Institution of Affiliation
Goals and Objectives
The need to have improved network structure for the retail store calls for the implementation of security measures for remote network access. The remote network implementation will have a great role since the assumptions are that the retail store will operate various branches in a centralized administration and control from the mainframe. Among the key objectives for the implementation of the remote network are:
- To ensure all the retail store’s departments have access to the network using Cisco Virtual private network configurations.
- To provide a cloud based solutions such as SaaS, NaaS and PaaS to help in the prevention of risks and loses of the remote access controls.
- To implement the IPSec for the current network.
- To identify and plan the associated risks and threats prior to configuration and installation of the remote access to all the retail stores of BiggsTech Electricals Retail Store.
Figure 4 (a)
Remote Network Design
In the VPN implementation, public telecommunications networks are utilized to conduct private data communications. The internet is used as the public infrastructure. Other special protocols are used to support private communications through the internet. Importantly, the VPN uses the client server approach to authenticate users, encrypt data and other services with VPN server through tunneling.
VPN clients and servers makes use of three scenarios, which are:
- Remote access to the intranet support.
- Support of multiple connectivity of intranets in an organization.
- Joining of two or more organizations to form an extranet.
VPN implementation is cost effective in the sense that it lowers the support cost for technology as compared to the other traditional means such as leased lines and remote access servers. To begin with, the simple graphical client programs helps in the interaction of VPN users (Heyman, 2007). It is also possible to connect VPN servers with other VPN servers to form server-to-server connection to extent the intranet or extranet to cover multiple networks. BiggsTech Electricals Inc. retail business will also require establishment of the Internet Protocol Security (IPsec), which is a framework that is based on open standards that ensures private and secure communications over the IP networks (“Industrial Network Security”, 2015). The main concepts applied in IPsec are cryptographic security services, network level peer authentication, data origin authentication, data integrity, encryption, and replay protection.
The main goal of having the security implementations in place is to secure the communication channels and information sharing in the retail outlets. It is a primary requirement that every organization making use of the internet for communication to have these security measures in place. The main importance of having the implementations in place will help the organization improve on the level of privacy of information and increase the level of protection of users and programs being used. Normally, penetration testing and risk assessment is the surest way to understand which security implementation will be productive to the organization.
Following the increased demand and use of computer networks for information sharing, communication, and resource sharing, there has been increased rates of cyber intrusion and crimes across the world. The only mitigation strategy to these threats to information security is by having the best network security mechanisms such as VPN and IPsec in place. The most common major threats include; sniffing, eavesdropping, distributed denial of service and intrusions (“Rogue Access Points — threat to enterprise security”, 2003). The best mitigation strategies to these threats is through the implementation of strong security measures, which I have discussed in the subsequent section.
Threat Mitigation Strategies
Enterprise network security requires a well-planned security architecture that aim at protecting data at user and application level. The most common security architecture addresses the enterprise as a unit considering the data, processes, applications, roles, and users. The ability to secure components of the network demands that a network based security architecture be well planned to protect and secure all network components. In this study, the components comprise of both hardware and software for BiggsTech Electricals Inc. The software components include the web applications that will be running on the VPN and other cloud platforms. Other hardware components will include servers and the workstations which solely rely on the mainframe. Finally, the security of data and information of these devices and applications will depend on the complexity of the security architecture.
Mitigating risks will involve various approaches such as implementation of the Intrusion detections systems and the use of secure protocols such as Internet Security Protocol (IPsec). The best mitigation strategy is to have secure protocols lying between users, data, applications, and the network. For the data to be transmitted across the network there will be need to have security protocol involved such as https. The applications interacting over the network will also be secured via these protocols before interacting on the network. Network security plan will be useful in determining the extent to which the implemented security will be useful in the enterprise. BiggsTech Electricals Inc. is at the risk of attack and loss of information if they are not well organized in the development of a network security architecture that will help in the protection of user, data and applications from intrusion. The hardware components will also have to be protected from damage through the use of a secure access and bugler proofing system.
The latest network security architecture considers end-to- end security, which defines the security of the network from the point of entry into the network to the data that is hosted or is residing within the enterprise. Intrusion prevention and detection at the edge of the network is key in determining the security of the network. Additionally, traffic flowing in and out of the network will have to be filtered in order to secure the data interchange. Exchange of information between various retail stores of the enterprise will require a secure connections and encryption of data in order to experience the expected goals and objectives.
Project Analysis Justification of Objectives and Goals
The primary goal of having a Virtual Private Network (VPN) in place at BiggsTech Electrical Inc. was to ensure secure communication among different retail branches. The installation of a VPN and secure internet protocols will ensure security of data, applications, and users. Further, the introduction of the VPN, cloud computing, and IPsec into the network architecture ensures that the enterprise data and information is safely transmitted within the communication systems. As such, the key to organization success is defined by the security of its applications and users’ information.
The main idea and goal of the improvement of the enterprise network has been realized from the initial stages of having the network set up with all the hardware requirements and key information architecture in place. There is need to have all the applications running in this enterprise network secured and protected from any intrusion. This has been achieved through the improvement in the security architecture of the enterprise. BiggsTech Electricals Inc. will experience tremendous changes in its network infrastructure and structure as a whole. Importantly, the development of the enterprise security measures will enable the company to have a secure and effective system. In particular, having all the necessary network structures will enable the retail store to experience secure communication, facilitate smooth information sharing, promote resource sharing, and foster reliable communication over its network. The guarantee of security has been well defined by the new network architecture that will be put in place in order to achieve the business’ objectives. Therefore, the entire project will be inclined towards improving the development and design of the network structure. To ensure there is smooth implementation of the development program needed to establish a network structure, the new structure will be based on the ISO OSI model from the onset of the development of the enterprise security.
In conclusion, the need of having an end-to-point communication that is reliable and secure has been achieved through the development of VPN and IPsec into the network. VPN provides the capability of having client to server communication from end-to-end. It is possible that the retail stores will be able to achieve communication via the network media that has been implemented in the long run. The best solution has been put in place as far as the formulated objectives of the project are concerned. It is possible that almost every challenge to communication and information sharing have been achieved. The need to have all the network hardware in place and running to fit into the new architectural model is evident through the designs that have been shared in the previous three parts of the project. Therefore, the proper development of the new network system for BiggsTech Electricals Inc. will guarantee the company of secure communication and data transmission.
Heyman, K. (2007). A New Virtual Private Network for Today’s Mobile World. Computer, 40(12), 17-19. http://dx.doi.org/10.1109/mc.2007.410
Industrial Network Security. (2015). Network Security, 2015(3), 4. http://dx.doi.org/10.1016/s1353-4858(15)30014-3
Rogue Access Points — threat to enterprise security. (2003). Network Security, 2003(4), 4-5. http://dx.doi.org/10.1016/s1353-4858(03)00407-0