Book All Semester Assignments at 50% OFF! ORDER NOW

Question Synopsis 

Students are required to produce a report on the future trends on computational analysis and engineering design. Any report should first of all contain a definition of the problem and the aim of the work, its relevance and place in the engineering process. After that, explain the approach adopted and enumerate the computational methods and tools employed, alongside their rationale.

Provide detailed working out and modeling to explain the outlay of your work and prospects for the outcome and advise on sound grounds that you derived from that. Make sure the solutions that are proposed are backed up with some calculations or simulations to show how the project will be achieved with the solutions.

  • Subject Code : MOD002703
  • Subject Name : Management

Synopsis

Answer Synopsis 

Network topology: Details of layout that include public nets, the DMZ and internal nets for Manchester HQ and Cambridge branch.

Network design process: Describes steps including requirement gathering, selection of hardware, how to create a topology.

Security measures: Describes how to use AAA for administrative access, zone-based firewall, intrusion prevention system, Layer 2 security, and VPN.

Network segmentation: Suggests that VLANs be adopted as a better approach of segmenting the networks into smaller and secure ones.

Access control: They propose the use of ACLs for controlling the traffic that transverses through the network and to limit the access of networks containing critical resources.

Endpoint security: Recommendations as to how individual devices can be protected against viruses, Firewall and regular updates to the systems.

Testing plan: Specifies the possibilities of administrative access checkings, network partitions, access control lists, and intrusion detection systems tests.

Introduction

Businesses count to a greater extent on powerful and secure network infrastructures to maintain smooth communication and safeguard delicate dossier in contemporary's connected planet. The actions of Callister Inc., a developing trade accompanying allure allied commission in Manchester and an arm in Cambridge, have recently been situated the exercise of a network foundation. This network is containing any of parts, containing a area of separation (DMZ), a public network, and internal networks for the Manchester nerve center and Cambridge arm.

Callister Inc., a new contestant marketing, aims to build a dependable network institution that can support it happening two together immediately and, from now on, while confirming defeater in competition standard of security. However, skilled are any of protection imperfections in the association's current network design that must be situated. To address these issues, Callister Inc. has wanted a consulting contract from Anglia Ruskin University. Through this contract, MSc in Cyber Security pupils will have the chance to cultivate, implement, and document a complete protection resolution that answer the needs of the institution. To protect the precious news property of Callister Inc., it will evaluate the network the earth's features, define security questions, and specify a custom-made freedom answer. The submitted solution will go all out to safeguard implausible story's dossier, foundation, and ideas by complying to manufacturing best practices in network security, permissive Callister Inc. to function positively in uniformly changeful mathematical surroundings. Businesses have the critical issue of developing and claiming secure, reliable, and effective network infrastructures in contemporary's fast changeful mathematical world. These networks, that are the heart of existing trades, supply logical ideas, cooperation, and dossier protection, permissive ruling class to succeed in a people that is flattering more connected. A powerful network base is owned by support Callister Inc.'s extending movements and protect allure precious news property, a young firm accompanying allure main office in Manchester and a branch commission in Cambridge.

Callister Inc. and Anglia Ruskin University have entered into a consulting agreement to assure the highest level of security and act by employing the skills of MSc in Computerized Safety graduates. By working together, the undergraduates will able to have or do judge the network architecture, spot some defect, and cultivate a thorough protection resolution namely specifically made-to-order to the needs of the firm.It will painstakingly resolve the current arrangement to identify freedom for bettering as it delves into the elaborate details of Callister Hamper.'s network form. The submitted solution would restore Callister Hamper.'s mathematical defenses, safeguard their data and ideas channels, and supply a strong foundation that can adapt to the uniformly fluctuating high-tech landscape by utilizing manufacturing best practices and contemporary network security strategies.

How is a network designed?

Understanding the needs, selecting acceptable network fittings, and bearing a diagram of the network the earth's features are all processes in the design of a network. The following processes endure be trailed to build the network for the synopsis:

  • List the network requirements: - Manchester Headquarters and Cambridge Branch are the two key sites.
  • A DMZ including the company's web server, email server, and internal DNS server; - A public network with a teleworker PC, an outside PC, a DNS server, a DHCP server, and an HTTPS server;
  • The Cambridge Branch and Manchester Headquarters both have their own internal networks.

Pick network hardware:

ISP router, Manchester_NAT, Cambridge_NAT, and DMZ_NAT are examples of routers.

Switches: M-S1, M-S2, C-S1, and C-S2; DMZ-Switch;

  • Servers: internal DNS server, HTTPS server, DNS server, DHCP server, email server, and Callister.com web server
  • Personal Computers PC1, PC2, PC3, PC4, Teleworker, and

Construct a diagram that shows the network topology:

  • Use an application for network diagramming, such as Microsoft Visio, Lucidchart, or draw.io
  • Include room for gadgets and connections on the canvas and mark the two primary sites (Manchester and Cambridge).
  • Position the servers, PCs, routers, and switches in accordance with their connections and locations.
  • Make connections between the gadgets by drawing lines between
  • To distinguish between routers, switches, servers, and PCs, use distinct designs or icons.
  • Indicate the IP address, default gateway, public IP address (if applicable), and subnet mask of each device or interface.

To assist you in creating the visual representation, the network topology is briefly summarized as follows:

Manchester_NAT and Cambridge_NAT should be connected to their respective switches (M-S1, M-S2, C-S1, C-S2) in the Manchester and Cambridge networks. PCs should be connected to the relevant switches inside the Manchester and Cambridge networks.

  • Set up and link the DMZ-Switch to the DMZ_NAT
  • Attach the internal DNS server, email server, and web server to the -Switch
  • Represent the Public Network by connecting the teleworker PC, outside PC, DNS server, and DHCP server to the ISP router.

Do not forget to assign the proper IP addresses, subnet masks, and default gateways to each device or interface using the knowledge you have given.

Network Topology

The network study of land for Callister Hamper. can be detached into various fault-finding areas: Public Network, DMZ, Manchester HQ, and Cambridge Arm. Present's an clarification of each area and their connections:

  • Public Network: This network is outside Callister Hamper.'s administration and should not be altered. It includes tools to a degree an HTTPS server, a teleworker PC, an extrinsic PC, a DNS attendant, and a DHCP attendant. The ISP router still belongs to all Network and concede possibility not be modified. This network shows the extrinsic atmosphere, where designs outside the party communicate with Callister Hamper.'s money, to a degree accessing the guest's netting attendant.
  • DMZ (Demilitarized Zone): The DMZ is a network division under Callister Hamper.'s presidency, encompassing servers accessible to two together within and extrinsic users. It constitutes the association's netting server (Callister.com), an electronic mail attendant, and an within DNS server. DMZ_NAT router kills changeless NAT to promote communication betwixt extrinsic instruments and DMZ servers using their public IP addresses.
  • Manchester HQ: This is the within network of Manchester command post, executed by Callister Inc. The Manchester_NAT router implements NAT interpretation, permissive designs affiliated to it to communicate accompanying different ploys using private IP addresses inside and public IP addresses outwardly. It holds switches M-S1 and M- S2, connecting tools to a degree PC1 and PC2.
  • Cambridge Arm: Similar to the Manchester HQ, the Cambridge Arm network is still under the presidency of Callister Inc. The Cambridge_NAT router kills NAT rewording for designs connected to it. This network holds switches C-S1 and C-S2, joining maneuvers to a degree PC3 and PC4.

How we build this network study of land:Conceiving this network topology includes various stages, containing planning, design, exercise, and experiment. Present's a high-level reason of by what method to build this network topology:

  • Preparation: Start by understanding Callister Hamper.'s requirements, in the way that the number of consumers, maneuvers, services, and the asked safety levels. Label the miscellaneous networks required, to a degree all Network, DMZ, Manchester HQ, and Cambridge Arm. Consider the essential freedom facial characteristics, like NAT, firewalls, and access control tactics.

  • Design: Design the network study of land established the planning step.

Outline the IP sending blueprint, subnet masks, and default gateways each network. Determine the installation of routers, switches, and additional socializing for professional or personal gain schemes. Select the NAT exercise for the routers in the DMZ, Manchester HQ, and Cambridge Branch. Plan the configurations for motionless clobbering and guarantee appropriate relatedness betwixt various networks.

  • Implementation: Start the exercise process by starting the material foundation, containing routers, switches, servers, and other schemes. Construct the routers for NAT and changeless expelling in accordance with the design. Start the DNS and DHCP servers in the Public Network. Establish and construct the inevitable servers in the DMZ, in the way that computer network attendant, email attendant, and within DNS attendant.

In the Manchester HQ and Cambridge Arm networks, construct the switches, combine devices in the way that Desktop computer, and start their IP configurations. Guarantee that the designs inside each network can communicate utilizing private IP addresses and accompanying instruments in added networks utilizing public IP addresses.

  • Protection Configuration: Implement protection measures to secure the network foundation. Construct firewalls and approach control tactics to confine undesired traffic between networks. Ask safety best practices to servers, in the way that patch presidency, secure configurations, and consumer approach control. Consider executing VPNs for secure detached approach by teleworkers.

  • Experiment and Confirmation: Test the network to guarantee correct connectivity middle from two points schemes and networks, two together inside and outwardly. Ratify that the NAT configurations are functioning correctly what the protection measures are working. Check that the servers in the DMZ are approachable from all Network utilizing their public IP addresses and from the internal networks utilizing their private IP addresses. Create some inevitable adaptations to resolve issues found during experiment.

  • Proof and Perpetuation: Document the network study of land, configurations, and safety measures for future remark and troubleshooting. Commonly monitor, uphold, and restore the network foundation to guarantee allure performance, safety, and dependability.

By following these steps, you can build the network study of land for Callister Hamper., guaranteeing it meets their requirements while providing a secure and effective socializing for professional or personal gain surroundings

Outline the IP trying blueprint, subnet masks, and default gateways each network. Determine the installation of routers, switches, and additional socializing for professional or personal gain tools. Select the NAT exercise for the routers in the DMZ, Manchester HQ, and Cambridge Branch. Plan the configurations for motionless conquering and guarantee appropriate connectedness betwixt various networks.

  • Implementation: Start the exercise process by starting the tangible foundation, containing routers, switches, servers, and other tools. Construct the routers for NAT and motionless expelling in accordance with the design. Start the DNS and DHCP servers in the Public Network. Establish and construct the essential servers in the DMZ, in the way that computer network attendant, email attendant, and within DNS attendant.

In the Manchester HQ and Cambridge Arm networks, construct the switches, link devices to a degree Desktop computer, and start their IP configurations. Guarantee that the tools inside each network can communicate utilizing private IP addresses and accompanying maneuvers in additional networks utilizing public IP addresses.

  • Experiment and Confirmation: Test the network to guarantee correct connectivity betwixt tools and networks, two together inside and outwardly. Legitimize that the NAT configurations are functioning correctly what the protection measures are working. Check that the servers in the DMZ are approachable from all Network utilizing their public IP addresses and from the internal networks utilizing their private IP addresses. Form some essential adaptations to resolve issues found during experiment.
  • Freedom Configuration: Implement protection measures to secure the network foundation. Construct firewalls and approach control tactics to confine undesirable traffic between networks. Request safety best practices to servers, in the way that patch presidency, secure configurations, and consumer approach control. Consider executing VPNs for secure detached approach by teleworkers.
  • Proof and Perpetuation: Document the network study of land, configurations, and safety measures for future remark and troubleshooting. Continually monitor, claim, and renew the network foundation to guarantee allure performance, protection, and dependability. By following these steps, you can build the network the earth's features for Callister Hamper., guaranteeing it meets their requirements while providing a secure and adept socializing for professional or personal gain atmosphere.

diagram

Public Network (not directly connected in the diagram)

  • Teleworker PC Outsider PC
  • Public DNS server DHCP server
  • This topology represents the connectivity among various devices in the network:
  • The ISP router is at the center, connecting Manchester_NAT, Cambridge_NAT, and DMZ_NAT routers.
  • Manchester_NAT and Cambridge_NAT routers are connected to their respective switches (M-S1, M-S2 for Manchester, and C-S1, C-S2 for Cambridge).
  • PCs (PC1, PC2, PC3, and PC4) are connected to the appropriate relays within the Manchester and Cambridge networks.
  • DMZ_NAT router is connected to the DMZ-Switch.

Netting attendant, email attendant, and within DNS server are related to the DMZ-Switch. Public Network instruments (Teleworker PC, Outsider PC, DNS attendant, and DHCP attendant) are connected to the Internet access provider router. This network the earth's features provides different break-up of trustworthiness among miscellaneous elements, ensuring a secure and adept network atmosphere for Callister Inc. Before beginning safety measures, it's essential to decide that devices can do business each one and reason some relations ability not function. This understanding helps in diagnosing issues after achieving safety, as you can then change 'tween connectivity questions on account of security limits or pre-existent ideas issues.

To commence, fill out Table 2 (or a similar table) with the device connections you anticipate to be active in the network:

Source Device

Destination Device

Expected Connectivity

Explanation

PC1

PC2

Yes

Both PCs are in the same Manchester network, connected through M-S1 and M-S2 switches

PC1

PC3

No

PC1 is in the Manchester network, and PC3 is in the Cambridge network; no direct connectivity is established

PC1

Web Server

Yes

PC1 should be able to access the web server in the DMZ through the Manchester_NAT and DMZ_NAT routers

Complete the table accompanying all the wonted links middle from two points instruments. The explanation line endures depict the reason for the anticipated relatedness or lack thereof. Afterwards executing the table, test the networks to ensure that the tools can ideas as wonted. This will help you label some issues before executing freedom measures. Already you have implemented protection, you can use this table as a citation to validate if the traffic middle from two points designs is obstructed on account of safety configurations or if there were pre-existent relatedness issues.

I will complete the table assuming basic connectivity and no security measures implemented yet. Keep in mind that this table may not accurately reflect your specific network configuration and it could change after implementing security mechanisms.

From

To

Is communication successful?

Comments

PC1

Callister.com

Yes

PC1

google.com

Yes

PC1

PC3

Yes and no

Yes, to the public IP address; No, to the private IP address

PC1

PC4

No

Private IP addresses are unreachable

Callister.com

PC1

Yes

Callister.com

google.com

Yes

Callister.com

PC3

Yes

Callister.com

PC4

Yes

PC3

Callister.com

Yes

PC3

google.com

Yes

PC3

PC1

Yes and no

Yes, to the public IP address; No, to the private IP address

PC3

PC2

Yes

Teleworker

Callister.com

Yes

Teleworker

PC1

No

Private IP addresses are unreachable

Teleworker

PC2

No

Private IP addresses are

unreachable

Teleworker

PC3

No

Private IP addresses are unreachable

Teleworker

PC4

No

Private IP addresses are unreachable

This table shows the anticipated ideas success betwixt instruments in the link elementary connectivity and no freedom measures executed. Use this table as a remark to confirm communication betwixt maneuvers afterwards executing security measures.Beneath is a safety reasoning of Callister Hamper.'s current network along with pieces of advice for freedom systems to achieve fundamental network security. The focus act protection and not the design of the network.

Securing the network devices for administrative access (including AAA)

To secure departmental approach to network instruments, the following systems should be executed:

  • Use powerful, singular passwords for all tools and change ruling class routinely.
  • Enable AAA (Authentication, Authorization, and Accounting) duties to concentrate and quicken the confirmation process, guaranteeing only approved personnel have approach to the instruments.
  • Implement secure administration agreements in the way that SSH a suggestion of correction Telnet for detached access.
  • Configure approach control lists (ACLs) to confine approach to the tools to particular IP addresses or subnets.
  • Enable listening and auditing to monitor departmental approach and discover potential safety breaches

Zone-located tactics firewalls (only necessary in Manchester)

Zone-based tactics firewalls maybe used to portion the network into differing freedom zones, each accompanying its own set of freedom tactics. This can assist to:

  • Control traffic 'tween zones established safety tactics.
  • Protect sensitive dossier and within money from unlawful approach.
  • Detect and hinder protection hazards.

In Manchester, a zone-located tactics firewall bear be executed to control traffic between the within network, DMZ, and the public network.

Intrusion Prevention Systems (IPS):

An IPS concede possibility be redistributed to monitor and resolve network traffic for potential hazards, containing:

  • Malware contaminations.
  • Unauthorized approach attempts.
  • Distributed dismissal-of-service (DDoS) attacks.

The IPS concedes possibility be configured to discover and avoid these dangers in absolute-period and alert network administrators of any potential freedom occurrence.

Layer 2 safety:

Layer 2 safety methods concede the possibility be implemented to protect the network from low Layer 2 attacks, in the way that MAC address hijacking, ARP pollute, and VLAN jumping on one leg. Some pieces of advice include:

  • Implement port protection to limit the number of MAC addresses granted on a switch traffic.
  • Use active ARP examination (DAI) for fear that ARP poisoning attacks.
  • Implement VLAN approach control lists (VACLs) to penetrate traffic 'tween VLANs

Virtual Private Networks (VPNs):

VPNs bear be used to fixedly combine the Manchester and Cambridge networks, guaranteeing data secrecy, uprightness, and confirmation. This maybe gifted utilizing:

  • IPsec VPNs to encrypt and attest traffic 'tween two together rules.
  • SSL VPNs for detached approach, allowing staff members to solidly link to the association's network when occupied by chance. By executing these security systems, Callister Inc. can extensively enhance the safety posture of their network, keeping delicate data and guaranteeing the network's chance and uprightness.

For the purpose of simplifying the freedom reasoning, we will not apply oneself acquiring the DMZ_NAT, Cambridge_NAT, nor Manchester_NAT routers. Instead, the focus will act the within networks and maneuvers that concern the guest. The following is an restored protection study taking everything in mind these restraints:

 Securing the network ploys for governmental approach (including AAA):

The alike approvals as the endure be used to the internal schemes, to a degree switches and routers inside the guest's networks. Implementing strong passwords, AAA aids, secure presidency obligations, approach control lists, and record/auditing will help safeguard the association's within ploys from unwarranted approach.

Implementing Network Segmentation:

Network segmentation concede the possibility be used to separate the network into smaller, private portions, each with allure freedom procedures. This maybe done utilizing VLANs, that can aid to:

  • Limit the outlook of broadcast rules and potential attack surfaces.
  • Group designs with corresponding freedom necessities together.
  • Restrict approach to delicate areas of the network.

Implementing Access Control Lists (ACLs):

ACLs bear be used to control traffic flow inside the within network, confining approach to sensitive possessions and countering wrongful approach. This can be approved by:

  • Defining agreements for ingoing and leaving traffic established beginning and goal IP addresses or ports.
  • Applying ACLs to specific interfaces or VLANs.
  • Regularly judging and refurbishing ACLs to guarantee they join accompanying the party's freedom tactics.

Deploying Intrusion Detection Systems (IDS):

An IDS endure be redistributed inside the within network to monitor and analyze network traffic for potential attacks. The IDS endure be configured to discover and alert network administrators of some potential protection occurrence. This can help to label issues early and diminish potential damage.

Implementing Endpoint Security:Endpoint freedom concede possibility be sanctioned on all ploys inside the company's networks, containing PCs, servers, and different network- affiliated tools. This maybe accomplished by:

  • Installing and usually improving antivirus and antagonistic-malware operating system.
  • Configuring firewalls and interruption stop systems (IPS) on individual tools.
  • Ensuring designs are patched and current accompanying new freedom refurbished.

Implementing Secure Remote Access:

For crew the one demand detached access to the party's network, a secure detached approach answer concede possibility be achieved.

This maybe finished utilizing SSL VPNs, that supply secure, encrypted approach to the company's network possessions. By emphasising on these safety systems, Callister Inc. can embellish the protection of their within networks and designs, guaranteeing the care of impressionable dossier and underrating the risk of unauthorized approach. Testing of the network: Testing the freedom of the network is an essential state to guarantee the executed protection devices are functioning right. The following test plan outlines differing tests that endure be transported to confirm the use of the freedom measures.

  • Test: Administrative Access SecurityWhere: All within tools (switches, routers)Command/Test: Attempt to cooperate utilizing SSH accompanying an unofficial consumer.Result: Access disagreed.Comments: Confirm that unapproved consumers cannot acquire approach to network tools.
  • Test: Network SegmentationWhere: Internal networks (Manchester and Cambridge)Command/Test: Attempt to approach a limited VLAN from a design not filling a place that VLAN.Result: Access renounced.Comments: Ensure that VLAN separation is functioning right and schemes can only approach their appointed VLANs.
  • Test: Access Control Lists (ACLs)Where: Internal network maneuvers (switches, routers)Command/Test: Attempt to approach a limited property from a tool not within the allowed limits for one ACL.Result: Access declined.Comments: Verify that ACLs are correctly draining traffic and confining approach to delicate possessions.
  • Test: Intrusion Detection Systems (IDS)Where: Internal networks (Manchester and Cambridge)Command/Test: Simulate an attack or interruption attempt (for instance, traffic leafing through, famous hateful traffic patterns).Result: IDS alerts and documents the fake attack.Comments: Ensure that the IDS is efficiently detecting potential attacks and alerting network administrators.

Conclusion

In conclusion, the network the earth's features and freedom mechanisms bestowed in this place conference aim to provide a secure and effective foundation for Callister Inc. By achieving a well-designed network the earth's features and engaging differing safety measures such as organizational approach safety, zone-located tactics firewalls, interruption prevention wholes, coating 2 protection, and virtual private networks, Callister Inc. can safeguard allure network from potential warnings and exposures.The implementation of these freedom means not only embellishes the company's overall network safety posture but likewise guarantees the confidentiality, honor, and chance of fault-finding trade data. It is important for the party to steadily monitor, test, and update these freedom measures to stay in front of arising threats and acclimate to developing trade requirements. By achievement so, Callister Inc. can claim a healthy and secure network environment, admitting bureaucracy to devote effort to something their core trade movements and solve their aims.

References

  • Schwartz, M. (2016). Internet of Things with ESP8266 : build amazing Internet of Things projects using the ESP8266 Wi-Fi chip.Birmingham, Uk: Packt
  • Acred, (2016). The Internet of things. Cambridge: Independence Educational Publishers.
  • Rajkumar Buyya and Amir Vahid Dastjerdi (2016). Internet of Things : principles and paradigms. Amsterdam ; Boston ; Heidelberg: Morgan
  • Boecking, S. (2000). Object-oriented network protocols. Harlow, England ; New York: Addison-

You Might Also Like:-

Management Assignment Sample

5 Unmatchable Tips For Dissertation Time Management!

MAF203 Financial Management Assignment Sample

Hey MAS, I need Assignment Sample of

Get It Done! Today

Country
Applicable Time Zone is AEST [Sydney, NSW] (GMT+11)
+
  • 1,212,718Orders

  • 4.9/5Rating

  • 5,063Experts

Highlights

  • 21 Step Quality Check
  • 2000+ Ph.D Experts
  • Live Expert Sessions
  • Dedicated App
  • Earn while you Learn with us
  • Confidentiality Agreement
  • Money Back Guarantee
  • Customer Feedback

Just Pay for your Assignment

  • Turnitin Report

    $10.00
  • Proofreading and Editing

    $9.00Per Page
  • Consultation with Expert

    $35.00Per Hour
  • Live Session 1-on-1

    $40.00Per 30 min.
  • Quality Check

    $25.00
  • Total

    Free
  • Let's Start

Get
500 Words Free
on your assignment today

Browse across 1 Million Assignment Samples for Free

Explore All Assignment Samples

Request Callback

My Assignment Services- Whatsapp Get 50% + 20% EXTRAAADiscount on WhatsApp

Get 500 Words FREE