Add to collection(s) Add to saved
  1. No category
Uploaded by Ykandalama

Network Security

advertisement 
Table of Contents
What is the Cloud computing? ........................................................................................................ 2
What are the Advantages and dis advantages of the Cloud Computing? ....................................... 2
Advantages. ................................................................................................................................. 3
Disadvantages.............................................................................................................................. 4
Most Day to day using types of cloud service. ........................................................................... 4
Types of cloud computing ........................................................................................................... 5
About The Cloud Deployment Models, ...................................................................................... 6
Names of the popular Cloud computing Providers ..................................................................... 7
What is the Security Risk and How those Risks are relate to EMC Cloud service? ...................... 8
What are the security Risks means? ............................................................................................ 8
Elements OF the Information security. ................................................................................... 8
What is the threat Means? ........................................................................................................... 9
What is the Vulnerability .......................................................................................................... 10
About EMC Cloud Provider Security. .......................................................................................... 11
The Risks Of the EMC Cloud service. ...................................................................................... 11
1.2 Managing the above risks by giving security procedures ................................................... 14
How to Solve target EMC’s security risks, ........................................................................... 14
What is the Firewall. ................................................................................................................. 19
What is the Impact of the Improper configurations? ............................................................ 20
What is the VPN (Virtual Privet Network)? ............................................................................. 21
What is the Impact of the Improper configurations? ............................................................ 22
What is the Trusted Network? ................................................................................................... 24
Discuss the benefits of implementing network monitoring systems. ........................................... 27
The NMS (Network Monitoring system), ................................................................................. 27
Advantages and Disadvantages of NMS ................................................................................... 27
Most popular and Effective NMS Software’s, .......................................................................... 27
Formulate a suitable risk assessment procedure for EMC Cloud solutions to safeguard itself and
its clients. ...................................................................................................................................... 28
What is the Risk Assessment (Management) plan? .................................................................. 28
Threats, Risk, Assets, and risks ............................................................................................ 30
P a g e 1 | 38
K.K.Y.Vidnath - 010935
Security
The Impact probability of the EMC cloud service in the IT security ....................................... 31
What is the Cloud computing?
Basically, the cloud computing is the best and very useful technology to store your all
information’s and other digitally stuff. If we talk about the History of cloud Computing it’s going
to 1950, Originally a military mainframe which was developed in 1950 to connect computer
terminals across an internal matrix, non-local storage technology advanced quickly once it hit the
scientific community (Medazing, 2020) mainly there are several peoples are used that technology
then in 1996 this term to “ Cloud Computing” withing a Compaq internal Document. This is the
most popular thing among all of the people in these days, in the day to day working we using that
“Cloud computing technology” in more than 99% for storing our important data’s and connect to
our devises together, as an example “Google Drive & Drop Box” These are the most common
basic cloud services we are using via Google Drive and Drop box we can Easily Upload our
Documents, videos, Recodes in one virtual data space so We can easily accesses those things we
uploaded, been any anywhere It doesn’t matter were you are been in that time. And also, those
providers (Cloud Service Providers) are responsible to protect your data’s form other peplos. As
well as you can get your Document and other stuff you put in that Cloud accurately without any
data lost. Actually, this is the cheapest and Easy way than using DVD’s, PEN Drives or Hard
Drives to store your data’s.
What are the Advantages and dis advantages of the Cloud Computing?
Charles Darwin ones sed every action have a reaction that’s the same scenario for that thing,
everything has an advantages and the disadvantages, as a fact The Cloud computing is the most
popular and powerful state-of-the-art technology in the world But, that have a some diss
advantages too, let’s talk about the advantages and disadvantages of the Cloud computing.
P a g e 2 | 38
K.K.Y.Vidnath - 010935
Security
Advantages.
01. Easy implementation.
The cloud computing is the most popular technology in these days. As a huge advantage that cloud
computing process is very easy to implement than other computing systems, That’s why I’m say
so, Only you had to do accesses to your cloud storage and create your own network, Cloud
computing is provide several types of service such as, IAAS, PAAS and SAAS.
02. Accessibility.
If you are a traveling worker or if you need to work at your home for your business This is the best
advantage of the clod computing. With the cloud computing you don’t want to connect to your
servers or network, in the target location, you can access to your data server or your target
network from anywhere, it doesn’t matter where you are in only you had login to the cloud space
via your computer, Laptop or any digital devise you can easily can do any thing you need in your
cloud
03. No hardware required.
In the Cloud computing you don’t need any kind of physical hardware devises such as, Switchers,
Servers, Firewalls, Routers; your cloud provider is provide that all things to you, They have a big
severs and only you had to do implement your all servers and other parts of the network in your
cloud space virtually, So, you don’t need any kind of big server rooms any more, you don’t need
any kind of hardware to run your network.
04. Cost Saving.
As in saying above with the cloud computing you don’t need any kind of physical hardware’s to
manage your network, Imaging that, IF you have a big Server room you had to take care about that
every single day because, the main server goes down your all network is useless. You had to
implement a AC room for control the temperature in the Sever room as well as you had to put a
proper physical and virtual security policy’s to protect your Data servers and your network, That
P a g e 3 | 38
K.K.Y.Vidnath - 010935
Security
cost too much, and also you had to maintain the network hardwires if that things are goes down.
So, you had to put more and more money for the manage your network. But with the Cloud
computing you don’t need that any more, Your Cloud provider is providing all kind of security to
your Data and also, they are take care about their servers every day. Only you had to do pay your
Cloud space you took.
05. Flexibility for growth.
If you need to expand your business you need more sever space to your Company network so, with
this cloud computing you only had to do, get more space from your CSP (Clouds service).
Disadvantages.
01. No longer in control.
02. May not get all the features.
03. Docent mean you should do away with the servers.
04. No redundancy.
05. Bandwidth issues.
Most Day to day using types of cloud service.

Backup.

Update.

Storage.

Audio and video streaming.

Analyzing data.
P a g e 4 | 38
K.K.Y.Vidnath - 010935
Security
Types of cloud service,
Figure 1 Cloud service types
As I’m saying above, this cloud computing is providing developers and IT departments with the
ability to focus on what matters most and avoid undifferentiated work like procurement,
maintenance and capacity planning. However, there are three types of the Cloud computing
categories in the world, they are “IAAS, PAAS, SAAS”. F we talk about those three different types
of the Cloud computing,
01. Infrastructure as a service (IAAS)
IAAS is the most basic category of the Cloud computing service that allow you rent IT
infrastructure (server or VM’s) form a cloud provider on a pay-as-as-you-go basis. Actually, that
means, storages for your virtual machines. Through this IAAS you can implement your
infrastructure services virtually such as, Servers, Networks, Storages.
02. Platform as a service (PAAS)
P a g e 5 | 38
K.K.Y.Vidnath - 010935
Security
Latterly you can get some brief idea bout that, With this PAAS, supply’s an on-demand
environment for developing, testing, delivering, and managing software applications. Basically,
this is created to designed to quickly create web or mobile apps without worrying about setting or
managing the underlaying infrastructure of servers, storage, network, and databases needed for
development. Such as Git Hub.
03. Software as a service (SAAS)
That service is allowed for delivering software applications over the internet. As per the demand
and on a subscription basis. Via, that service you can do any kind of maintains such as software
upgrades, security patching. (esds, 2020)
About The Cloud Deployment Models,
What is the cloud deployment models, The cloud Deployment models are helping users to
understand and indicate, haw that cloud services are made available to users. There are mainly,
four different type of the Cloud deployment models, Those are, Privet cloud, Public cloud, Hybrid
cloud and Community Cloud. Those each cloud Deployment have a unique thing to separate from
each other model, If we talk about those models,
01. Public cloud.
In this cloud model, all the resources are hosted form the cloud Also, That CSP(Cloud service
provider) is able to give you a digital space to share with your other tenants(Partners, friends). As
well as this model supports to all users to create a use of computing resources, such as hardware
or software and a subscription basis. Commonly those public loud models are uses for application
development, application testing, non-mission-critical tasks like, file sharing, and Email service.
However, those Clouds models are mostly related to using for the Development systems and web
servers.
P a g e 6 | 38
K.K.Y.Vidnath - 010935
Security
02. Privet cloud.
If we talk about that cloud service model, that latterly true to its name, in this case company are
able to manage their own Data center (Cloud), and they can put their Data on that cloud space
(Datacenter Space) also, company is able to share the Cloud space (Datacenter space) with target
team. May be that kind of infrastructure could be managed by the organization (business) by its
self or that might be managed by the service provider that cere of it either on-site or off-site. That
Privet clouds are hell a expensive than public cloud storages that’s why, company’s had to spend
their capital expenditure to maintain that servers. Whatever, That Privet cloud have a good security
method than public clouds.
03. Hybrid cloud.
Latterly, you can get some correct and clear idea about that, In this case organization makes use
of connecting both of Privet and public cloud infrastructure. Most IT companies are doing this
cloud model to scale up their IT infrastructure rapidly, such as when using a public cloud to
supplement the capacity available withing a privet cloud. As an example, IF someone need to run
more computing resources to run its web applications for their business or anything it may attain
those resources via public clouds.
04. Community Cloud.
This is some kind of a hybrid cloud but, in this cloud model multiple organizations are sharing the
computing resources that are part of a community. As an example, we can get a university
cooperating in creating areas of research, or we can get a police departments withing a country or
state sharing computing resources. Sometimes, accesses to the community cloud is typically
restricted to the numbers of the community.
Names of the popular Cloud computing Providers

Amazon web service (AWS).

Alibaba Cloud.
P a g e 7 | 38
K.K.Y.Vidnath - 010935
Security

Google cloud Platform.

Red Hat.

IBM.

Microsoft Azure.

Cisco Systems.

Oracle.

Workday.

Adobe.

SAP
What is the Security Risk and How those Risks are relate to EMC Cloud
service?
What are the security Risks means?
The risk is the common thing to all of things that is possibly affecting to everything such as, Banks,
Vehicles, WEB sites, Shopping malls, there are so many enemies out there to stall every thing like
money, Legal/personal information’s, Data’s. That’s same situation in the Cloud computing and
IT industry, there are lots of risks out there, the main problem is “are information’s is secured?”.
According to world standard there are several main elements is available in standard. Those are
Elements OF the Information security.

Confidential:
According to that, only authorized persons or owner should get access to view or Edit or
Upload/Download the Data form the cloud.

Integrity:
P a g e 8 | 38
K.K.Y.Vidnath - 010935
Security
According to that, you should be able to trust any message or other information’s withing the
company other system

Availability:
According to that, you should be able to access your data’s in any were any time without any
problem.

Authenticity:
According to that, the contents applications or data shul be Jennine at the data

None repudiation:
According to that, user can’t ignore on actions which user have done using the in system. The
system should be able to prove that.
As well as there is have “Defends in depth” This is the concept used to secure the information’s in
which multiple layers of security controls are placed throughout an information technology system
This is layered by 7 stages if we look at them,
(Draw a Picture to that Form Visio)
What is the threat Means?
In the cyber security, the threat is named like that because of the negative consequences they can
have on the environment. The SecOps threat can have the undesirable consequences of getting
unauthorized access to restricted, secure information. In the threat we can clearly understand the
three major types,

Natural threats.

Unnational threats.

International threats.
P a g e 9 | 38
K.K.Y.Vidnath - 010935
Security
What is the Vulnerability
Actually, In the computer security, Vulnerability is a week points of your network, that king of
week points could be exploited by a threat actor, such as an attacker, or cross privilege boundaries
within a computer system, this vulnerabilities are grate opportunity to hackers to get enter to the
network and stole the data from that. To exploit a vulnerability, an attacker, must have at least one
applicable tool or technique that can connected to a system weakness. So, it so much betters check
about the network vulnerability’s In the company.
What the Attacks are,
In the IT risk management, we can clearly identify the several information systems attacks vectors
such as,

Malware attacks - includes the, trojans, spywares, Virus, warms.

Hacking attacks - someone secretly entering to your network.

Environmental attacks or natural desalters.

Physical attacks.

Social attacks.
According to proses of Understanding and responding to the risks. We can clearly identify the
category of the risk and also, we can give the best solution for that. Actually, there are lots of
theories out there using to understand the risks. Mostly the risk is defending on the situations, the
location of the building or location of configured network, the configurations of the network and
the type of continuously using security physical/ virtual security.
Mainly this risk managing security are belong to tow different categories those are, “Physical
Security & Logical Security” if we are talk about those two different categories,
Physical Security: in this security type peoples are using like cages, Fingerprint Scanners, Access
card, Face recognition system, Guns, Human or Robot Security guards. But sometimes this kind
of security methods are not enough for secure your data’s form enemies. That’s why people using
that Logical security methods for that.
P a g e 10 | 38
K.K.Y.Vidnath - 010935
Security
Logical Security: in this security type peoples are using physical types anymore with those security
types peoples can stop like; hacking attacks, MIME attacks. Actually, in this type we can use like
Firewalls, VPNs, digital signatures, Passwords, Encryption methods
About EMC Cloud Provider Security.
If we talk about the EMC cloud service, they have a hell-of-a-lot security issues, that risks make a
lot of impacts to the EMC clod service, sometimes that’s kind of security issues would create on
the business itself. If we talk about them,
The Risks Of the EMC Cloud service.
01. Unauthorized Access.
02. Malware attacks.
03. Power failure.
04. Supplier chain failure
05. Network backup
06. Data Lost
07. DOS Attack & DDOS Attack
08. Natural Disasters
01. The Unauthorized Access,
This cloud be a physical or Logical. The Unauthorized Access is the huge risk for the busses like
that, because the EMC Cloud service have a lots of privet Data’s and other confidential Data’s, in
that kind of company have a confidential information that can only read by authorized persons. If
some one took the face access, they actually can read all of that information’s and also, they can
do whatever they need to do with that information’s. So according to our scenario that risk is the
most top risk of the list of risk that’s why I’m say so, EMC’s Data Center is located on the exact
P a g e 11 | 38
K.K.Y.Vidnath - 010935
Security
same building and the same flow (3rd flow) peoples are working on, So, Even Normal Employs
can Accesses to their continue Data Center storage Location. That means that employees can get
and see the physical encryption include the Switches, Routers, Servers and all other devises in that
location. They clearly have an ability to do a damage to the devises, Configurations of the devises
(Routers, Firewalls), Data’s consciously or unconsciously. That is creating a substantial impact to
the facilities of the Datacenter. Via This kind of risk, it will be major factor in the breakdown of
trust in the story.
02. Malware attacks.
Malware attacks are most common impact among other impacts. Malware means “normally
malicious Software”. Virus, Trojans, Hacking, spyware, ransomware are belonging to that
category. A malware attacks are a common cyber-attack. These Malwares are excuse via
unauthorized actions on the victim’s system. The malicious software encompasses many specific
types pf the attacks such as Trojans, ransomware. Command and control and etc. like that. some
of other malware attacks are ended up with the mainstream news coverage due to their server
impact. So, after the analyze all scenario EMC cloud service haven’t any king of good firewall
configurations and other VPN or good network monitoring systems. So, company’s like this
impact with those attacks much easier. Via that kind of attacks, attackers (Hackers) are able to get
any information’s they need and sometimes times they get accesses to control entire network
building with the commands. Impacts like This cloud be coming from any were, for an example,
like a famous “I Love You” attack in 2000 was caused by a standalone software script disguised
as a love letter and send out of an email attachment. Impacts like that mostly it brakes peoples trust
in the institution. So, that will completely destroy the further growth of the business and also, it is
mostly impact to the Data centers, if you have any confidential data it is not safe anymore, hackers
are able to get any accesses keys, pins, passwords to accesses those servers and seal all of you
company and client confidential Data.
03. Power failure
This another harmful impact, imagine that, your computer is power middle of your works because
of the power failure. In this case if you forgot to save that work you done you had to start it over,
P a g e 12 | 38
K.K.Y.Vidnath - 010935
Security
after computer turned on, and also, some of your data are could be deleted after restart your
computer. That’s the same situation in the any power failure movement. If we talk about the EMC
Cloud service, they haven’t any kind of backup generators. So, if they had to face to the event of
a power outage, they are Definity haven’t anything to do. Bigger IT company’s specially Cloud
Service Providing Services Decently need the backup generator, because if they got a power outage
all of their servers and other network devises are getting down at the seconds, then, users cannot
access to their cloud spaces or they clients cannot read or view their information’s to awhile.
Because if somehow, they got the power back, they cannot restart all the network withing seconds
it gets few minutes to turn On and work again properly. This is the Huge impact for the client base
that’s why I’m say so, if they need to get an Emergency information’s at that time, they are fail to
get those information’s in that time they had to wait for it. So, that kind of the impacts are mostly
reason to the “Downtimes”. That king of impacts is definitely, brakes peoples trust in the
institution.
04. Supplier chain failure
The supplier chain means the network between company and its suppliers to produce and distribute
a specific product to the final buyer. There are many deferent activities are included to that
Network such as, People, entity’s, information’s and a distribute. That is mostly happens to all of
It company’s and that not only box for IT company’s and IT industry that Impact is could be any
business in any industry. Also, the main reason of that is very important to have a good chain of
suppliers (Clients) to bring the device immediately. If we are talk about the EMC CSP, In the EMC
Cloud service have those several types of the equipment, switches, Firewalls, routers, and the
Servers. If somehow one of that gets down they can be retrieved immediately.
05. Network backup
P a g e 13 | 38
K.K.Y.Vidnath - 010935
Security
The network backup, this is the most important thing in the IT industry and the IT company, in the
all of company’s IT departments they have a Backup and recovery plan to manage that kind of an
impact. Also, that’s the process of replicating and backing up all or selected data, end devises and
network nods into a single computer network, in to another server storage at another location or
same location. Via that process company is able to get their all data’s back to them in the disasters.
That means if some disaster comes to the main company server ins not impact to the important
data, that Data is secured in the Backup storage. According to the scenario, EMC Cloud services
haven’t any kind of backup servers not at all so, if somehow their main server is going Destroy,
they haven’t any backup data so they cannot get their impotent information’s. also, they lose every
single data of their clients and they cannot get it back.
06. Data Lost
07. DOS attacks and DDOS attacks.
08. Natural Disasters.
1.2 Managing the above risks by giving security procedures
Managing the Risks, like I’m saying before that is the process of understanding and managing the
security risks. Via this part we can solve and minimize our above (1.1) EMC Cloud service
company problems much easier. And also, we can Build the Develop security procedures for treat
those risks.
How to Solve target EMC’s security risks,
01. Un authorized access.
Unauthorized access is the Huge impact to every IT company. Mostly that kind of a risks are
making a business by itself that’s why, they let to their every IT employees’ accesses to their Data
center. like I’m saying above EMC clouds service haven’t any kind of a good physical security
P a g e 14 | 38
K.K.Y.Vidnath - 010935
Security
method, and also the EMC’s Data Center is located on the exact same building and the same flow
(3rd flow) peoples are working on So, even the employees can easily entered to that Data center
Location. So, The Most and effective way to keep it end EMC’s can,
i.
Use the Proper physical Security methods,
Physical Security, This kind of security methods we can touch from our hands we can see those
security procedures. This is the Most effective and practical thing to do, nowadays we can find a
lots of proper Physical security methods to secure our things such as,

Redundant PC’s.

Redundant doors.

Voice Detectors.

Smoke Detectors.

Finger print Scanners.

Security Camaras available in 24/7.
ii.
Layard security system.
With that kind of a methods specially, Fingerprint scanners EMC’s are able to create a several
authorized employees to Accesses the Datacenter and also, they can establish Layard security
system like Security Officer (1st layer), Accesses Card (2nd Layer), Fingerprint scanner (3rd Layer).
With that layered security system EMC’s can minimize that unauthorized accesses to 99.9%.
iii.
Security officer.
With the physical security officer, we can manage to check all of accesses details and also, we can
clearly stop the enemy attacks that’s why, we can give a gun or some weapon for the security
guards so, they can manage any kind of thread coming as the person. As well as, via using the
security officers we can check all data center In all the time. As an example, Anyone can stole a
accesses card form the Authorize person to access to the Data Center, But with this Security
P a g e 15 | 38
K.K.Y.Vidnath - 010935
Security
officers they cannot accesses to that Datacenter that’s why, Security officers are double chaking
those details related to that person who tried to access too the Data center. If details are matches
to the person they are allow to go inside, if not it could be the worst night mirror of that person
who try to accesses illegally.
iv.
Accesses Cards.
The accesses cards are commonly everyone’s using at the day-to-day working. With this Accesses
Cards companies can minimize create the target group of having a authorize for access to the Data
Center. So, via that companies can stop that unauthorized people accessing to the Datacenter.
02. Malware & virus attacks
As I’m saying above, Via, that kind of attacks company are losing their all of confidential and
important data’s every single time. There are several types of those malware and hacking attacks
those are the Few of them.

Computer Virus.

Worm.

Trojan.

Key Logger.

Spyware.
We can minimize that malware attacks impact through,
i.
Using logical security methods.
This is the oppressed side of the Physical security, The Logically security methods we are
implementing in the network as software, Via those kind of logical security methods peplos are
allow to configure their own polices in their network, as also they can minimize the accesses arias
of the network, such as normal Employs cannot accesses to the main cloud storage, Normal
Employs cannot change the passwords in the Computers also, they can limit internet access such
as, Employs cannot accesses to the You-Tube, Facebook, Twitter, snapchat, Messenger.
P a g e 16 | 38
K.K.Y.Vidnath - 010935
Security

We can Use the Firewalls
With the firewalls you can easily apply polices to the network, via that you can stop the outside
to inside data transferring, or inside to outside data transferring. Most malware attacks are
coming from the outside like an Email or like a website Link, Social media link, Also, you can
stop Downloading Unrecognizable fills to inside computers, you can implement any kind of
policy you want. So, if you configured the firewall correctly and accurately, you will able to
protect from malware attacks. Also, you can use the Digital signatures, password changing
after ever month or after every 3 month and you can use the Network monitoring system.

We can Use VPN
With the VPN (Virtual Privet Network) we can create the secured communication path among
Datacenter and client users, that’s why, in this VPN connection all the Data is encrypted at the
Middle of the transaction, Messaging or uploading any kind of the network activity, So, if
someone staled that Data from middle of the conversation they cannot get anything or see
anything that’s why, all the Data is encrypted in the VPN connection.
ii.
do a regular penetration testing.
We can do a regular penetration testing for our network. The penetration testing also called “pen
testing” or Ethical hacking. This is the practice of testing a computer system, web application or
network vulnerability’s that an attacker cloud exploit. That testing is could be automated with a
software plication or performed manually. However, the main preps of the penetration testing are
a identify the week point in the current organization’s security posture, measure the compliance of
its security policy, test the awareness of security policy. After the penetration testing can find all
of vulnerabilities of the entire network so In the EMC Cloud service can minimize their network
vulnerabilities thru that king of penetration testing and they can stop the Hacking (malware)
Attacks and protect their information’s and whole Network from malware attacks. As well as
EMC’s can minimize and cut off vulnerabilities form their network.
iii.
Use Honeypots a Honey Nets.
P a g e 17 | 38
K.K.Y.Vidnath - 010935
Security
Via This method we can cerate the replica of our all network, its looks like a same abut it is not
we can put unnecessary data in that network, that can stop hell of a lot hacking attacks because, if
someone’s trying to attack to the network they mainly attracts to the fake one so, white hat hackers
(Ethical hackers) can identify the types of the attacks and also they are able to see the week points
of the network. Then they can put the strong configurations to the actual legitimate network’s
proxies.
03. Power failure
As I’m saying above According to given scenario EMC’s haven’t any kind of a backup generators
to face a power failure. So, that is the Most basic and most impact-full problem to that EMC cloud
service, like I’m saying above, this is mainly impact to create a downtime in your network. As a
solution EMC’s can use some backup Generators to their company. Via Using backup generator
EMC’s can get the power on Their PC’s, servers and everything until power came back. So, no
down time any more, and also, they can save their Data’s accurately.
04. Supplier chain failure
In this Supplier chain failure, we can clearly identify several types of the risks and also, we can
manage them to down 0 level with those security
05. Network backup
As I’m saying above, EMC’s Haven’t any Kind of a backup sever/ Backup Data Center, if their
Data Center get out of work, they cannot get their Data’s any more, Until problem is rectified. As
a solution they can Implement a Different Datacenter in the deferent Location. According to the
Given scenario, EMC’s current hasn’t any kind of a Duplicate (Replica/Backup) of their main Data
center, that is the Main and huge issue of the EMC cloud service, there is no way to recover the
Data’s again. So, if EMC’s have another Replica of their main Datacenter, they can Make Some
P a g e 18 | 38
K.K.Y.Vidnath - 010935
Security
copies of the Original Data’s of the Customers and EMC company so, If Main Datacenter goes
Down customers can access to the replica Datacenter. With the Establishing another Datacenter
(Replica datacenter) EMC’s can save the backup their Data’s. And also, they are able to minimize
that Risk to the zero level.
Activity 02
2.1
There are so many things can happen to the EMC’s network with the improper/ incorrect
configurations in the firewall and the VPN to the hackers this is the good week point to get in to
the network. Also, that kind of an incorrect/ improper configurations are making a huge and worst
impacts to the network it will talk out the all trust of the Network and it became an unsecured
network to store the Data’s. However, let’s talk about those impacts,
What is the Firewall.
Figure 2 Firewall
This is mostly use to protect inside network from Network attacks. A firewall is a software unity
or hardware device that acts as a filter for a data incoming or outgoing a networks or computers.
The fire wall is working as a privet security guard that can decides who enters or exits to your
building or your network. That means, you can employment police’s you won’t in the fire wall.
That means, what websites you offer to enter, what videos can network users watch? You can
control things like that. This is protecting the network from malware’s and verses. The fire walls
are commonly using to help prevent unauthorized access to both company and home networks.
P a g e 19 | 38
K.K.Y.Vidnath - 010935
Security
Many times, this is place in behind the router. That’s why may be network users cannot be access
to some websites if this fire wall was installing back to the router.
There are two types of the fire walls. Those are, Software firewalls
and Hardware firewalls. If we talking about the Software firewalls, the Software firewalls are
designed to protect a computer by blocking creating programs from sending and receiving
information from a local network or the internet. By default, most programs are blocked by the
firewall but can be excluded through the firewall settings. If we talking about the Hardware
firewalls, these firewalls are found on most network outers can be configured through router setup
screen.
What is the Impact of the Improper configurations?
There are several impacts are happening if you configured that firewall incorrectly, Some of those
is impacting to the network horribly, there are few of those impacts of improper configurations
01. Undesirable traffic reaches a destination it should not.
That is the One of impact of the improper/ incorrect firewall configurations. If EMC configured
your firewalls wrong that’s is the one of a negative outcome of that, in this case likely be noticed
fairly quickly when process don’t work as expected. And other one is absolutely worse while it’s
possible could cause some negative consequence ay accident, it’s also attacks vector for
individuals with malicious internet.
02. Attacks and unauthorized access.
In the network if you configured that firewall improperly, that’s like you are begging for a cyberattack. Via improper Configurations Hackers are able to send the Trojans, spyware and lots of
thing like that in to EMC’s network, and those hackers can get unauthorized accesses to the all of
EMC Data servers and EMC’s client’s too they can steal every single data of your Network. And
P a g e 20 | 38
K.K.Y.Vidnath - 010935
Security
they can also mess up your entire network as hell. As well as they can accesses to EMC’s Client
Details.
03. Poor Network bandwidth.
That is the next worst impact happens because of the improper/ incorrect configurations of the
network. This is happening because of the poor improper QOS policy Configurations. So, EMC’s
continue bandwidth is going down, so, Clients had to deal with the low bandwidth in the EMC’s
Cloud. That is impacted to the file sharing Uploading, Downloading, Reading and editing or
whatever thing are running on EMC’s Cloud Going with Poor bandwidth. That Also, impact to the
client base. Because, Under a Low poor bandwidth client can’t work fast they hat to waste their
time to do something. So, With impact like this have some chance to may be some clients are giveup on EMC Cloud service.
These are the few more impacts of improper Farwell configurations
01. Lack of Firewall rules.
02. Not Updating Rules Consistently.
03. Issus with security Logging.
04. Incorrect authenticating requirements.
What is the VPN?
P a g e 21 | 38
K.K.Y.Vidnath - 010935
Security
(Kesavan,
2017)
Figure 3 How VPN's work
VPN means “Virtual Privet Network”. The VPN is the most trusted and secured way to
communicate with the network. Most people in the word using that technology in day to day
works.in this VPN’s all the Data transection is going through the Privet tunnel, over the unsecured
network all the data transferred via the VPN will automatically encrypted. The main usage is to
connect branch officers and for remote communications mainly bellow 3 kind of protocells are
use, If we talk about that protocols,

PPTP - Point to Point Transfer Protocol.

L2TP - Layer to tunneling Protocol.

SSTP – Secure Shocked Tangling Protocol.
What is the Impact of the Improper VPN configurations?

Increased Network Latency.
 Treble with IP addresses and Location.
P a g e 22 | 38
K.K.Y.Vidnath - 010935
Security

Wrong End point.

Loss Data
04. MIME Attacks
The meaning of the MIME attacks is “Man In the Middle Attack”. Literally, you can get some Idea
about that that is mostly happening because of the Incorrect/ Improper VPN configurations. If we
get some example for that MIME attacks,
You are sending some Message to someone your friend Via VPN connection Or another way Your
Message is “Hi friend” but the hacker is standing middle of that conversation he got that message
first before its going to the receiver, so, the Hacker is changing the Message he sent “Hi friend I
need your Gmail Password” so after receiver get that message he send the Password to his friend
but friend didn’t get that hacker gets the password, and he can accesses to target victims Gmail
Account.
According to above example you can clearly get some knowledge about what is the process of the
MIME Attacks, Attacker (Hacker) can see everything they need they can get everything they need
like, Personal Information, Transection cods, Money, Account Access. With that Kind of impact
EMC’s cannot secure their Information’s anymore, That’s why Hackers can see anything they
need and also, they can be huge impact to the customers too because they can see Every activity
is happen between cloud network and clients, they can steal Personal confidential Information’s
of clients in EMC’s.
(Write more Things about that)
P a g e 23 | 38
K.K.Y.Vidnath - 010935
Security
2.2
What is the Trusted Network?
Trusted Network, latterly you can get some basic idea about that. Actually, A trusted network
means, a network with lots of devises (This mean connected network) that are connected each
other, open only to target authorized users, and allows for only secure data to be transmitted. The
trusted network has a following key features,
01. Data Encryption
02. Authenticating (that means, only authorized persons can use the Network)
03. Strong Firewall
04. VPN (Virtual Privet network)
If we talk about the EMC cloud service, With the Trusted network EMCs can able to make a huge
Customer base, as well as EMC’s can secure their data’s form attacks. Latterly thar are lots of
technologies out there to make good trusted network like, DMZ, Static IP, NAT. So, EMC CSP
(Cloud Service Provider) can use those technologies to stablish a good trusted network, if we talk
about above technologies and how that technologies would and its clients by flitting a “Trusted
network”
DMZ
The DMZ, DMZ means, “demilitarized Zone”, The DMZ is the isolated using a security gateway
to filter a traffic between the DMZ and the privet network. As well as, DMZ itself also has a
security gateway in front of it to filter incoming traffic from the external network. That DMZ is
using could be logical or physical network. That DMZ is creating an effective trusted network.
Simply, the DMZ can be communicating with the out side computers. That DMZ is using for the
bypass the standard firewall. As system is that are most susceptible to attacks are those that
provides service to users outside of the LAN (local area Network), like, Email, DNS servers, they
are quarantined inside a DMZ, from where they have limited accesses to the privet network. Hosts
P a g e 24 | 38
K.K.Y.Vidnath - 010935
Security
DMZ can communicate with both of the eternal and external network, but communicating with
the internal network hosts is tightly secured. (Lukan, 2020)
(Lukan,
2020)
Figure 4 The DMZ
According to the above picture you can get some brief Idea, about the DMZ, DMZ can bypass the
firewall and also it can safe all of data storage from the attacks.
Static IP
A static IP address is a static IP address, Actually, that means, It will never change. If you are
"always" on an Internet connection, That is like a receive a static IP address, with some "always"
connections using dynamic IP addresses to facilitate the installation process. (wire, 2020) Usually
connections like T1 have a fixed IP address If you are not sure if you have a static IP, you probably
do not. In general, static IP addresses are a stock of sales charged monthly by your ISP.
P a g e 25 | 38
K.K.Y.Vidnath - 010935
Security
NAT
NAT Network, actually, NAT means “Network Address Transection”. If you are used a Virtual
Box, VMware Workstation or any other Virtualization software, you can get the small idea about
that. However, IF we talk about what the NAT network is, Via this NAT Network replacing a
privet IP addresses to the Public IP addresses. If you are accessing to the internet via accessing to
the Public network definitely, your IP address can be unique, So, normally peoples cannot access
to the internet using a privet IP addresses, When, in the router Privet IP address are replaced with
the Public IP addresses. After that Privet IP addresses are replaced with a Public Ips person is able
to go outside of the Network (Internet). If you are a virtualization software user you can try this as
well, you can create two or Three Virtual PC’s using your Physical user PC, then you can put all
of that virtual PC’s in to a single NAT network using Virtual software. After that if you need to
go to the Internet via one of that virtual PC you have an internet accesses of the Main PC.
(Morina,
2020)
Figure 5 A NAT Network
P a g e 26 | 38
K.K.Y.Vidnath - 010935
Security
According to the above image you can simplify the process of the NAT network, with the NAT
network all of the PC’s in the Network can accesses to the internet via one single public IP and
also, In the NAT network PC’s are get a unique token of the Access, that means, IF there are two
or more PCs trying to accesses to the internet they have a same Public IP address to use, but they
are going to the deferent directions, so, as a solution for that NAT Devise (Router) is give a unique
token for each PC; then it can making a different path to a different PCs with only one public IP
address. (you had to explain more ask it from your teacher)
2.3
Discuss the benefits of implementing network monitoring systems.
The NMS (Network Monitoring system),
Network monitoring system, that is also called “NMS”, Those NMS are could be logical or
physical thing (hardware or software). This NMS are mostly using among, larger and medium Its
companies. through this Network Monitoring system companies are able to monitor large number
of computers in one software. Actually, this NMS is using to monitor a Minimum 300-500 PCs.
via this NMS IT administrator can monitor the all of activities in the Network. As well as tis can
monitor the hardware failures, hardware events, Application failures, Unnecessary traffic and virus
attacks. With the NMS we can treat to the risks as soon as possible. There are lots of NMS softwires
are available in the out side for monitor the Networks. If we talk about them,
Advantages of NMS
Most popular and Effective NMS Software’s,
P a g e 27 | 38
K.K.Y.Vidnath - 010935
Security
05. whatsUp Gold.
06. Nagios Xi.
07. Incinga.
08. Datadog.
09. Monza.
10. New Relic.
3.1
Formulate a suitable risk assessment procedure for EMC Cloud solutions to
safeguard itself and its clients.
What is the Risk Assessment (Management) plan?
Risks are most common thing for very thing, but in the industrial level they are trying to minimize
their risks all the time, that’s the reason for using that risk assessment plan for their businesses.
Basically, most companies are able to low their all continues risks and further risks down to the
99.9%. However, a risk management plan is a writing document of representing and organization’s
risk management process. Mainly, in this process creating a team of stakeholder across the
organization to review and analyze target potential risks to the organization, That team of
stakeholders should be include senior manager, Department Managers, Network Administrators
and the Compliance officer.
To create a risk management plan there are few steps to complete. After complete fallowing that
steps, then you can get an effective final output (A good risk Assessment Plan).
01. Set an Objectives.
In this first step Team members had to review all of the business objectives, which means, such
as, third-party business partnerships or Product Development. The important of the that business
objectives, the risk managing proses is equal to current as well as future goals.
02. Risk Identification step.
P a g e 28 | 38
K.K.Y.Vidnath - 010935
Security
In this second part the team is lies in reviving all of the digital assets such as systems, networks,
software, devises and Data. Via that cataloging those assets, Team members are able to identify
the risks to the assets. That Risk or undetermined event, could be a positive or negative and
condition of that risk could be having an impact like financial, operational, or reputational.
03. Risk Assessment.
In this part team had to look at the likelihood the event will happen and then estimate consider to
the business if its dose happens. Through multiplying likelihood by the consider impact can give
insight into a risk’s effect. In this case team can get a brief idea of an impact type as an example,
a risk with the low likelihood may have to destructive financial impacts. As well as a risk with the
high likelihood may be have no impact. The part of perceptible or imperceptible analysis is creating
a matrix of assessment. At last of this part of the process mainly risk management team can
completely and clearly analysis and assign ratings such as high, modem or low (reciprocitylabs,
2020)
04. Risk Tolerance
After assigning risk ratings, the team works to determine whether it will accept, transfer, mitigate,
or refuse a risk. The team may decide to accept a low risk, a potential event that is not likely to
occur and would have little impact if it did occur. However, it may also should to refuse a high
risk, a potential event that is highly likely to occur and would have a large impact.
05. Risk Mitigation
For accepted risks, the team must create a set of risk mitigation strategies. For every risk that an
organization accepts or transfers, it needs to defines responses to issues that can occur. In
information security, this means setting controls to protect data from cybercriminals. Thus, the risk
mitigation strategies act as a contingency plan in case the event occurs to help limit the defined
impact.
06. Risk Management Plan
This is the final output of the all process. “The Risk Management Plan” is a document include the
all of risk assessment, analysis, tolerance, and mitigation of considerations.
P a g e 29 | 38
K.K.Y.Vidnath - 010935
Security
Through this Risk management plan, we can categorize the impact of business measured on a scale
of 0 to 8. As well as this risk management scale can be mapped to a simple overall risk rating:
Such as,
11. 0-2 (Low Risk)
12. 3-5 (Medium Risk)
13. 6-8 (High Risk)
If we look at the structure of that risk management table,
Likelihood of
incident scenario
Very Low
(Very
Unlikely)
LOW
(Unlikely)
Medium
(Possible)
High
(Likely)
Very High
(Frequent)
Very Low
0
1
2
3
4
Low
1
2
3
4
5
Medium
2
3
4
5
6
High
3
4
5
6
7
Very High
4
5
6
7
8
Business
Impact
Threats, Risk, Assets, and risks
P a g e 30 | 38
K.K.Y.Vidnath - 010935
Security
The Impact probability of the EMC cloud service in the IT security
In this part we can see different impact level of each risks, as well as we are able to give more
attention and react to stop or minimize the most harmful risks immediately.
01. Unauthorized Accesses.
02. Malware and Viruses a tack
03. Power failure.
04. Supplier chain failure.
05. Network Backup.
06. Data Lost.
07. Dos attacks and DDOS attacks.
08. Natural Disasters.
P a g e 31 | 38
K.K.Y.Vidnath - 010935
Security
09. Isolation Failure
3.2
What is the ISO 3100 risk management methodology?
Figure 6 ISO a3100 Proses
Definition,
The ISO 3100 is a security analysis methodology, or risk management process this proses is used
by the lots of different industries to analyze their risks effectively. Through that risk management
methodology, you can easily standardize the steps you take to Analyze and manage risk, also it
P a g e 32 | 38
K.K.Y.Vidnath - 010935
Security
leaving you with a formal and standardized work flow. As I’m sed above, this methodology can
be used by any kind of organization, regardless of size, activity, or sector. The methodology
provides you a framework (figure 5) for managing a risk, but is customizable. Via using that
Methodology you can achieve following benefits, (Watch, 2020)

Identify the treats and opportunities.

Minimize Losses.

Improve operational efficiency and effectiveness.

Encourage Personal to identify and treat risks.

Improve risks management.
What are the Data Protection Privacy Lows?
Definition,
3.3
IT Security & Organizational Policy
What is the IT security?
The IT security is a set of cybersecurity strategies that prevents unauthorized access to original
assets such as computers, networks, and data. Actually, that means, the Integrity and
confidentiality of sensitive information blocking the access of sophisticated hackers and other
threats. If we talk about what the deferens between IT security and Data Security, actually, those
both contents are sounds like similar but it is not, they do refer to different types of the security.
Basically, Information security refers to the prosses and tools designed to protect sensitive business
Information from invasion (Cisco, 2020). The IT security means, securing the digital Data, That
data could be in our computer or server network, in that case They trying to secure your computer
network.
P a g e 33 | 38
K.K.Y.Vidnath - 010935
Security
The threats of IT security.
In the IT industry threats are came with the different forms, that the same case to the IT security,
if we talk about the common threats, we can get malware or malicious software, which may come
in different types to infect network devises, such as,

Ransomware.

Spyware.

Viruses.
Those above threats are making it even more impotent to have a repayable and adaptable security
practice.
Benefits of IT security
There are lots of benefits of that IT security, If EMC kind company can get that benefit via that IT
security. If we talk about those things,
01. Protection for your business.
That cybersecurity solutions are creating a digitally strong protection to your running business, as
well as that protection will ensure your employees aren’t in the risk from potential risk such as
Ransomware, Spyware, Malware, Trojans.
02. Increase Productivity
Via Computer viruses’ hackers are able to slow down your company’s computers as hell it well be
preforming as a snail after that your inside computer network making work practically impossible,
such as “worms”. But with the effective sober security elements the possibility, maximizing your
businesses potential output.
03. Inspires customer satisfaction
With the good and strong security, you can prove your customers about the data protection
capability of your network, So, you can increase your customer base with that, because, customers
are going to satisfying about that company’s Data security.
P a g e 34 | 38
K.K.Y.Vidnath - 010935
Security
04. Protection for your customers data
With the good IT security hackers cannot able to stole the information’s form your businesses,
company’s like EMC always care about their Data Protection If company’s trying to secure their
data, that means they protecting customers Data.
The Organizational Policy
Definition
Latterly you can get some understand about that, The polices are the general statements of an
organization behave and procedures define exactly how to do a task or preform step by step, The
Policy can be related to the security of the organization. As well as, that could be identify risks
and mitigate risks. As well as, security polices can essential for tracking organizations, biggest
weaknesses and also, they can measure some solutions for that. Information security policies are
responsible to mitigate the risks by helping organization to understand their data protection
obligations in various scenarios.
The organizations can have as many policy’s as they like covering anything that’s relevant to their
businesses process. If we talk about few of that kind of organizational polices.
01. Remote access.
02. Password creation.
03. Password management.
04. Portable media.
05. Acceptable Use.
4.1 Develop a security policy for EMC Cloud to minimize exploitations and
misuses while evaluating the suitability of the tools used in an organizational
policy
P a g e 35 | 38
K.K.Y.Vidnath - 010935
Security
01. Acceptable usage police
02. Password policy
03. Accesses control policy
04. Network security Policy
4.2
And create the PowerPoints Presentation for the 15 minutes
4.3
P a g e 36 | 38
K.K.Y.Vidnath - 010935
Security
References
Cisco.
(2020,
12
6).
Cisco.
Retrieved
from
https://www.cisco.com/c/en/us/products/security/what-is-it-security.html
Cisco.com:
esds. (2020, 12 5). esds. Retrieved from esds.com: https://www.esds.co.in/blog/cloud-computingtypes-cloud/#sthash.G7J91NLy.dpbs
Kesavan, A. (2017, 2 14). thousandeyes. Retrieved from blog.thousandeyes.com:
https://blog.thousandeyes.com/how-virtual-private-networks-impact-performance/
Lukan,
D. (2020, 12 4). infosecinstitute. Retrieved from
https://resources.infosecinstitute.com/topic/virtual-dmzs-cloud/
infosecinstitute.com:
Medazing, S. (2020, 11 28). scality. Retrieved from https://www.scality.com/:
https://www.scality.com/solved/the-history-of-cloudcomputing/#:~:text=The%20term%20%E2%80%9Ccloud%20computing%E2%80%9D
%20itself,in%20academic%20work%20before%20that.
Morina,
B.
(2020,
12
4).
Pinterest.
Retrieved
https://in.pinterest.com/pin/563794447106877392/
from
Pinterest.com:
reciprocitylabs. (2020, 12 5). reciprocitylabs. Retrieved from https://reciprocitylabs.com/:
https://reciprocitylabs.com/resources/what-is-a-risk-management-plan/
Watch,
R. (2020, 12 6). RIsk Watch. Retrieved from RIsk Watch.com:
https://riskwatch.com/2018/03/19/risk-managementprocess/#:~:text=ISO%2031000%20is%20a%20security,a%20formal%20and%20standar
dized%20workflow.
wire, L. (2020, 12 6). Life wire. Retrieved from Life wire.com: https://www.lifewire.com/usingstatic-ip
Table Of figures
Figure 1 Cloud service types........................................................................................................... 5
Figure 2 Firewall ........................................................................................................................... 19
Figure 3 How VPN's work ............................................................................................................ 22
Figure 4 The DMZ ........................................................................................................................ 25
Figure 5 A NAT Network ............................................................................................................. 26
Figure 6 ISO a3100 Proses ........................................................................................................... 32
P a g e 37 | 38
K.K.Y.Vidnath - 010935
Security
List of tables.
No table of figures entries found.
P a g e 38 | 38
K.K.Y.Vidnath - 010935
Security
Related documents
One of the lead activities assigned to ITU-T Study Group... presentation gives an overview on the ongoing work of Study... SG13 Activities and Achievements Related to Cloud Computing
One of the lead activities assigned to ITU-T Study Group... presentation gives an overview on the ongoing work of Study... SG13 Activities and Achievements Related to Cloud Computing
Cloud Based Business Growth Support Processes
Cloud Based Business Growth Support Processes
Jordan University of Science and Technology Abstract: Authors
Jordan University of Science and Technology Abstract: Authors
Security Position
Security Position
Download
advertisement