Using the network diagram below, your task is to incorporate the devices on the lower right into the diagram to create a secure corporate network. The devices you need to incorporate into the network diagram include: Web server, ftp server, vulnerability scanner, anti-virus server (client-based / server-based), Web proxy, intrusion detection system (IDS), and authentication server.
Note: All client-based / server-based devices work where a client is installed on a workstation, which has bidirectional communication with a corresponding server.
Write a four to five (4-5) page paper in which you:
- Determine which devices you will use for both the current network diagram infrastructure consisting of firewalls, routers, and workstations as well as the device you need to incorporate. Include the following for each:
- Make or vendor’s name (e.g., Microsoft, Redhat, Cisco, Juniper, Netgear, 3Com, etc.)
- Model (e.g., Windows 7, ASA 5500, Cisco 3500, Squid, etc.)
- IP address assigned to all devices
- Establish the configuration for each device in which you:
- Research each of the devices you chose and provide a basic configuration you would use in your network.
- Use IP addresses to describe your configuration.
- Explain the impact that each of your configurations has on the security of the entire network.
- Highlight at least five (5) security features for each device, including devices in network diagram.
- Using Microsoft Visio or its open source alternative to create a final network diagram that incorporates all devices into the existing network and ensures the following:
- VPN sessions (from laptop) are only allowed to access the desktops in the IT department by IT department employees.
- All VPN connections from the Internet cloud into the corporate network terminate at the VPN server.
- Users from Engineering and Finance and Accounting CANNOT communicate.
- Vulnerability scans occur daily in which all desktops are scanned at least once per day.
- Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
- Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
- Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
- Include charts or diagrams created in Visio or an equivalent such as Dia. The completed diagrams / charts must be imported into the Word document before the paper is submitted.
The specific course learning outcomes associated with this assignment are:
- Design a secure network to address a business problem.
- Use technology and information resources to research issues in network security design.
- Write clearly and concisely about Advanced Network Security Design topics using proper writing mechanics and technical style conventions.
Points: 70 |
Assignment 2: Mister Network Engineer |
|||
Criteria |
Unacceptable Below 70% F |
Fair 70-79% C |
Proficient 80-89% B |
Exemplary 90-100% A |
1a. Determine which devices you will use for both the current network diagram infrastructure consisting of firewalls, routers, and workstations as well as the device you need to incorporate, including make or vendor’s name.
Weight: 10% |
Did not submit or incompletely determined which devices you will use for both the current network diagram infrastructure consisting of firewalls, routers, and workstations as well as the device you need to incorporate, including make or vendor’s name. | Partially determined which devices you will use for both the current network diagram infrastructure consisting of firewalls, routers, and workstations as well as the device you need to incorporate, including make or vendor’s name. | Satisfactorily determined which devices you will use for both the current network diagram infrastructure consisting of firewalls, routers, and workstations as well as the device you need to incorporate, including make or vendor’s name. | Thoroughly determined which devices you will use for both the current network diagram infrastructure consisting of firewalls, routers, and workstations as well as the device you need to incorporate, including make or vendor’s name. |
1b. Determine which devices you will use for both the current network diagram infrastructure consisting of firewalls, routers, and workstations as well as the device you need to incorporate, including model.
Weight: 10% |
Did not submit or incompletely determined which devices you will use for both the current network diagram infrastructure consisting of firewalls, routers, and workstations as well as the device you need to incorporate, including model. | Partially determined which devices you will use for both the current network diagram infrastructure consisting of firewalls, routers, and workstations as well as the device you need to incorporate, including model. | Satisfactorily determined which devices you will use for both the current network diagram infrastructure consisting of firewalls, routers, and workstations as well as the device you need to incorporate, including model. | Thoroughly determined which devices you will use for both the current network diagram infrastructure consisting of firewalls, routers, and workstations as well as the device you need to incorporate, including model. |
1c. Determine which devices you will use for both the current network diagram infrastructure consisting of firewalls, routers, and workstations as well as the device you need to incorporate, including IP address assigned to all devices.
Weight: 5% |
Did not submit or incompletely determined which devices you will use for both the current network diagram infrastructure consisting of firewalls, routers, and workstations as well as the device you need to incorporate, including IP address assigned to all devices. | Partially determined which devices you will use for both the current network diagram infrastructure consisting of firewalls, routers, and workstations as well as the device you need to incorporate, including IP address assigned to all devices. | Satisfactorily determined which devices you will use for both the current network diagram infrastructure consisting of firewalls, routers, and workstations as well as the device you need to incorporate, including IP address assigned to all devices. | Thoroughly determined which devices you will use for both the current network diagram infrastructure consisting of firewalls, routers, and workstations as well as the device you need to incorporate, including IP address assigned to all devices. |
2a. Establish the configuration for each device in which you research each of the devices you chose and provide a basic configuration you would use in your network.
Weight: 10% |
Did not submit or incompletely established the configuration for each device in which you researched each of the devices you chose and did not submit or incompletely provided a basic configuration you would use in your network. | Partially established the configuration for each device in which you researched each of the devices you chose and partially provided a basic configuration you would use in your network. | Satisfactorily established the configuration for each device in which you researched each of the devices you chose and satisfactorily provided a basic configuration you would use in your network. | Thoroughly established the configuration for each device in which you researched each of the devices you chose and thoroughly provided a basic configuration you would use in your network. |
2b. Establish the configuration for each device in which you use IP addresses to describe your configuration.
Weight: 10% |
Did not submit or incompletely established the configuration for each device in which you used IP addresses to describe your configuration. | Partially established the configuration for each device in which you used IP addresses to describe your configuration. | Satisfactorily established the configuration for each device in which you used IP addresses to describe your configuration. | Thoroughly established the configuration for each device in which you used IP addresses to describe your configuration. |
2c. Establish the configuration for each device in which you explain the impact that each of your configurations has on the security of the entire network.
Weight: 5% |
Did not submit or incompletely established the configuration for each device in which you explained the impact that each of your configurations has on the security of the entire network. | Partially established the configuration for each device in which you explained the impact that each of your configurations has on the security of the entire network. | Satisfactorily established the configuration for each device in which you explained the impact that each of your configurations has on the security of the entire network. | Thoroughly established the configuration for each device in which you explained the impact that each of your configurations has on the security of the entire network. |
2d. Establish the configuration for each device in which you highlight at least five (5) security features for each device, including devices in network diagram.
Weight: 5% |
Did not submit or incompletely established the configuration for each device in which you highlighted at least five (5) security features for each device, including devices in network diagram. | Partially established the configuration for each device in which you highlighted at least five (5) security features for each device, including devices in network diagram. | Satisfactorily established the configuration for each device in which you highlighted at least five (5) security features for each device, including devices in network diagram. | Thoroughly established the configuration for each device in which you highlighted at least five (5) security features for each device, including devices in network diagram. |
3a. Create a final network diagram that incorporates all devices into the existing network and ensures VPN sessions (from laptop) are only allowed to access the desktops in the IT department by IT department employees using Microsoft Visio or its open source alternative.
Weight: 10% |
Did not submit or incompletely created a final network diagram that incorporates all devices into the existing network and ensures VPN sessions (from laptop) are only allowed to access the desktops in the IT department by IT department employees using Microsoft Visio or its open source alternative. | Partially created a final network diagram that incorporates all devices into the existing network and ensures VPN sessions (from laptop) are only allowed to access the desktops in the IT department by IT department employees using Microsoft Visio or its open source alternative. | Satisfactorily created a final network diagram that incorporates all devices into the existing network and ensures VPN sessions (from laptop) are only allowed to access the desktops in the IT department by IT department employees using Microsoft Visio or its open source alternative. | Thoroughly created a final network diagram that incorporates all devices into the existing network and ensures VPN sessions (from laptop) are only allowed to access the desktops in the IT department by IT department employees using Microsoft Visio or its open source alternative. |
3b. Create a final network diagram that incorporates all devices into the existing network and ensures all VPN connections from the Internet cloud into the corporate network terminate at the VPN server using Microsoft Visio or its open source alternative.
Weight: 10% |
Did not submit or incompletely created a final network diagram that incorporates all devices into the existing network and ensures all VPN connections from the Internet cloud into the corporate network terminate at the VPN server using Microsoft Visio or its open source alternative. | Partially created a final network diagram that incorporates all devices into the existing network and ensures all VPN connections from the Internet cloud into the corporate network terminate at the VPN server using Microsoft Visio or its open source alternative. | Satisfactorily created a final network diagram that incorporates all devices into the existing network and ensures all VPN connections from the Internet cloud into the corporate network terminate at the VPN server using Microsoft Visio or its open source alternative. | Thoroughly created a final network diagram that incorporates all devices into the existing network and ensures all VPN connections from the Internet cloud into the corporate network terminate at the VPN server using Microsoft Visio or its open source alternative. |
3c. Create a final network diagram that incorporates all devices into the existing network and ensures users from Engineering and Finance and Accounting CANNOT communicate using Microsoft Visio or its open source alternative.
Weight: 5% |
Did not submit or incompletely created a final network diagram that incorporates all devices into the existing network and ensures users from Engineering and Finance and Accounting CANNOT communicate using Microsoft Visio or its open source alternative. | Partially created a final network diagram that incorporates all devices into the existing network and ensures users from Engineering and Finance and Accounting CANNOT communicate using Microsoft Visio or its open source alternative. | Satisfactorily created a final network diagram that incorporates all devices into the existing network and ensures users from Engineering and Finance and Accounting CANNOT communicate using Microsoft Visio or its open source alternative. | Thoroughly created a final network diagram that incorporates all devices into the existing network and ensures users from Engineering and Finance and Accounting CANNOT communicate using Microsoft Visio or its open source alternative. |
3d. Create a final network diagram that incorporates all devices into the existing network and ensures vulnerability scans occur daily in which all desktops are scanned at least once per day using Microsoft Visio or its open source alternative.
Weight: 5% |
Did not submit or incompletely created a final network diagram that incorporates all devices into the existing network and ensures vulnerability scans occur daily in which all desktops are scanned at least once per day using Microsoft Visio or its open source alternative. | Partially created a final network diagram that incorporates all devices into the existing network and ensures vulnerability scans occur daily in which all desktops are scanned at least once per day using Microsoft Visio or its open source alternative. | Satisfactorily created a final network diagram that incorporates all devices into the existing network and ensures vulnerability scans occur daily in which all desktops are scanned at least once per day using Microsoft Visio or its open source alternative. | Thoroughly created a final network diagram that incorporates all devices into the existing network and ensures vulnerability scans occur daily in which all desktops are scanned at least once per day using Microsoft Visio or its open source alternative. |
4. 3 references
Weight: 5% |
No references provided | Does not meet the required number of references; some or all references poor quality choices. | Meets number of required references; all references high quality choices. | Exceeds number of required references; all references high quality choices. |
5. Clarity, writing mechanics, and formatting requirements
Weight: 10% |
More than 6 errors present | 5-6 errors present | 3-4 errors present | 0-2 errors present |