Preview

Network Hardening

Good Essays
Open Document
Open Document
287 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Network Hardening
Network Hardening Unit 8 Assignment 1

It is very important to go through the process of hardening. Hardening is where you change the hardware and software configurations to make computers and devices as secure as possible. I picked the network layout 1-the workgroup . First with the workstations and laptops you need to shut down the unneeded services or programs or even uninstall them. I would also have some good anti-virus software on the workstations. You also need a hardened image for all of your workstations. To do this you need to install a new copy of the operating system and then harden it. After you have one good hardened workstation you can use it as a model for all other workstations and also laptops. For the router you definitely need to protect it from unauthorized access. The router needs to be password protected and you should periodically change that password. For the cable modem you should keep all unwanted ports closed. I would also schedule a regular scan of all the systems. Now for some of these next things I am talking about they will apply to all devices . Disable remote administration. Administration of your router / access point should be "local only", namely, there is no reason to let people from another country access to your network hardware. If you need to make changes, you should be local to the device. Update the firmware. Believe it or not, consumer network hardware needs to be patched also. Check the support site of the vendor of the device when you get it and check for an update. Sign up for e-mail alerts for updates, if available, or check back on a regular basis for

You May Also Find These Documents Helpful

  • Satisfactory Essays

    NT2580 Project Part 1

    • 348 Words
    • 1 Page

    Access to the company network will be secured by multiple firewalls set up with our routers. Firewall filters will be set up with a specific list of allowed users and programs. All other traffic will be blocked by default until it has been approved by IT. There will be a limited number of wireless access points around the building, with password access. These passwords will be changed on a regular basis. Access to the local network will be secured by user authentication passwords. Users will be limited to only the system resources that they absolutely need to complete their work. Users’ passwords must be changed every 90 days.…

    • 348 Words
    • 1 Page
    Satisfactory Essays
  • Good Essays

    However, the insecurity can be solved by using the RIP protocol for information that is less sensitive to the network design (Lathem et el, 2006). Similarly, when the information is redistributed, the traffic may be overwhelming. But the network administrators will have to divide the traffic so that all the routers can each carry their weight of the information. The problems with the flow of traffic will be fixed and distributed through the routers. Each router will be used for certain information and that way the routers will not be overworked. Also the security will be set up so that all confidential information goes through those securities enabled routing protocol. Internet will be purchased internet from the best vendor nearby like Verizon. In the design a router will be installed in each office and lab, then configure them to operate on the network with appropriate security configuration. Finally, the internet connection would come from those routers and all the labs and offices would run on that…

    • 674 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    When creating a multi-layered security plan, I would look at all seven domains of the IT infrastructure and then increase the security on each of those domains because that will increase the security for the whole plan. In the user domain, this is the quickest way for the system to be compromised the users. So I would implement complex passwords including eight or more characters, both upper and lower case, and use of at least one special character. Passwords will also need to be changed every 90 days and the same password cannot be used again for three calendar years. In the workstation domain, I would make sure that each workstations, whether desktop or laptop has some security on it like antivirus and malware protection installed. Laptops can be very vulnerable for loss or theft, which would make me install an encrypted hard drive so if it is stolen the data can only be retrieved by the owner. For the LAN domain, just train all users about email scams. I would guess that most users know not to access suspicious emails when on our system but I would still implement to the users a quick training course. Then I we should add spam filters this will help get rid of most of the junk email. In the LAN-to-WAN domain, we need to shut down the File Transfer Protocol (FTP) server we have running and switch it over to use secure FTP so that only users allowed on our system can access our FTP server. In the WAN domain, we need to make sure that we have firewalls set up on our network that will filter all incoming traffic. This firewall will stop all traffic coming on to our system that is not meant or not wanted our network. In the Remote Access Domain, we need to establish strict user password policies, as well as lockout policies to defend against brute force attacks, require the use of authorization tokens have a real-time lockout procedure if token is lost, or stolen. The last domain is System/Application domain we need to…

    • 449 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Looking at the network diagram provided I determined that the user, workstation, LAN, LAN-to-WAN, and system/application domains involved in the company should be redesigned to implement better access controls to provide multi-layered security. The most important access control implementation would be the user domain where the company should put emphasis on training; how to recognize social engineering attacks, how to create strong passwords, and how often they should be changed. The workstation domain should focus security via virus and malware scanning, operating system patching, and other types of application-level firewalls. To achieve a multi-layered security approach in the LAN domain I would recommend using an intrusion detection system (IDS) and an intrusion prevention system (IPS) to prevent unauthorized access. Security for the LAN-to-WAN domain should be implemented through the use of a firewall or DMZ to also prevent unauthorized access into the company’s network.…

    • 439 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    First and foremost all files need to be encrypted and password protected. The Playstation Network was taken down easily because routers were left unprotected and the data belonging to users was not encrypted. Everything needs to be locked down digitally. Riordan conducts business in many places and hackers are everywhere. Finance and accounting use outdated systems and manually enter information. Integration of the systems through a secure pipeline will decrease the security risks but the files still need to be encrypted to secure ensure that all security holes are no longer open.…

    • 893 Words
    • 4 Pages
    Good Essays
  • Good Essays

    Network: The network should be designed with security in mind. Its structure must support the company’s policies, relevant laws and regulations, without impairing the organization’s ability to conduct business. The network should be logically and physically separated into distinct and manageable security zones. Traffic between the security zones must be inspected and filtered, to ensure that only authorized network use is permitted, and all access is recorded for future auditing. Multiple devices and methods should be used to ensure security across all parts of the network. In preparing this recommendation, network security design principles have been drawn from the Cisco SAFE Reference Guide [33] and the Council on CyberSecurity’s Critical Security Controls for Effective Cyber Defense Version 5.1 [34].…

    • 598 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    Nt280 Week 1 Homework

    • 359 Words
    • 2 Pages

    C. Place employee on probation, review acceptable use policy (AUP) and employee manual, and discuss status during performance reviews.…

    • 359 Words
    • 2 Pages
    Satisfactory Essays
  • Better Essays

    Nt1310 Unit 3 Essay

    • 1872 Words
    • 8 Pages

    What are the major security threats on my network and computers connected to the network?…

    • 1872 Words
    • 8 Pages
    Better Essays
  • Good Essays

    Log files would be the first place one would look to check for suspicious activity in the event of a crime. They can help you understand where something went wrong. Creating a timeline, of before and after the performance problem or incident. The way traffic moves through a network, especially when the computers are only used for certain things, creates baseline behavior. When something is out of place, such anomalies seem suspicious; but legitimate traffic could be used in illegitimate ways and legitimate traffic can at times seem illegitimate. By consistently monitoring the network, and observing all the possibilities, the anomalies of legitimate traffic wont seem that abnormal and one can focus on the real problems. Predictable passwords that meet minimum length requirements but remain easily guessable is a hazard that could affect a network with a weak password. If that is a problem, one should probably change the password every so often. It would be in everyone’s best interest if the password security level was increased, and that they would expire after a certain amount of time. Removable storage devices that might contain malware, filtered only when passing through the network could be a problem but by limiting the privileges of users, adapted to the duties assigned to the individual. Making it clear that no removable storage devices are to be brought into the network under no circumstance unless necessary and properly screened first. If an unencrypted laptop with sensitive information was to fall in the wrong hands, it would be likely that there would be some sort of damage. To prevent that from happening it is important to encrypt the drives and other sensitive information, have a lockout procedure where you had to put the password in again after a certain amount of time or to view critical data, and to make sure that the device could be potentially monitored.…

    • 322 Words
    • 2 Pages
    Good Essays
  • Good Essays

    Network Security at OSI Layers Muhammad Muzammil Syed Zeeshan Nasir Department of computer science FUUAST, Islamabad 1-OSI Model: In 1983, the International Organization for Standardization (ISO) and the International Telegraph and Telephone Consultative Committee (CCITT) merged documents and developed the OSI model, which is based on a specific hierarchy where each layer builds on the output of each adjacent layer. The OSI model is a protocol stack where the lower layers deal primarily with hardware, and the upper layers deal primarily with software. The OSI model’s seven layers are designed so that control is passed down from layer to layer. The seven layers of the OSI model are shown:…

    • 7615 Words
    • 31 Pages
    Good Essays
  • Better Essays

    Internet Security

    • 1945 Words
    • 8 Pages

    also make it an ideal way for someone to keep a careful watch on the user…

    • 1945 Words
    • 8 Pages
    Better Essays
  • Powerful Essays

    network security

    • 4081 Words
    • 17 Pages

    The global war on terrorism, much like the Cold War, will be a long, protracted conflict because, despite the preponderance of power held by the nations united in their commitment to combat terrorism, we will not be able to come directly to grips with the enemy. Developing technologies that leap ahead of the terrorists requires vision and strategy, and a good strategy requires hard choices. It begins by establishing criteria for selecting the most crucial technological investments. The obstacles to creating counter terrorism technologies that are practical and affordable and overmatch the threat of 21st century terrorism are daunting. Creating a vision of these future technologies, implementing initiatives that broaden the market and make it more predictable and dependable, and developing policies that will help to overcome the barriers to innovation are essential steps to harnessing technology to the future needs of law enforcement. For most of the 20th century, counter terrorism and technology coexisted in a one-sided relationship. In large part, law enforcement and the military adapted the technologies that were commercially available to their needs. That relationship may simply be inadequate for addressing the challenges of the 21st century. Meeting the test of terrorism will likely require a more proactive approach to technological innovation—betting on the future: formulating clear requirements, prioritizing needs, establishing cooperative means to foster the development of technologies, and building the human and financial capital programs necessary to transition and sustain them as effective anti-terrorism tools. In our paper, we want to list “big bets” for the future—six technologies that we believe offer the greatest promise for providing significant advantages in combating terrorism—and address as well the challenge to turning the potential of technology into concrete capabilities.…

    • 4081 Words
    • 17 Pages
    Powerful Essays
  • Powerful Essays

    Internal Network Security

    • 1463 Words
    • 6 Pages

    The development of technology has brought Internet to become the mass communication media between people or companies. Through Internet, people can communicate with other people in various places. Companies can get many advantages by using Internet network to support their business. Therefore, companies are trying as hard as they can, and give high effort in protecting their network from attack and make sure that they have the best network security.…

    • 1463 Words
    • 6 Pages
    Powerful Essays
  • Powerful Essays

    Hybrid Network Security

    • 10587 Words
    • 43 Pages

    AYAN ROY-CHOWDHURY, JOHN S. BARAS, MICHAEL HADJITHEODOSIOU, AND SPYRO PAPADEMETRIOU, UNIVERSITY OF MARYLAND AT COLLEGE PARK…

    • 10587 Words
    • 43 Pages
    Powerful Essays
  • Good Essays

    Network Security

    • 642 Words
    • 3 Pages

    Network security starts with authenticating, commonly with a username and a password. Since this requires just one detail authenticating the user name —i.e. the password— this is sometimes termed one-factor authentication. With two-factor authentication, something the user 'has' is also used (e.g. a security token or 'dongle', an ATM card, or a mobile phone); and with three-factor authentication, something the user 'is' is also used (e.g. a fingerprint or retinal scan).…

    • 642 Words
    • 3 Pages
    Good Essays