1 Running head: NETWORK INFRSTRUCTURE AND SECURITY Network security protocol and infrastructure A WAP2 access protocol will be used because it is more secure than the previous WEP and WAP protocols. The WAP protocol is an updated security protocol version that provides the WIFI network with security updates against the security issues experienced when using the WEP wireless equivalence privacy. The updated WAP2 protocol is made up of 802.1X authentications and the temporal key integrated components, which are the primary security components. WAP2 dynamically configures clients to use the 802.1X protocol when they are at the Wi-Fi network range. The Wi-Fi access points then challenge the client computer to provide the identification credentials. The identification credentials are then shared with the Remote Authentication DialIn User service, which then conducts an authentication process (Adkins et al,2019). The client computer is then prompted to send the correct authentication credentials by the server that is tasked with the authentication process. The authentication server decides whether to validate or not to validate depending on the verification credentials sent by the client computer. Depending on the correctness of the information, the authentication server can either allow or deny the client permission to access the network. If the client is validated and permitted access to the network, the access points can then allow information or traffic to flow through the client. The 802.1 protocol is therefore suitable for the organization's networks because it provides the network with a secure authentication and verification procedure and more secure connection. Networks EAP protocol that is used in the WPA 802.1X protocol is essential for data encryption. 2 Running head: NETWORK INFRSTRUCTURE AND SECURITY Physical and logical planned network topographical layout The networks logical topographic layout pertains to the logical features of the network. The logical features consist of the network devices as they appear to the user. The logical network consists of the IP addresses scheme, the host computers, and other network devices like the routing tables and as they appear to the user. The logical network is made up of multiple networks but appears as a single network entity to the user. The networks physical topographical layout consists of the actual networks physical locations and other interconnected devices that are used in the network. The physical and logical network design helps the network designer to identify areas that have potential vulnerabilities. 3 Running head: NETWORK INFRSTRUCTURE AND SECURITY Logical 4 Running head: NETWORK INFRSTRUCTURE AND SECURITY Illustrate the possible placement of servers, including access paths to the Internet, intrusion detection systems (IDS), and firewalls. Note: Facility limitations, workstations, databases, printers, routers, switches, bridges, and access points should be considered in the illustration. The above design illustrates how the Internet is interconnected with the router, how it relates to the firewall, the client computers, servers, hubs, and the access points. The security of the network considers the network topology, the configuration protocols and the placement of the host computers with the network. In addition, every component must be carefully configured, and the hardware and technologies chosen must be able to handle possible vulnerabilities. As illustrated in the diagrams above, switches and hubs are used to connect all the workstations. The broadband filter is essential for the organization to allow the network users to use the telephone via the network and as well access the Internet simultaneously. The network switch allows for the connection of two or more hosts to allow traffic flow and data sharing from one or more processors within the same network. The network printer provides the capabilities to the network users to print materials from more than one location in the network to a central point. The printer will be connected through the Ethernet cable and also through the Wi-Fi access point. The file servers in the network are connected to the central hubs. Traffic flows through the file servers as client computers communicate through the central point to share data packets and files. The hubs used in the network provides a central point where the network can be managed, where the admin can troubleshoot the network and essential functionality of passing information from one computer to another. The router in the network will be configured to act as a residential gateway. This is because the network will use a dynamic host configuration network to allow automatic Internet Protocol address configuration. 5 Running head: NETWORK INFRSTRUCTURE AND SECURITY Create and describe a comprehensive security policy for this data-collection company Availability policy. The availability security principle ensures that the users can access the network without the denial of service whenever they wish. The network must at all times have a configured firewall to prevent people with malicious intent from intruding and protect the system from denial of service. During network updates, the company information technology department and the human resource department will identify the critical information resources that are needed to ensure that the organization's critical operations continue as usual. The information technology department shall also identify sensitive information systems that need to be protected to ensure its availability. Confidentiality policy. Confidentiality refers to the ability of the system to ensure data privacy and information security for the users and prevent data from being accessed without the right authorization. The confidentiality policy defines three steps that would respectively ensure that; the system is protected, the security problem or intrusion is detected, the problem is contained and that measures to contain the problem are defined, the security problem is completely eradicated and that the system recovers from a confidentiality breach issue. Necessary steps shall be taken to kick the user out of the network in case he or she violates the policy. Integrity policy. The integrity of computer security ensures that data is unchanged and is presented in the correct manner. Integrity seeks to ensure that data is not manipulated by deleting, changing, or adding incorrect information. The information technology team or department must ensure at all times that there is a real-time monitoring and that unauthorized operations are detected, halted, and reported. The information system department shall ensure that there is a log file for all the activities within the network and that any change log is kept for future references. 6 Running head: NETWORK INFRSTRUCTURE AND SECURITY They shall ensure that there is an anti-malware or antivirus that will prevent possible intrusion or illegal manipulation of data. Ethical aspects related to employee behavior, contractors, password usage, and access to networked resources and information. All the employees who use the system must be informed on the importance of ensuring that the system is secure and that there is a need to protect any sensitive information before the organizations decide to grant them access to the system. The employee must not be responsible for attempting to prove suspected network weakness as it would be interpreted by the organization as hacking or system misuse. The employees must also endeavor to report any incidences to the organization's information technology department immediately. The employees must be held accountable for understanding, ascertaining, and ensuring compliance with the regulations and policies pertaining to passwords and how they access the organizations network and information resources (Biskup, & Bonatti, 2018). The employees and contractors should never share their passwords with any unauthorized persons. The illegal access to the organizations network information systems and network access without the proper authorization will lead to disciplinary measures taken against the employees. References Adkins, D., Lakshminarayanan, K., Perrig, A., & Stoica, I. (2019). Towards a more functional and secure network infrastructure. 7 Running head: NETWORK INFRSTRUCTURE AND SECURITY Biskup, J., & Bonatti, P. (2018). Controlled query evaluation for enforcing confidentiality in complete information systems. International Journal of Information Security, 3(1), 1427.
