Design a Layered Security Strategy for an Ip Network Infrastructure

781 Words Feb 20th, 2014 4 Pages
Design a Layered Security Strategy for an IP Network Infrastructure
NaTasha Scott
Dr. Danielle Babb
CIS 534 Advanced Network Security Design
March 6, 2014

1. Block diagram design of a layered security solution

2. A written function overview of your design

Lab Assessment Questions and Answers for Lab 8
1. Explain why a layered security strategy helps mitigate risk and threats both external and internal.
Multiple layers can be used to secure internal threats like keeping employees from accessing inappropriate material, update and patch workstations and run current anti-virus/malware on workstations daily. The layers also help mitigate external threats like hackers by using firewalls and shutting traffic out of the internal
…show more content…
I would lock the servers into their own room with keycard or fingerprint access only. The only personnel that need to be in there are IT staff and possibly some of upper management. The building should also be locked down with security coming into the building. Fire and disaster technicians or other important visitors should be escorted into and out of the server room by a staff member.
5. If the organization implemented wireless LAN (WLAN) technology, what would you recommend regarding the use of VPNs or encryption within the internal network when accessing the server farm?
I think that there should be firewalls installed around the server farm and all traffic needs to be passed through the firewalls. The VPNs need to have an endpoint within the firewall or directly outside of it so that information passed into the servers is closely inspected. The servers also need to have updated anti-virus and malware software installed to protect from malicious code that may be inadvertently passed to the servers.
6. What is the purpose of a proxy server on a DMZ?
The proxy server protects the DMZ and the private intranet, because it filters all traffic that passes through the Internet.
7. What is the purpose of an IDS/IPS on a DMZ?
The IPS would monitor communications from your DMZ servers and if one of them has been hijacked, it can act. The firewall just knows it's supposed to let traffic from that host go to this host, it doesn't know

Related Documents