Remote Network Implementation Plan
Institution of Affiliation
Goals and Objectives
The need to have improved network structure for the retail store calls for implementing security measures for remote network access. Remote network implementation will have a great role since the assumptions are that the retail store will operate various branches under centralized administration and control from the mainframe. Among the key objectives for the implementation of the remote network are;
- To have all the retail stores have access to the network using Cisco Virtual private network configurations.
- Provision of cloud based solutions such as SaaS, NaaS and PaaS to help in preventing risks and loses of the remote access controls.
To implement the IPSec for the current network.
- To identify and plan the associated risks and threats prior to configure and install there mote access to all the retail stores of Biggs Tech Electricals Retail Store.
Figure 1 Remote Network Design
In VPN implementation, public telecommunications networks are utilized to conduct private data communications. The internet is used as the public infrastructure and other special protocols to support private communications through the internet. The VPN uses the client server approach to authenticate users, encrypt data and other services with VPN server through tunneling.
VPN clients and servers makes use of three scenarios including;
- Remote access to the intranet support.
- Support of multiple connectivity of intranets in an organization.
- Joining of two or more organizations to form an extranet.
VPN implementation is cost effective in the sense that it lowers the support cost for technology as compared to the other traditional means such as leased lines and remote access servers. Simple graphical client programs helps in the interaction of VPN users (Heyman, 2007). It is possible to connect VPN servers with other VPN servers to form server-to-server connection to extent the intranet or extranet to cover multiple networks. Biggs Tech Electricals Inc retail business will also require implementation of the Internet Protocol Security (IPsec) which a framework that is based on open standards that ensures private, secure communications over the IP networks (“Industrial Network Security”, 2015). The main concepts applied in IPsec are cryptographic security services, network level peer authentication, data origin authentication, data integrity, encryption and replay protection.
The main goal of having the security implementations in place is to secure the communication channels and information sharing in the retail outlets. It is a primary requirement that every organization making use of the internet for communication to have these security measures in place. Having the implementations in place will help the organization improve on the level of privacy of information and increase the level of protection of users and programs being used. Penetration testing and risk assessment is the surest way to understand which security implementation will be productive to the organization.
With the increased demand and use of computer networks for information sharing, communication and resource sharing, there has been increased rates of cyber intrusion and crimes across the world. The only mitigation strategy to these threats to information security is to have the best network security mechanisms such as VPN, IPsec in place. Among the major threats include; sniffing, eavesdropping, distributed denial of service and intrusions (“Rogue Access Points — threat to enterprise security”, 2003). The best mitigation strategies to these threats is through implementation of strong security measures detailed in this section.
Threat Mitigation Strategies
Enterprise network security requires a well-planned security architecture that is based on protecting the enterprise from the data, users and application level. The most common security architecture addresses the enterprise as a unit considering the data, processes, applications, roles and users. The ability to secure components of the network demands that a network based security architecture be well planned to protect and secure all network components. In this case study, the components comprise of both hardware and software. The software components includes the web applications that will be running on the VPN and other cloud platforms. Other hardware components will include the servers and the workstations which solely rely on the mainframe. The security of data and information of these devices and applications will highly depend on the complexity of the security architecture.
Mitigating risks will involve various approaches such as implementation of the Intrusion detections systems and the use of secure protocols such as Internet Security protocol (IPsec). The best mitigation strategy is to have secure protocols lying between Users, data, applications and the network. For the data to be transmitted across the network there will be need to have security protocol involved such as https. The applications interacting over the network will also be secured via these protocols before interacting on the network. Network security plan will be useful in determining the extent to which the implemented security will be useful in the enterprise. Biggs Tech Electricals Inc is at risk of attack and lose of information if they are not well organized in implementing a network security architecture that will help in the protection of user, data and applications from intrusion. The hardware components will also have to be protected from damage through secure access and bugler proofing.
The latest network security architecture considers end-to- end security which defines the security of the network from the point of entry to the network to the data that is hosted or is residing within the enterprise. Intrusion prevention and detection at the edge of the network is key in determining the security of the network. Traffic flowing in and out of the network will have to be filtered in order to secure data interchange. Exchange of information between various retail stores of the enterprise will require secure connections and encryption of data in order to experience the expected goals and objectives.
Project Analysis Justification of Objectives and Goals
The primary goal of having Virtual Private Network (VPN) in place at Biggs Tech Electrical Inc was to ensure secure communication among different retail branches. This implementation coupled with secure internet protocols will ensure security of data, applications and users. The introduction of the VPN, cloud computing and IPsec into the network architecture ensures that the enterprise data and information is secured completely. The key to organization success is defined by the security of its applications and users at large.
The main idea and goal of the improvement of the enterprise network has been realized from the initial start of having the network set up with all the hardware requirements and having the key information architecture in place. There is need to have all the applications running in this enterprise network secured and protected from any intrusion whatsoever. This has been achieved with further improvement in the security architecture of the enterprise. Biggs Tech Electricals Inc has experience tremendous changes in its network infrastructure and structure as a whole. The main objectives have been fulfilled and achieved through development of the enterprise security measures. Having all the structures in place has led to the assumption that the retail store will be able to experience secure communication, information sharing, and resource sharing and reliable communication over its network. The guarantee of security has been well defined by the new network architecture that was put in place in order to achieve every objective stated before. The entire project was inclined towards improving the development and design of the network structure. This mission has been fulfilled through the development of the complete network structure based on the ISO OSI model from the start to the development of the enterprise security.
The need to have end to point communication that is reliable and secure has been achieved through the development of VPN and IPsec into the network. VPN provides the capability of having client to server communication from end to end. It is possible that the retail stores will be able to achieve communication via the network media that has been implemented in the long run. The best solution has been put in place as far as the formulated objectives of the project are concerned. It is possible that almost every challenge to communication and information sharing have been achieved. The need to have all the network hardware in place and running to fit into the new architectural model is evident through the designs that have been shared in almost every part of the previous stages of the project. Biggs Tech Electricals Inc has a guarantee of secure communication and data transmission.
Heyman, K. (2007). A New Virtual Private Network for Today’s Mobile World. Computer, 40(12), 17-19. http://dx.doi.org/10.1109/mc.2007.410
Industrial Network Security. (2015). Network Security, 2015(3), 4. http://dx.doi.org/10.1016/s1353-4858(15)30014-3
Rogue Access Points — threat to enterprise security. (2003). Network Security, 2003(4), 4-5. http://dx.doi.org/10.1016/s1353-4858(03)00407-0