Cyber security tendencies have evolved into systems that are used for data security, mostly for big corporations which can afford the service. System vulnerability is one of the major concerns of organizations getting web servers, firewalls and security measures for their data. Technology companies burn the midnight oil trying to provide the highest level of security to databases, and a breach of security can be deemed a lapse by the technology company or that their security measures being ineffective. Hackers might send unauthorized packets of data including network inhibitors that might stall the ABC servers which contain online payment processing and customer data.
The best firewall recommended for this system is the next-generation system equipped with sophisticated security protocols for the deployment in the ABC system. It combines traditional firewall with other network devices that filter unauthorized network protocols. In a distributed system where traffic is passed through different nodes, denial-of-service attacks can come from multiple sources and this needs firewalls to detect and neutralize these attacks to protect the integrity of the data.
In ABC, the model of web application distribution used is a balancing load technique. This technique is used to distribute maximum workload over various nodes in the company’s network. It is further used to balance HTTP traffic across multiple servers thus making it an effective front-end service. Using this model, web traffic can be distributed intelligently across many servers using defined protocols (Martin C. Libicki, 2015). Processing load can thus be shared by many nodes and increases the reliability of the web application. In this case, ABC is able to process online payments, update customer data, and advertise their products online. The model redundancy is always considered during design for the organizations’ web applications since it enhances performance and prevents system lags during high activity.
In a distributed system, the historical intelligence or perceptive algorithm technique is deemed appropriate when loading and balancing web traffic to a web application. The method determines a particular node in which to send traffic using both response time of nodes and the amount of available connections between the server and load balance (Mays, 2018). A Zeus load balances can add traffic gradually to newly added servers without protocols and sometimes this is a vulnerability since the problems in the server might be as a result of a glitch or an attack in the system making it dangerous and vulnerable to breach.
A denial-of-service attack is a process whereby hackers attempt to prevent legitimate users of a system from accessing it. In the case of ABC, their customers can be denied access to their online platform, stalled payment processing and being unable to update customer data from their servers due to connection interruption. In the DoS attack, indefinite messages are sent to various legitimate users asking for authentication requests, usually by websites that have unknown return addresses. Since the network won’t be able to trace back the hackers sending the authentication requests, the server stalls before closing the connection.
The system lag can stall for hours and even days making the web application inaccessible and ineffective since no transactions will be occurring. When the connection closes, the hackers sends more information and authentication messages with invalid addresses and the loop begins again. The system lag can cause loss of revenue, vulnerability of crucial customer data like their payment information, which when accessed can result in a massive security breach (Mays, 2018).
In a middle-scale layered system, preventing a DoS attack, includes monitoring any malicious attacks that might prevent normal system functioning. The firewall provides a border layer through which the network is monitored. The safe layer has analytics as well as threat detection system that identify potential attack to the system and neutralize them before they further damage the network. Hackers might send unauthorized packets of data including network inhibitors that might stall the ABC servers which contain online payment processing and customer data (Martin C. Libicki, 2015). The best firewall recommended for this system is the next-generation system equipped with sophisticated security protocols for the deployment in the ABC system. It combines traditional firewall with other network devices that filter unauthorized network protocols. In addition, filtering functionalities such as application firewall using inline deep packet inspection, intrusion prevention system and an overall functionality for the computer network functionality.
The next-generation firewall offers hardware and software capability technology that implements sophisticated security policies at the application ports and different protocol levels. Some of the advanced features include integrated intrusion prevention which preemptively identifies unwanted packets and security threats and deals with them swiftly, identity awareness where artificial intelligence technology is deployed to identify botnets that will try and hack a system. The user and group controlled bridges where the need to get user data is integral for the system to function and finally using external intelligence source to get the required data (Thu, 2013).
Efficient cloud services are a way to handle data the since it can be accessed remotely by users but also poses different security threats that need sophistication in deployment of security protocols. The best recommendation is deployment of a honeypot for an intrusion detection system to boost its performance and improve the architecture design in terms of appropriate security of data, prevention against intrusion and an overall protection system. A hardware based intrusion detection system makes the network secure. Organizations prefer to use intranets for the data distribution and security in house and using advanced database queries and security measures masked the real data in hidden protocols with administrator access only. Using a honeypot, they are used as decoys to trap hackers what may try to intrude in the system. It can also identify the attackers or equal attack the computer guilty of the intrusion (Martin C. Libicki, 2015).
Unlike the ransomware that attacks systems independent of their association, the honeypot can enable the organization to identify the hackers and report them to the relevant authorities. Every traffic that passes through the honeypot is scrutinized to assess its threat and redirected to the sandbox (Anderson, 1997). This measure is important since in the sandbox, it is safer to analyze the intricacies of the packets of data and also their integrity without any compromise to the system. The need to get a secure network, in the case of ABC, their customers can be denied access to their online platform, stalled payment processing and being unable to update customer data from their servers due to connection interruption, this can go a long way to a hardware based intrusion detection system to make the network secure.
A secure system needs a honeypot, a next generation firewall and intranet system to ensure that the data is secured. In ABC, the middle layered system whereby customer data, secure payment gateways and intricate customer data needs to be protected needs the attention of network engineers and appropriate methods to determine a particular node in which to send traffic using both response time of nodes and the amount of available connections between the server and load balance. A hardware based intrusion detection system makes the network secure and using intranet and hidden security protocols makes it important for the security and integrity of the customer data to secure the company’s reputation.
References
Anderson, R. O. (1997). EMERGING CHALLENGE: SECURITY AND SAFETY IN CYBERSPACE. In R. O. Anderson, In Athena's Camp: Preparing for Conflict in the Information Age (pp. 231–252). RAND corporation.
Martin C. Libicki, L. A. (2015). The Efficacy of Security Systems. In L. A. Martin C. Libicki, The Defender’s Dilemma: Charting a Course Toward Cybersecurity (pp. 23-40). Santa Monica: RAND Corporation.
Mays, J. (2018, September 24). Understanding Load Balancing for Web Servers. Retrieved from Liquid Web: https://www.liquidweb.com/kb/understanding-load-balancing/
Thu, A. A. (2013). Integrated Intrusion Detection and Prevention System with Honeypot on Cloud Computing Environment. International Journal of Computer Applications, 9-13.
You’re 100% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.