Site icon Eminence Papers

Firewall Selection and Placement

Firewall Selection and Placement

Firewalls for the Corporation Techs Network

A firewall is a security filter used by organizations and individuals to block unauthorized users from penetrating the internal network. There exist multiple types of firewalls classified into hardware and software firewalls. Hardware firewalls include routers that can be manipulated for different settings to increase or reduce security. Such firewalls are best placed where the external network is connected to the internal network. Server firewalls are installed on the server in order to prevent access to the server. These firewalls can either be physical or software, but a combination of both is recommended since servers are vital in the operations of any organization (Radosavovic et al., 2020). Software firewalls, on the other hand, are installed on computer devices. Packet filters are the simplest kind of software firewalls that work by comparing data from the source and the data in the destination. If the data has been manipulated, the connection is terminated. Another type of software firewall is the stateless firewall, which compares IP addresses that have been previously connected to the network and disallows new addresses unless authorized. One of the methods a firewall can use to ensure network security and that information is not leaked is by preventing all outbound packet traffic (Clincy & Shahriar, 2018). Our assignment writing services will allow you to attend to more important tasks as our experts handle your task. Get in touch with us at eminencepapers.com.

Network, Server, and Workstation Firewalls

Network firewalls can use Network Address Translation to prevent attacks. This occurs when a firewall limits the number of IP addresses or a single IP address shared among multiple computers. Network Address Translation works by assigning one device or firewall to work as the midpoint between the internet and the internal network. In contrast, the IP address for this device acts as the representative for the entire network, thus disguising other devices on the network. Apart from organizations, hosts are also recommended to install firewalls for their security. Individual users can use routers as firewalls by changing default settings and passwords and adding a layer of security. Individual network users can also install firewalls and antivirus software, which usually have built-in firewalls for additional security (Neupane, Haddad & Chen, 2018).

A Plan for Creating a DMZ and How It Makes the Network More Secure

A definitized zone, popularly known as DMZ, is a network security feature that allows public connection to organization data without exposing the network to cyber-attacks. A demilitarized zone in a secure network is when the network has been opened to external access for users on the internet to visit the organization’s services. A demilitarized zone allows the organization to broadcast its services over the internet, for example, on its website or public portal. A DMZ increases security by restricting access to private information and preventing users on the public section of an organization’s network from accessing restricted data on the private network. An organization can configure a separate server to act as the public web server instead of using the same server for both internal and external networks. This precaution will also reduce the risk of a cyber-attack (Neupane, Haddad & Chen, 2018).

Another way an organization can reduce the chances of a cyber security threat while also increasing security is by enforcing network authentication. Network authentication is the process of requiring verification before gaining access to a secure network. There are several types of network authentication, such as password-based authentication, two-factor authentication, multifactor authentication, and CAPTCHA (Completely Automated Public Turing Test). Password authentication is when a user is required to enter a username and password before they can be granted access to a network. Two-factor authentication is when the user is required to provide a password and an additional piece of information, such as a code, sent through email or phone number. Multifactor authentication is when a user is required to provide more than two pieces of private information to get verification and gain access to a private network. CAPTCHA (Completely Automated Public Turing Test) is an authentication that is meant to prevent automated attacks by providing a picture or audio file where the user can read the information and enter it into a text box to confirm they are not a robot. These kinds of network authentications can improve security drastically and prevent multiple attacks.

Network Authentication and Creating a High-Level Plan for Secure Authentication to Internal Network Resources

When an organization plans to secure its network systems from an attack, the first step is to analyze its risks and requests. There are two authentication systems that can be used as a filter and individual endpoint authentication (Ezra et al., 2022). Filter authentication acts as one point of authentication for the entire network, while endpoint authentication is where each service on the network has its own authentication. When a user wants to access another service on the same network, they have to provide authentication details once more. One of the advantages of endpoint authentication is that an attacker cannot hijack a user’s session and use it to access another service on the network.

References

Clincy, V., & Shahriar, H. (2018). Web application firewall: Network security models and configuration. In 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC) (Vol. 1, pp. 835-836). IEEE.

Ezra, P. J., Misra, S., Agrawal, A., Oluranti, J., Maskeliunas, R., & Damasevicius, R. (2022). Secured communication using a virtual private network (VPN). Cyber Security and Digital Forensics, 309-319.

Neupane, K., Haddad, R., & Chen, L. (2018). Next generation firewall for network security: A survey. In SoutheastCon 2018 (pp. 1-6). IEEE.

Radosavovic, I., Kosaraju, R. P., Girshick, R., He, K., & Dollár, P. (2020). Designing network design spaces. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (pp. 10428-10436).

ORDER A PLAGIARISM-FREE PAPER HERE

We’ll write everything from scratch

Question 


Firewall Selection and Placement

Scenario
The senior network architect at Corporation Techs has informed you that the existing border firewall is old and needs to be replaced. He recommends designing a demilitarized zone (DMZ) to increase network perimeter security. He also wants to increase the security of network authentication, replacing the current username and password approach.
Tasks

For this part of the project, perform the following tasks:
1. Research and select firewalls for the Corporation Techs network.
a. Describe each firewall, why you selected it, and where it should be placed for maximum effectiveness.
b. Address network, server, and workstation firewalls.
2. Describe a plan for creating a DMZ and explain how it makes the network more secure.
3. Research network authentication and create a high-level plan for secure authentication to internal network resources.
4. Create a draft report detailing all information as supportive documentation.
5. Cite sources, where appropriate.

Required Resources
 Internet access
 Course textbook (REFERENCE: Stewart, J. M., & Kinsey, D. (2021). 5. In Network security, firewalls, and VPNS. essay, Jones & Bartlett Learning. )

Exit mobile version