In order to ensure compliance within the LAN-to-WAN domain it is vital to have protective and security layers. Firewalls, intrusion detection systems, virus scanners, and other protective software would provide assurance that the security policies for the organization are implemented and adhered. Having multiple locations, there will be huge amounts of data that is transmitted between the four locations and this should not be interfered with in order to ensure that employees are able to perform their duties. Therefore, the security solutions implemented should also have a public key to encrypt and decrypt the data. Securing the four locations and allowing for data transmission will require an innovative and secure layout at all locations. Compliance within the four locations will ensure that the facilities are secure and they are operating within the laid-out security policy. Proposed Solution

The firewall will act as the first layer of protection and filtering for all the network traffic and data being transmitted at any of the four locations. Firewalls will have certain parameters defined within them that are used to analyze all the traffic that passes through the network (Kaur, Kaur, & Gupta, 2016). Having a properly configured firewall will ensure that any undesirable network traffic is filtered out and not allowed to reach the LAN. All the rules and policies of the organization will be configured into the firewall in order to also protect against network traffic leaving the organization that does not adhere to the laid-out policy. This will guard against employees sending or transmitting...

In order to properly configure the firewall, there is need to first identify the network components and evaluate the risks that are posed by these components. The router will also have the capability of blocking the internal IP addresses and ensures that any external network node will only see the public IP address that is configured on the router.
All the data transmitted by a node within the LAN will be first scanned by the firewall in order to ensure that it meets the AUP for the organization before the data can be transmitted (Budka, Deshpande, & Thottan, 2014). This will guard against an internal attacker being able to corrupt or infect other computers within the network or WAN. All the endpoints within the organization are uniquely identified by the firewall and when they are transmitting data, the firewall will check to ensure that the data is not infected and it should be transmitted. Once the data has been transmitted the receiving location firewall will check to see that the data has not been interfered with during transmission. Only after the data has passed the analysis test will it be allowed to enter the LAN to the required endpoint.

Any unwanted network traffic from the WAN will be blocked from entering to the LAN and directed to the DMZ zone. DMZ stands for demilitarized zone, which is basically a physical subnetwork that will contain and expose the organization's external facing services to an untrusted network…