Order Now
Uncategorized

Designing And Implementing A Secured Network For Super Finance Solutions Pvt. Ltd.

19 min read
Posted on 
April 25th, 2025
Home Uncategorized Designing And Implementing A Secured Network For Super Finance Solutions Pvt. Ltd.

Identification process according to framework model of network security

In this report, a secured network has been designed and implemented for an organization named Super finance Solution Pvt. Ltd. company. Based on the framework model of network security, the identification process will be discussed by the verification mode. With such a structure of the model, the users who are authenticated will only get access to the information and data installed by the service. This system will be useful for the Super Finance Solutions Pvt. Ltd. situated in London by implementing the network model of Zero Trust that secures the company’s network. For implementing such a secured network, there must be a network design and its examination which must go through the three blocks respectively. These blocks are Communication and Architecture, Secure service delivery and operation, Research and delivery with Conclusion, and future work.

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Figure: Super Finance Solutions Network topology

It is necessary to establish an IP connection and the hardening of the device for securing the network connectivity. All the devices will get an address with such IP connections to transfer data and communication. The risk of accessing unwanted threats reduces by strengthening such network equipment. The advantages of the Device hardening are as follows:

  • To enhance the productivity and performance of the network, unused programs and files are removed.
  • It provides additional network security by blocking Remote access.
  • By implementing device hardening, Security risks are also eliminated.

Figure 2: Device Hardening configuration

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

IP Configuration

Internal Site Router

External site router

Internet router

The network architecture includes various servers which are a DHCP server, A Web Server, A SYS-LOG server, and a DNS server. These devices must acquire the IP addresses from their Domain Controller. The chances of errors that occur commonly are reduced by the implementing DHCP server (Fitzgibbon et al. 2020). It ensures that only a single computer is assigned with an IP address.

DHCP Server Configuration

The above figure illustrates that the network of the Super financial company comprises a DHCP server so that the devices of the internal network can get a dynamic IP address. Here, the default gateway of the DHCP server is 192.168.30.1.

The above figure shows that the PCs of the internal network has been configured with a dynamic IP address.

DNS Server

In the above figure, the configuration of the DNS server has been shown where the name of the DNS record is 

WebServer

In the above figure, the configuration of the WEB server has been shown. It is mainly has been configured to store data files on the website.

Syslog Server

In the above figure, the configuration of the Syslog server has been shown where continuously logs all the changes in the network.

To facilitate communication between the company’s internal and external networks, a dynamic routing protocol setup is required. The communication network and dynamic routing will assist the router in forwarding the data packet to the proper location. As a result, RIP version 2 has been enabled on all devices in the communication network. The configuration of RIPv2 is provided below:

This configuration enables all the devices on the network to communicate with each other.

Inter-VLAN and Trunking Configuration

Importance of establishing IP connection and device hardening

Inter-VLAN routing and trunking allow devices to communicate with other devices. For configuring this, at first, VLAN needed to be created that is shown below:

After that, inter-VLAN has been configured on the router that is shown below:

After that, trunking has been configuration on switches that are shown below:

The above figure shows the switchport mode configuration of switches.

ACL Implementation on Routing Devices

A list of ACLs is established for protecting the network. The authorization and authentication of packets regulate filtered data transmission packets. The security provided by the network layer restricts the activity prohibits access for its users and devices. Super Finance Solutions Pvt. Ltd. sets up the control list to access all the networks. The list is set up in such a manner that only the users have the access to its network and restricts any external individual from accessing it (Zheng, Li and Li 2017). To gather content from desired networks and known technologies, the ACLs are implemented on the connections with the outer router. The configuration of ACL is shown below:

A VPN connection site-to-site is the connection that provides security to the information during the transfer of data packets through the network (Guo et al. 2019). In Super Finance Solutions Pvt. Ltd. this device is installed to encrypt the transmission of data between its external and internal routers. The configuration of the VPN is shown below:

The above figure shows the configuration of VPN in the External site router. The configuration develops a secure tunnel between the internal site router and the external site router.

The above figure shows that the 3 packets have been going through this terminal and all of these packets are encrypted.

In setting up the network, the VPN has some advantages which are as follows:

  • Avoid alteration of data: When a user consumes some data quantity the broadband or network provider slows the speed of the communicating network. If VPN is used along with it, then one need not worry about such things.
  • Avoid alternation of bandwidth: The consumers experience several difficulties with the periodic decrement of the Internet. As a key factor, using VPN may avoid bandwidth throttle and helps in improving the Internet connection.
  • Hide Private information: The data collected from the user and its online activity is followed by the Web applications are observed. Such activities are not observed by the internet if it is run with a VPN connection which protects the data as well as kept it private.

The advantages mentioned above are considered by the developers of the Super Finance Solutions Pvt. Ltd. to protect their external and internal network.

Implementation of Network IPS is the mechanism that assures a protective layer of guarantee.

The NIPS works with the network traffic monitoring which analyses its protocol’s behavior (Tharaka et al. 2017). It is necessary to implement NIPS in the company’s network to protect the company from external threats, various risks, attacks, and vulnerabilities. After implementing such NIPS within the company, it protects itself against various viruses, malware, and exploitation (Pawlowski et al. 2017). The below two figures shows the configuration of IP IPS:

From the above figure, it has been seen that the IP IPS has been configured on the internal site router. An IOS system along with IPS configuration is configured to the router available in the internal site for protecting the internal network of the Super Finance Solutions Pvt. Ltd. company.     

Zero Trust Network Security Framework

As a Network Security Engineer of Super Finance Solutions Pvt. Ltd., London, it is my duty to establish a model of network security which will be effective and reliable for the company. The most trusted security framework in recent times based on the verifying mode on the users’ identification is considered to set up which is Zero Trust Network Security Framework. It clarifies that users already authenticated or authorized by the framework or system will be able to gain access to the information and database (Rose et al. 2020). Further, it also helps the company in improving the performances of the installed networks in it and protects its security from the external threats that may arise. It can help its user in protecting its identified surfaces, which is quite helpful in identifying the traffic movement in view of the company regarding protecting its surface. This framework introduces many new dependencies among the users, services, DAAS, and Infrastructure which protects the system’s surface while establishing the micro perimeter environment around itself (Samaniego and Deters 2018). The perimeter is needed for the protection of the surface. Firewalls are the segmentation gateway to be employed for creating a micro perimeter. The company provides the segmentation gateway which is commonly termed as Firewall (Dhar and Bose 2021).

The network architecture including servers and DHCP

Zero Trust Framework is the qualitative approach to security that eliminates the implicit trust which secures the company’s security. The main principle of this framework is that not to trust any security unless it is verified (Buck et al. 2021). It is designed to enable the transformation digitally for protecting the environment with strong network segmentation, authentication methods, policies of least access, and layer for preventing threats. It is based on realizing that the trust of the user is decreasing by the model of traditional security (Li 2020). It includes the threats and malicious insiders and externals who are in keen waiting and hampering the user while sharing data and communication which weakens their security also and takes away the information which results in a negative way for the company. This lack of security controls can be overcome after implementing such framework of security which can provide the security strength to its user that their data and information are safe from any malware and outside attackers which makes them work freely on the network resulting in the growth of the Network Security (Mehraj and Banday 2020).

Virtual Private Network which is in short termed as VPN is the connection securing the private network over a network that is used publically (Das et al. 2020). The private network could be either any business, its association, or any IT sector, or many others. It helps Super Finance Solutions Pvt. Ltd. in the improvement of its network security by investing or funding some cheap and affordable investments which in return provides more benefits. The IP addresses of the users’ system and devices are masked with the help of VPN through a remote server that is customized and which runs through a VPN host that helps its user in making the browsing of Web which origins at the server of VPN itself (Hauser et al. 2020). It is quite impossible to trace the users’ footprint for any threats which are from outside or in short for external threats.

 The hackers who observe and track the users for understanding them are just wasting their time as the users perform on the server which is secured and safe from the outside attacks of any external means. VPN also works as the filter for its use by converting it in the form of gibberish (Kim and Lee 2018). Any hacker can find this data but all in vain as it is considered to be useless because the data collected by the hacker is in gibberish form which is of no use. The VPN can perform many more tasks until its major priority is to secure the system first which is securing or protecting the server of the VPN (Hoenig 2018). The benefits of VPN are as follows:

  • VPN connects easily with the network which exists before in any organization, company, business, or association.
  • VPN’s task is in masking the IP address from the threats which evoke from external means and also from the provider who supplies or provides internet services or from any third party (Surasak and Huang 2019). It will help its users to do the work freely and in the way which they want to do it as the data and the information sent and collected by them are fully secured and no one can trace the users’ footprints.
  • The VPN which is ideal for working can ensure in detecting the threats coming from external affairs or means by an individual who is trying to log in without any authentication or by any other means of the range which is diverse. VPN uses the OTP method for its authorized and authenticated users to log into the server for their work or job roles. While login, an OTP is sent to the authenticated user’s contact number by the VPN as provided by them. The VPN creates and establishes another origin for its users when it is at work and ask to provide a password that can be strong and cannot be broken or cracked by any other person easily and after that, the four-digit or six-digit code or OTP is sent to the contact number which is provided by the user to the company.
  • The VPN allows its user to hide and wear the shawl which is invisible to any other party or outsider. It also helps the user not to accept any cookies from outside which is very much useful and important for preventing the attacks of cyber or from the hackers and external threats or cyber-crime.
  • VPN is cost-effective as it returns many supplies and provides much more to the Super Finance Solutions Pvt. Ltd then the company bears the cost of implementing such VPN as the network for their performance.
  • VPN joins quite easily with other devices and services and evolves easily with them which improves the performances of such devices, as well as the service provided by them, also improves and results in a positive manner for the Super Finance Solutions Pvt. Ltd.
  • VPN several times depends upon the traffic type which is sent through its tunnel and can be also classified by the means of OSI layer. The layer is received from the packets.

Classification of VPN by the Topology terms is Peer to peer VPN, Client to server VPN, and Site to site VPN. The development of the security and the network facility of the Super Finance Solutions Pvt. Ltd can be enhanced by the use of the overview discussion of the reliability of the VPN.

Communication between internal and external networks using dynamic routing protocols

The model of VPN security provides:

  • Confidentiality to its user as if there is a deep inspection of packet level, an attacker or outsider can only see the encrypted data.
  • Sends authentication to its user for preventing unauthorized users who trying to access the VPN (Guo et al. 2020).
  • It sends message integrity to its end users for detecting the instances of tampering through the transferred messages.

Before the establishment of the secure VPN, Tunnel endpoints must be authorized. The remote-access VPNs created by users use biometrics, two-factor authentication, cryptographic methods, or passwords. Network–to–network tunnels use digital certificates or passwords. It stores the key permanently that allows the tunnel for the establishment without any interference of the administrator automatically.

Secure VPN protocols include:

  • Internet Protocol Security
  • Transport Layer Security
  • Datagram Transport Layer Security
  • Microsoft Point-to-Point Encryption
  • Microsoft Secure Socket Tunneling Protocol
  • Multi-Path Virtual Private Network
  • Secure Shell VPN
  • Wire Guard
  • IKEv2

In considering the Super Finance Solutions Pvt. Ltd Company, IPsec is helpful in terms of its working ways. IP security or IPsec is the forced protocol of the engineering task provided by the internet which is held among the two points connected with another one for providing the authentication. It works by following some steps which mean to determine the traffic type, tunnel termination, and IKE phase one or two. By implementing IPsec components, this method can be helpful in providing suitable integrity and authentication to the Super Finance Solutions Pvt. Ltd. IPsec architecture is used or implemented by most of the company, businesses, or organizations in order that protect the enabled VPN connections.

IPsec also enables a topmost security layer for organizing the network architecture at its best by the implementation of some solid protocols and critical features. These security protocols are executed between system to system, host to host, and among the several connections. So, the cryptographic method which is implemented in such mode of communication can be either the Transportation method or Tunneling method. In this procedure, the data transfer by using the Tunneling method is made by L2TP.

IPsec Tunnel acts as communication along with a tunnel between the two different systems. As a result of which, it is not necessary to break the circuit which may be costlier than the tunneling used by IPsec. With the establishment of IPsec, it doesn’t mean that there is network security which is established overall as its remote users can easily get access with the network. The IPsec configuration implementation cannot restrict the users’ detailed services and level opportunities provided by the network to them. The system providers or developers must consider the several difficulties which are available there or are associated with the configuration of IPsec. The administration and maintenance of the protocol’s security are difficult and need some additional features which are to be installed. As a result, the configuration of VPN is to be implemented to the system established or developed for providing internet access that is secure to its remote users. However, in addition to the cryptographic mechanism of IPsec, some specific information and system techniques are used for providing security to remote users. These techniques can allow them to work smoothly without any hassle disturbance or problems which generally evokes before implementing such methods and techniques from the external threats, hackers, outside attacks from cyber due to its security reasons.

Conclusion and Future Work

With the report, a broad concept on the implementation and the network security is developed by the Super Finance Solutions Pvt. Ltd network architecture. The communication network architecture has been judged and many security measures are also found which relate to the Wide Area Network. Network architecture is designed for the Super Finance Solutions Pvt. Ltd which can fulfill the requirements and needs of the company. In the simulation tool of the network, a network connection is developed by the packet tracer termed as Cisco Packet Tracer. The main task is to provide privacy and security, for which the VPN and IPsec connections are established and implemented in the design. The Super Finance Solutions Pvt. Ltd can provide secured services to their remote users and customers through the various protocols which are added with the security in the network architecture.

Inter-VLAN routing and trunking

In the future, if the company wants to configure additional devices to the network architecture, it can be expanded. Super Finance Solutions Pvt. Ltd. must protect itself from the potential threats for its benefits, which will be costly to be recover after being hacked or attacked. With the technology used that is Cutting-edge, the connection is secured and protected. It allows its users to work in a safe environment where they perform their organizational activities. In the upcoming time, the link may be upgraded in such a manner that it allows connections that are distant which will make it more usable than before after such additional features. It may deploy the network devices in the Super Finance Solutions Pvt. Ltd. to provide wireless connectivity for its remote users. It establishes a suitable working environment for its users as the mobility of work is provided to them. 

References

Buck, C., Olenberger, C., Schweizer, A., Völter, F. and Eymann, T., 2021. Never trust, always verify: A multivocal literature review on current knowledge and research gaps of zero-trust. Computers & Security, 110, p.102436.

Das, S., Sharma, S., Dai, R., Bremond, F. and Thonnat, M., 2020, August. Vpn: Learning video-pose embedding for activities of daily living. In European Conference on Computer Vision (pp. 72-90). Springer, Cham.

Dhar, S. and Bose, I., 2021. Securing IoT Devices Using Zero Trust and Blockchain. Journal of Organizational Computing and Electronic Commerce, 31(1), pp.18-34.

Fitzgibbon, S.P., Harrison, S.J., Jenkinson, M., Baxter, L., Robinson, E.C., Bastiani, M., Bozek, J., Karolis, V., Grande, L.C., Price, A.N. and Hughes, E., 2020. The developing Human Connectome Project (dHCP) automated resting-state functional processing framework for newborn infants. NeuroImage, 223, p.117303.

Guo, J., Gu, C., Chen, X. and Wei, F., 2019. Model learning and model checking of ipsec implementations for internet of things. IEEE Access, 7, pp.171322-171332.

Hai, P.N.P., Hong, H.N., Quoc, B.B. and Hoang, T., 2021, October. A Comparative Research on VPN Technologies on Operating System for Routers. In 2021 International Conference on Advanced Technologies for Communications (ATC) (pp. 89-93). IEEE.

Hauser, F., Häberle, M., Schmidt, M. and Menth, M., 2020. P4-IPsec: Site-to-Site and Host-to-Site VPN with IPsec in P4-Based SDN. IEEE Access, 8, pp.139567-139586.

Hoenig, G.J., 2018. Data Security on the Internet.

Khelf, R. and Ghoualmi-Zine, N., 2018, November. Ipsec/firewall security policy analysis: A survey. In 2018 International Conference on Signal, Image, Vision and their Applications (SIVA) (pp. 1-7). IEEE.

Kim, S.H. and Lee, K.H., 2018. VPN-Filter Malware Techniques and Countermeasures in IoT Environment. Journal of Convergence for Information Technology, 8(6), pp.231-236.

Li, S., 2020. Zero trust based internet of things. EAI Endorsed Transactions on Internet of Things, 5(20).

Mehraj, S. and Banday, M.T., 2020, January. Establishing a Zero Trust Strategy in Cloud Computing Environment. In 2020 International Conference on Computer Communication and Informatics (ICCCI) (pp. 1-6). IEEE.

Pawlowski, N., Ktena, S.I., Lee, M.C., Kainz, B., Rueckert, D., Glocker, B. and Rajchl, M., 2017. Dltk: State of the art reference implementations for deep learning on medical images. arXiv preprint arXiv:1711.06853.

Rose, S.W., Borchert, O., Mitchell, S. and Connelly, S., 2020. Zero trust architecture.

Samaniego, M. and Deters, R., 2018, July. Zero-trust hierarchical management in iot. In 2018 IEEE international congress on Internet of Things (ICIOT) (pp. 88-95). IEEE.

Surasak, T. and Huang, S.C.H., 2019, February. Enhancing VoIP Security and Efficiency using VPN. In 2019 International Conference on Computing, Networking Guo and Communications (ICNC) (pp. 180-184). IEEE.

Tharaka, P.M.K., Wijerathne, D.M.D., Perera, N., Vishwajith, D. and Pasqual, A., 2017, December. Runtime rule-reconfigurable high throughput NIPS on FPGA. In 2017 International Conference on Field Programmable Technology (ICFPT) (pp. 251-254). IEEE.

Tiller, J.S., 2017. A technical guide to IPSec virtual private networks. CRC Press.

Ullah, S., Choi, J. and Oh, H., 2020. IPsec for high speed network links: Performance analysis and enhancements. Future Generation Computer Systems, 107, pp.112-125.

Xi, W., Suo, S., Cai, T., Jian, G., Yao, H. and Fan, L., 2019, March. A Design and Implementation Method of IPSec Security Chip for Power Distribution Network System Based on National Cryptographic Algorithms. In 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC) (pp. 2307-2310). IEEE.

Zheng, S., Li, Z. and Li, B., 2017, March. Implementation and application of ACL in campus network. In AIP Conference Proceedings (Vol. 1820, No. 1, p. 090014). AIP Publishing LLC.

Order an Essay Now & Get These Features For Free:

Turnitin Report

Formatting

Title Page

Citation

Outline

Place an Order
Calculate the price
Pages (275 words)
$0.00
Course Scholars
Company
Legal
How Our Service is Used:
Course Scholars essays are NOT intended to be forwarded as finalized work as it is only strictly meant to be used for research and study purposes. Course Scholars does not endorse or condone any type of plagiarism.
Subscribe
No Spam
© 2025 Course Scholars. All rights reserved.
Course Scholars will be listed as ‘Course Scholars’ on your bank statement.

Order your essay today and save 15% with the discount code GINGER

Order Now