Posted at 09.10.2018
Describe the security features of network hardware devices. All network hardware devices have to have security functions which would prevent unauthorised usage of systems and data and helps stop infections malicious software from accessing the network.
Network hardware devices include:
Wireless Routers/WEP (Cellular Access factors)
Each network hardware device includes its security features.
Workstations rely greatly on software to protect them from network hazards. Anti-virus software packages help keep workstations safe and a software firewall is deployed to keep jacks shut even if a program tries to open them. Keeping jacks from being exposed is similar to keeping a door sealed; nothing at all can go in or out. This reduces the threat from unauthorised gain access to.
To access the security settings of any router, a username and password is necessary. If this isn't configured anyone who gains access will be able to administer the network as if it was owned by them. This is set choose the administrator or the ISP.
Wireless routers tend to be venerable to unauthorised gain access to. It is because the LAN (Local Area Network) doesn't need to be accessed physically. If the wireless functions of a router aren't configured properly, the network can be seen and configured in administrative method by anyone. That is a serious risk of security.
The wireless gain access to can be managed by configuring an encrypted password, placing a SSID (Service Collection identifier) and choosing whether it is noticeable or not. If it's not apparent, people will not be able to seek out the access point; they have to know the SSID before hand. For security password encryption WEP and WPA can be utilized. WPA is more secure than WEP. Accomplishing this prevents unauthorised users from accessing the network.
Configure a networked device or specialist software to increase the security of the network.
I have been asked to put into action security to the program below. This is actually the network security set-up of your bank. I have been given the task of creating an in depth diagram coupled with a complete write-up including any proof the way the network security has been advanced.
I will analyse the potential dangers of each advantage in this network to learn what forms of threats the business may face and what you can do to guard or prevent these hazards.
Customers are able to log straight onto the extranet utilizing their personal details. This means that they may be essentially offering their personal, private information. Although an extranet is an exclusive network it uses the internet because of its external gain access to feature. When sending information across the internet without the right security, information could be intercepted and considered for later use. Information could even be altered during mailing for example a hacker might change the address that a customer desires to send money to in order to commit fraudulence. This is called the 'man-in-the-middle' strike.
If the web site does not use encryption, people may start attempting to focus on the sites vulnerabilities. Depending about how popular the service is the likelihood of an attack may differ. The can be easily avoided by utilizing a secure HTTPS connection on the website when coping with personal and private information. This can also avoid the 'man-in-the-middle' strike as time-stamps are utilized. This implies if information transfer has been delayed, it might be altered so it is overlooked.
The network set-up can be made more secure with the addition of a dedicated firewall in between the extranet and the exterior customers. Although a firewall was already installed, alternative routes can be studied to steer clear of the firewall. A good example of when this will happen is when the bond is cut between your firewall and extranet, an alternative solution route may be studied when being able to access customer details.
Because there isn't firewall installed between your internet and extranet, malware and/or spy ware may make it through the network, through the Internal Bank Systems and in to the server that keeps all the other standard bank data. This data can range between customer accounts to the bankers future strategies and jobs. This makes the lender venerable to hackers and even competitors as this information can be used for scams and blackmail or it can be used secretly by another bank or investment company to give the competitor a supplementary edge on the market.
If the inner bank or investment company systems are bought out externally, money moved illegally and details deleted, this would result in a huge problem for the lenders as well as all of its customers and employees.
Although it isn't likely that other banking companies will employ the service of hackers to assault the network, it's quite common for hackers to attempt to find information or ruin a finance institutions system. This is popular and is also often seen in films. This can be prevented by installing anti-malware/spyware software on the server and setting up a passionate, properly configured firewall between the extranet and internet.
Advice can get to customers to prevent Phishing and other hazards. If the customer is knowledgeable in this area they will observe that this is a risk. This is halted by informing the customers that they should only go directly to the site before logging in and not to check out email founded links.
It's all good having plenty of firewalls installed on the network blocking every possible entry but if they're not configured correctly they could let in experienced hackers. In some instances the user cannot gain access to the internet with a program they use often and they also open a bunch of jacks on the firewall so they can gain access to the internet. This is unprofessional and achieving this greatly escalates the risk of unauthorised access the network. A network administrator should be contacted in this kind of situation to open the port needed and minimised network traffic.
If unnecessary ports are open the lender will be extremely venerable to a Distributed Denial of Service Assault (DDoS). This type of assault in often aimed towards commercial websites that sell/provide goods and/or services.
This attack includes a computer mailing a disease to a huge variety of other computer systems. The pathogen will have a cause. When this lead to is set off (by time or by another computer, ) all of the computers afflicted will overflow the sufferer server(s) with network traffic in order to shut down the server and their service.
Here is a diagram that presents how this technique occurs.
If the server was switched off for even 5-10 minutes a massive amount of customers would complain. This standard bank may be targeted because if it's popular and well known.
This type of attack can be prevented by utilizing a dedicated firewall that examines network slots to determine whether it is from a trusted or safe source. If it's a harmful packet it is fell immediately. After obtaining a packet it will send in to the main server only if the packet is safe.
Wireless routers are more venerable to unauthorised gain access to. It is because the LAN (Local Area Network) doesn't need to be utilized physically. That is done by using an encryption algorithm called Wired Equal Privacy (WEP). As this security solution has become used more, it's been examined by hackers and now have been cracked. For this reason the newer, better security method should be used;
Wi-Fi Protected Gain access to (WPA/WPA2)
If the cordless functions of an router aren't configured properly, the network can be seen and even configured in administrative setting by anyone. This is a serious risk of security. The administrator must placed an admin security password and username in order to prevent this.
I have produced a better network diagram using the countermeasures mentioned above. This new network got better the network security in every aspect above. I have done this by configuring all devices, setting up security software on relevant devices and putting in two extra firewalls.
Explain the similarities and dissimilarities between securing a radio and wired network system.
Wired and cordless networks are incredibly similar in a rational diagram but in physical form can be very different. Wireless sites can go beyond a cable, for example they can go through walls and building flooring. Because of this cellular and wired network security is completely different is some ways.
Securing a traditional wired network, physical aspects of the network need to be looked at. For example servers need to be positioned in secure rooms with locked entrance doors and wires need to be protected using wire covers. Below are examples of the type of products that professional sites will have installed.
Wire systems also need physical security nonetheless they can still be accessed wirelessly, due to this a password must be used to limit unauthorised access. This can be integrated using Wired Similar Privacy (WEP) or the better Wi-Fi Protected Gain access to (WPA/WPA2). The network SSID (Service Set identifier) can be configured to the unsearchable environment. This helps prevent people even knowing that the cordless network is available. The SSID would need to be known to be able to hook up to the network in this case.
One of the key disadvantages to wireless networking is the reduced acceleration. Wireless Ethernet is either 11Mbps (802. 11b) or 54Mbps (802. 11a) or 160 Mbps (802. 11n) whereas Wired Ethernet is can be from 100Mbps to 1Gbps (1000Mbps) or even more!
Although the rate of cordless has been greatly increased due to the intro of 802. 11n, it still cannot keep up with the demand for bandwidth in systems today. If multiple people are games online, sharing/downloading files and using bandwidth the network may be overloaded. With wired Ethernet 1Gbps can handle the large bandwidth demand and provide a good service to all users on a single network.
Both wired sites and wireless systems can communicate across a peer-to-peer network. This is used to store and share data, talk privately or transfer data. Although with a wireless connection files over 100MB problems have been said to occur.
Client servers are being used to centrally store client data and programs over a server giving them gain access to from multiple locations. This isn't possible over a radio connection as a higher performance and high bandwidth is necessary.
For communication wired and cordless systems have to utilize different protocols. Both use standard protocols such as HTTP, UDP and TCP. But for wireless relationships encryption must be used. This is because anyone can interrupt a wireless signal without being noticed.