Security document: Session 8
Laura Abraham
Telecommunications Networks: CIS 313-DL
Security will be implemented throughout different areas of the network:
The main security will be the Cisco firewall:
The IOS firewall works at both the network and application layer. This means that not only are we protected against intrusion at the network layer, the firewall will also protect against any application resources that we implement. Different firewall policies can be configured for the WAN, LAN and VLANs that we may implement. This is important as different user groups will need different types of access to the WAN. For example: the public wireless hotspot will need much more protection than the operations side in respect to what they can and cannot access.
The Cisco IOS firewall also protects SIP which is the voice protocol. This is very important for our future voip needs.
Wireless LAN:
Lan will use WPA2 authentication for all wireless devices. WPA2 is important as it can be configured for any device including phones and wireless printers
VLAN:
Lan will be configured with VLans. This will depend on the amount of VLANS needed. For example, if a wireless hotspot is required in the conference room for visiting clients or suppliers, we will supply a wireless connection through a VLan that will enable them to access the internet without access to our operations network. This can also be implemented for scenarios like students vs operations. This will isolate traffic allowing for internal security.
Vlans are not inherently secure but the Cisco router and the intelligent switched enable for packet identification in order to secure the VLAN.
Mobile VPN:
All remote access clients will use L2TP Mobile VPN in order to access any resources at the company site. Any company owned laptops must access the internet through the VPN program in order to maintain integrity of data on external devices. This will allow any wireless device including smart
References: Why VPN can’t replace Wi-Fi security retrieved on 11.11.2011 from: http://www.zdnet.com/blog/ou/why-vpn-cant-replace-wi-fi-security/489?pg=2&tag=content;siu-container