final Project
Contents
Network Survey..................................................................................................................... 3
Network Design..................................................................................................................... 5
Multi-Layered Security per 7 IT Infrastructure Domains: .................................................... 6
Overall Network Security Plan: ............................................................................................ 8
Remote Access/VPN Plan: .................................................................................................. 8
Departmental VLANs identified and designed .................................................................... 9
Virtual IPv4 Schema ........................................................................................................... 10
VPN Connectivity Troubleshooting Checklist .................................................................... 11
Network Survey
Security should always be in the front running of importance for any company. This
is especially true because of technology today. Making sure your network, including all
users and devices attached to the network, are secure is an absolute must. In order to
do this properly, it is important to know what your network is comprised of, what runs on
your network, and generally how the network is behaving. To do this, I will conduct a
network scan.
There are many tools to do a network survey by allowing you to virtually scan the
network and any activity. I will be using NetWitness to scan the network for any
vulnerabilities or abnormalities. NetWitness will allow me to identify all the hosts within
the network, the protocols currently in use, and the services in use. This scan will be
used as a baseline to compare future scans against to ensure everything on the
network is still operating the way it should be.
Hosts identified within the Corporation Techs network:
1. Host IP: 10.21.3.35
2. Host Aliases: besespecially.com, protectedreality.com, definitelyfriendly.com,
bestremarkably.com, www.netwitness.com, truly-secure.com, securetruly.com,
securereally.com, resolution-sharp.com, definitelysociable.com, decisionintelligent.com, and bright-decision.com
3. Host Location: Fairfax city, USA
Protocols identified within the Corporation Techs network:
1. TCP
2. UDP
3. IP
Network Design
The above network design is a slightly extended version than the information
provided. It basically sets up to have firewalls in place at multiple points in the
network. This will help with a layered security approach. It is also allowing for the
use of multiple routes and switches to minimize network lag when activity is at its
peak. Also, by separating servers and not having a direction connection to the
workstations, it would allow for the servers to be stored off site. This could be
beneficial if there was a disaster of some kind to the main building. Information
and data integrity will remain intact and be able to be restored from completed
back-ups.
ensure only authorized users have and use granted access. Full access granted
will be evaluated on a case by case basis. Depending on the nature of the
employees job, they may not have complete and full access to the network via
VPN.
Users will be expected to only connect through VPN from a secure
connection. This means it must be password protected and at least WPA
encryption. Users can connect from their home network if the connection means
the above listed requirements. If an employee is fired, VPN access is taken away
immediately (as with all other company/network access) to ensure maximum
security.
10
Mask
255.255.0.
0
255.255.0.
0
255.255.0.
0
255.255.0.
0
255.255.0.
0
Virtual IP
(Network)
192.168.1.0/24
192.168.2.0/24
192.168.3.0/24
192.168.4.0/24
192.168.5.0/24
Broadcast IP
192.168.1.25
5
192.168.2.25
5
192.168.3.25
5
192.168.4.25
5
192.168.5.25
5
IP Range
192.168.1.1 192.168.1.254
192.168.2.1 192.168.2.254
192.168.3.1 192.168.3.254
192.168.4.1 192.168.4.254
192.168.5.1 192.168.5.254
11
12
at fault. If the other connection attempt fails, a deeper look into the users
profile and access privileges may help determine cause.
5. Ask for any potential error codes
a. For example, some companies will not allow VPN access to one user if
multiple users are logged in from that system. It comprises security. If this
is the case, have the other user log off or restart the system.
6. Resolve any determined issue, if applicable
a. Depending on the nature of the issue, the majority of them can be
resolved. From access privileges to user error, helpdesk technicians are
trained to find and solve a variety of issues.