Designing Secure Network Question Description Term Paper Project: Designing a Secure Netwo …

Designing Secure NetworkQuestion Description Term Paper Project: Designing a Secure Network You are tasked with designing the most secure network possible, keeping in mind your goal of supporting three (3) IT services: email, file transfer (centralized), and VPN. Your first step is to design a single network capable of supporting three (3) different services. Once you have fully designed your network, you will need to provide three (3) workflow diagrams explaining how your designed network handles the three (3) different transactions. The first is an internal user sending an email using his / her corporate email address to a user on the Yahoo domain with an arbitrary address of user534@yahoo.com. The second workflow diagram should show a user initiating an FTP session from inside your network to the arbitrary site of ftp.netneering.com. The third workflow is an externally located employee initiating a VPN session to corporate in order to access files on the Windows desktop computer, DT-Corp534-HellenS, at work. Write a paper in which you complete the following three (3) parts. Note: Please use the following breakdown to complete your assignment: Overall network diagram Datapath diagrams (one for each of the steps in the scenarios below) Write-up Part 1 1a. Using Microsoft Visio or its open source alternative, create a diagram showing the overall network you’ve designed, from the user or endpoint device to the Internet cloud, and everything in between, in which you: Follow the access, core, distribution layer model. Include at a minimum: The authentication server (i.e. Microsoft Active Directory) Routers Switches (and/or hubs) Local users Remote users Workstations Files share (i.e. CIFS) Mail server Web servers (both internal and external) Firewalls Internet cloud Web proxy Email proxy FTP server (for internal-to-external transport) 1b. Explain each network device’s function and your specific configuration of each networking device. 1c. Design and label the bandwidth availability or capacity for each wired connection. Part 2 2a. Using Microsoft Visio or its open source alternative, create a Datapath Diagram for the following scenario: Local user sends email to a Yahoo recipient. Local (corporate) user having email address jonny.hill@Corp534.com sends an email to user534@yahoo.com. Document and label the diagram showing protocols and path of the data flow as data traverses through your network from source to destination. Include path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow. Show user authentication when necessary. 2b. Using Microsoft Visio or its open source alternative, create a Datapath Diagram for the following scenario: Local user, Jonny Hill, transfers file using ftp through the Internet to another company’s site (ftp.netneering.com). He has to access the secure shell using his active directory credentials to authenticate to the ftp server (Linux running Redhat) on the DMZ. He needs to transfer files from his desktop across the Internet to ftp.netneering.com. Document and label the diagram showing protocols and path of the data flow as data traverses through your network from source to destination. Include path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow. Show user authentication when necessary. 2c. Using Microsoft Visio or its open source alternative, create a Datapath Diagram for the following scenario: Remote user, Hellen Stover, connects via VPN from home through the Internet to her corporate desktop, DT-Corp534-HellenS. Hellen uses a browser to initiate her VPN connection. By browsing to https://VPNaccess.corp534.com, she arrives at a login page where she needs to authenticate using her Active Directory credentials before the VPN tunnel is built. Document and label the diagram showing protocols and path of the data flow as data traverses through your network from source to destination. Include path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow. Show user authentication when necessary. 2d. Explain how your overall design protects the organization from both inside and outside attacks. Give examples. 2e. Explain how your layered design compensates for possible device failures or breaches in network security. 2f. Determine whether any possible bottlenecks exist in your design. 2g. Explain how to make the file transfer process more secure. Part 3 1. Use at least five (5) quality resources in this assignment. (Note: Wikipedia and similar websites do not qualify as quality resources.) 2. Include charts or diagrams created in Visio or an equivalent such as Dia. The completed diagrams/charts must be imported into the Word document before the paper is submitted. 3. Your assignment must follow these formatting requirements: Use proper APA format. Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page (if applicable) are not included in the required assignment page length. The specific course learning outcomes associated with this assignment are: Explain the essentials of Transmission Control Protocol / Internet Protocol (TCP / IP) behavior and applications used in IP networking. Identify network security tools and discuss techniques for network protection Describe the foundational concepts of VPNs. Design a secure network to address a business problem. Use technology and information resources to research issues in network security design. Write clearly and concisely about Advanced Network Security Design topics using proper writing mechanics and technical style conventions. Note: Assignment will be check for plagiarism. Grading for this assignment will be based on answer quality, logic/organization of the paper, and language and writing skills, using the following rubric. Points: 210 Term Paper Project: Designing a Secure Network Criteria Unacceptable
0% Needs Improvement
1- 69% F Fair
70-79% C Proficient
80-89% B Exemplary
90-100% A Part 1 1ai. Using Visio or its open source alternative, create a diagram showing the overall network you’ve designed, from the user or endpoint device to the Internet cloud and everything in between, in which you follow the access, core, distribution layer model. Weight: 6% Did not submit or complete the assignment. Attempted to create a diagram showing the overall network you’ve designed, from the user or endpoint device to the Internet cloud and everything in between, in which you followed the access, core, distribution layer model. Partially created a diagram showing the overall network you’ve designed, from the user or endpoint device to the Internet cloud and everything in between, in which you followed the access, core, distribution layer model. Satisfactorily created a diagram showing the overall network you’ve designed, from the user or endpoint device to the Internet cloud and everything in between, in which you followed the access, core, distribution layer model. Thoroughly created a diagram showing the overall network you’ve designed, from the user or endpoint device to the Internet cloud and everything in between, in which you followed the access, core, distribution layer model. 1aii. Using Visio or its open source alternative, create a diagram showing the overall network you’ve designed, from the user or endpoint device to the Internet cloud and everything in between, in which you include at a minimum authentication server, routers, switches, local users, remote users, workstations, file share, mail server, Web servers, firewalls, Internet cloud, Web proxy, email proxy, and FTP server.
Weight: 6% Did not submit or complete the assignment. Attempted to create a diagram showing the overall network you’ve designed, from the user or endpoint device to the Internet cloud and everything in between, in which you included at a minimum authentication server, routers, switches, local users, remote users, workstations, file share, mail server, Web servers, firewalls, Internet cloud, Web proxy, email proxy, and FTP server. Partially created a diagram showing the overall network you’ve designed, from the user or endpoint device to the Internet cloud and everything in between, in which you included at a minimum authentication server, routers, switches, local users, remote users, workstations, file share, mail server, Web servers, firewalls, Internet cloud, Web proxy, email proxy, and FTP server. Satisfactorily created a diagram showing the overall network you’ve designed, from the user or endpoint device to the Internet cloud and everything in between, in which you included at a minimum authentication server, routers, switches, local users, remote users, workstations, file share, mail server, Web servers, firewalls, Internet cloud, Web proxy, email proxy, and FTP server. Thoroughly created a diagram showing the overall network you’ve designed, from the user or endpoint device to the Internet cloud and everything in between, in which you included at a minimum authentication server, routers, switches, local users, remote users, workstations, file share, mail server, Web servers, firewalls, Internet cloud, Web proxy, email proxy, and FTP server. 1b. Explain each network device’s function and your specific configuration of each networking device. Weight: 6% Did not submit or complete the assignment. Attempted to explain each network device’s function and your specific configuration of each networking device. Partially explained each network device’s function and your specific configuration of each networking device. Satisfactorily explained each network device’s function and your specific configuration of each networking device. Thoroughly explained each network device’s function and your specific configuration of each networking device. 1c. Design and label the bandwidth availability or capacity for each wired connection. Weight: 6% Did not submit or complete the assignment. Attempted to designed and label the bandwidth availability or capacity for each wired connection. Partially designed and labeled the bandwidth availability or capacity for each wired connection. Satisfactorily designed and labeled the bandwidth availability or capacity for each wired connection. Thoroughly designed and labeled the bandwidth availability or capacity for each wired connection. Part 2 2ai. Document and label the diagram showing protocols and path of the data flow as data traverses through your network from source to destination for the emailing scenario. Weight: 6% Did not submit or complete the assignment. Attempted to document and label the diagram showing protocols and path of the data flow as data traverses through your network from source to destination for the emailing scenario. Partially documented and labeled the diagram showing protocols and path of the data flow as data traverses through your network from source to destination for the emailing scenario. Satisfactorily documented and labeled the diagram showing protocols and path of the data flow as data traverses through your network from source to destination for the emailing scenario. Thoroughly documented and labeled the diagram showing protocols and path of the data flow as data traverses through your network from source to destination for the emailing scenario. 2aii. Include path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow for the emailing scenario. Weight: 6% Did not submit or complete the assignment. Attempted to include path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow for the emailing scenario. Partially included path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow for the emailing scenario. Satisfactorily included path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow for the emailing scenario. Thoroughly included path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow for the emailing scenario. 2aiii. Show user authentication when necessary for the emailing scenario. Weight: 5% Did not submit or complete the assignment. Attempted to show user authentication when necessary for the emailing scenario. Partially showed user authentication when necessary for the emailing scenario. Satisfactorily showed user authentication when necessary for the emailing scenario. Thoroughly showed user authentication when necessary for the emailing scenario. 2bi. Document and label the diagram showing protocols and path of the data flow as data traverses through your network from source to destination for the file transfer scenario. Weight: 5% Did not submit or complete the assignment. Attempted to document and label the diagram showing protocols and path of the data flow as data traverses through your network from source to destination for the file transfer scenario. Partially documented and labeled the diagram showing protocols and path of the data flow as data traverses through your network from source to destination for the file transfer scenario. Satisfactorily documented and labeled the diagram showing protocols and path of the data flow as data traverses through your network from source to destination for the file transfer scenario. Thoroughly documented and labeled the diagram showing protocols and path of the data flow as data traverses through your network from source to destination for the file transfer scenario. 2bii. Include path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow for the file transfer scenario. Weight: 5% Did not submit or complete the assignment. Attempted to include path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow for the file transfer scenario. Partially included path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow for the file transfer scenario. Satisfactorily included path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow for the file transfer scenario. Thoroughly included path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow for the file transfer scenario. 2biii. Show user authentication when necessary for the file transfer scenario. Weight: 5% Did not submit or complete the assignment. Attempted to show user authentication when necessary for the file transfer scenario. Partially showed user authentication when necessary for the file transfer scenario. Satisfactorily showed user authentication when necessary for the file transfer scenario. Thoroughly showed user authentication when necessary for the file transfer scenario. 2ci. Document and label the diagram showing protocols and path of the data flow as data traverses through your network from source to destination for the VPN connection scenario. Weight: 5% Did not submit or complete the assignment. Attempted to document and label the diagram showing protocols and path of the data flow as data traverses through your network from source to destination for the VPN connection scenario. Partially documented and labeled the diagram showing protocols and path of the data flow as data traverses through your network from source to destination for the VPN connection scenario. Satisfactorily documented and labeled the diagram showing protocols and path of the data flow as data traverses through your network from source to destination for the VPN connection scenario. Thoroughly documented and labeled the diagram showing protocols and path of the data flow as data traverses through your network from source to destination for the VPN connection scenario. 2cii. Include path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow for the VPN connection scenario. Weight: 5% Did not submit or complete the assignment. Attempted to include path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow for the VPN connection scenario. Partially included path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow for the VPN connection scenario. Satisfactorily included path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow for the VPN connection scenario. Thoroughly included path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow for the VPN connection scenario. 2ciii. Show user authentication when necessary for the VPN connection scenario. Weight: 5% Did not submit or complete the assignment. Attempted to show user authentication when necessary for the VPN connection scenario. Partially showed user authentication when necessary for the VPN connection scenario. Satisfactorily showed user authentication when necessary for the VPN connection scenario. Thoroughly showed user authentication when necessary for the VPN connection scenario. 2d. Explain how your overall design protects the organization from both inside and outside attacks. Give examples. Weight: 5% Did not submit or complete the assignment. Attempted to explain how your overall design protects the organization from both inside and outside attacks. Did not submit or incompletely gave examples. Partially how your overall design protects the organization from both inside and outside attacks. Partially gave examples. Satisfactorily how your overall design protects the organization from both inside and outside attacks. Satisfactorily gave examples. Thoroughly how your overall design protects the organization from both inside and outside attacks. Thoroughly gave examples. 2e. Explain how your layered design compensates for possible device failures or breaches in network security. Weight: 5% Did not submit or complete the assignment. Attempted to explain how your layered design compensates for possible device failures or breaches in network security. Partially explained how your layered design compensates for possible device failures or breaches in network security. Satisfactorily explained how your layered design compensates for possible device failures or breaches in network security. Thoroughly explained how your layered design compensates for possible device failures or breaches in network security. 2f. Determine whether any possible bottlenecks exist in your design. Weight: 5% Did not submit or complete the assignment. Attempted to determine whether any possible bottlenecks exist in your design. Partially determined whether any possible bottlenecks exist in your design. Satisfactorily determined whether any possible bottlenecks exist in your design. Thoroughly determined whether any possible bottlenecks exist in your design. 2g. Explain how to make the file transfer process more secure. Weight: 5% Did not submit or complete the assignment. Attempted to explain how to make the file transfer process more secure. Partially explained how to make the file transfer process more secure. Satisfactorily explained how to make the file transfer process more secure. Thoroughly explained how to make the file transfer process more secure. Part 3 3a. Cite 4 references. Weight: 5% Did not submit or complete the assignment. No references provided. Does not meet the required number of references; some or all references are poor-quality choices. Meets the number of required references; all references are high-quality choices. Exceeds the number of required references; all references are high-quality choices. 3b. Clarity, writing mechanics, and proper APA formatting requirements. Weight: 5% Did not submit or complete the assignment. More than 6 errors present. 5-6 errors present. 3-4 errors present. 0-2 errors present.