Login Signup
Verified Document

Designing Compliance Within The LAN To WAN Domain Term Paper

Related Topics:
Computer Network Security Operating System Firewalls
Open Document Cite Document

In order to ensure compliance within the LAN-to-WAN domain it is vital to have protective and security layers. Firewalls, intrusion detection systems, virus scanners, and other protective software would provide assurance that the security policies for the organization are implemented and adhered. Having multiple locations, there will be huge amounts of data that is transmitted between the four locations and this should not be interfered with in order to ensure that employees are able to perform their duties. Therefore, the security solutions implemented should also have a public key to encrypt and decrypt the data. Securing the four locations and allowing for data transmission will require an innovative and secure layout at all locations. Compliance within the four locations will ensure that the facilities are secure and they are operating within the laid-out security policy. Proposed Solution

The firewall will act as the first layer of protection and filtering for all the network traffic and data being transmitted at any of the four locations. Firewalls will have certain parameters defined within them that are used to analyze all the traffic that passes through the network (Kaur, Kaur, & Gupta, 2016). Having a properly configured firewall will ensure that any undesirable network traffic is filtered out and not allowed to reach the LAN. All the rules and policies of the organization will be configured into the firewall in order to also protect against network traffic leaving the organization that does not adhere to the laid-out policy. This will guard against employees sending or transmitting...

Parts of this document are hidden

View Full Document
svg-one

In order to properly configure the firewall, there is need to first identify the network components and evaluate the risks that are posed by these components. The router will also have the capability of blocking the internal IP addresses and ensures that any external network node will only see the public IP address that is configured on the router.
All the data transmitted by a node within the LAN will be first scanned by the firewall in order to ensure that it meets the AUP for the organization before the data can be transmitted (Budka, Deshpande, & Thottan, 2014). This will guard against an internal attacker being able to corrupt or infect other computers within the network or WAN. All the endpoints within the organization are uniquely identified by the firewall and when they are transmitting data, the firewall will check to ensure that the data is not infected and it should be transmitted. Once the data has been transmitted the receiving location firewall will check to see that the data has not been interfered with during transmission. Only after the data has passed the analysis test will it be allowed to enter the LAN to the required endpoint.

Any unwanted network traffic from the WAN will be blocked from entering to the LAN and directed to the DMZ zone. DMZ stands for demilitarized zone, which is basically a physical subnetwork that will contain and expose the organization's external facing services to an untrusted network…

Continue Reading...
Sources used in this document:

References

Basin, D., Cremers, C., Kim, T. H.-J., Perrig, A., Sasse, R., & Szalachowski, P. (2014). ARPKI: attack resilient public-key infrastructure. Paper presented at the Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security.

Budka, K. C., Deshpande, J. G., & Thottan, M. (2014). Network Security Communication Networks for Smart Grids (pp. 209-225): Springer.

Kaur, K., Kaur, S., & Gupta, V. (2016). Software defined networking based routing firewall. Paper presented at the Computational Techniques in Information and Communication Technologies (ICCTICT), 2016 International Conference on.

Nagendra, V., Yegneswaran, V., & Porras, P. (2017). Securing Ultra-High-Bandwidth Science DMZ Networks with Coordinated Situational Awareness. Paper presented at the Proceedings of the 16th ACM Workshop on Hot Topics in Networks.


Cite this Document:
Copy Bibliography Citation

Related Documents

Essay
IT Security Assessments Process of Matching Security
Words: 3712 Length: 12 Document Type: Essay

IT Security Assessments (Process of matching security policies against the architecture of the system in order to measure compliance The systems security assessment is the method of creating a security policy that would be complimentary to the architecture of the system and the method would allow for the measure of compliance. Security assessments are activities that belong to the phase of the design cycle, and that is because it is

Read More

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now