Overview of Lucent Pharma’s Network Vulnerabilities
The network topology needs to be implemented by the organization “Lucent Pharma” faces number of vulnerabilities. The vulnerabilities that are generally present within the network are as follows:
Patches missing: The patch on the server can be missed which generally assists in permitting unauthenticated command prompt into the environment of web. This can be taken as an advantage by the attackers and rogue insider. It is found that in order to avoid this type of challenges and vulnerabilities, it is very much essential to be careful during the application of the patches to the entire servers. It is identified that the network security related practices or steps needs to be used by updating the OS on the latest patches of security.
Default passwords: It is identified that passwords are not categorized within the section of network vulnerability however it is found that there is number content management system, database servers as well as web applications that are configured by using number of default or weak passwords. This type of issue can be resolved by conducting proper test regularly while considering utilization of password management tool. It is identified that intruder is lockout after defining number of failed login attempts.
Firewall rule bases misconfiguration: One of the most dangerous as well as biggest assumption is misconfiguration of the firewall. It is identified that due to misconfiguration of the firewall number of serious security related issues and challenges can occur within the system. It can also lead to entry of unauthorized users into the web environment that further can cause number of cybersecurity as well as ethical issue due to misuse of important as well as confidential information. It is found that in order to resolve this issue and problem, it necessary to implement the security policies quite effectively.
Wireless access points: Wireless Aps generally assists in providing proper connectivity to the users with appropriate proximity within the entire network. It is found that wireless tacks by ward drivers can generally create number of significant changes within the network. This type of vulnerabilities needs to be resolved in ore to secure the sensitive as well as confidential data as well as information of the organization quite effectively.
Utilization of USB flash drives: The utilization of USB flash drivers is considered as one of the most common technique with which the network of the organization can also get infected. In order to resolve the security vulnerabilities, it quite important to utilize proper security related policies within the organization.
Network Security Controls for Lucent Pharma
The security devices as well as controls that are utilized within the network generally do not compromises network security as well as performance of the network.
Firewall: Firewall is defined as one of the system that is mainly designed in order to prevent unauthorized access from a private network. It is identified that firewall helps in preventing the unauthorized internet users in order to restrict the data access from the private network that is connected to the intranets. It is identified that that firewalls are mainly categorized into several types including packet filtering, circuit level gateway, and web application firewall as well as proxy server. It is identified that firewalls generally set number of rules which are mainly applied to each of the packet. It is found that the rules generally helps in deciding whether a packet can be able to pass or it can get discarded.. Usually firewalls are generally placed between the networks that are trusted as compared to the network that is less trusted.
IDS/IPS: IDS and IPS are the processes that are generally very much helpful in determining the event that mainly occurs in the network in order to identify the signs of different violations, incidents as well as imminent threats for the security policies of the organization. The IDS generally works for identifying intrusions as well as various types of configuration related errors that generally affect the company including virus as well as malware infection. It is identified that IDS generally assists in providing the network with a level of preventive security against various types of suspicious activities. IDS generally assist in achieving the objective with the help of early warning that generally aims at system administrators. On the other hand, IPS is one of the devices that generally help in controlling the access to IT networks for protecting the system from any type of abuse or attack.
Honeypot: Honeypot is a decoyed computer system in order to trap hackers or tracking various unconventional or new hacking methods. They are generally designed for engaging as well as deceiving hackers as well as identifying various types of malicious activities that are generally performed over the internet. There are number of advantages of honeypots. It is identified that honeypots provides ease when they are generally employed. Another significant advantage is that they generally assists in seeking information of hackers and the information are considered to be quite valuable in order to study as well as uncover the motivations of the hackers.
Firewall
Routers/switches: It is identified that both router and switches are computer networking devices that generally helps in allowing more networks that are required to be connected with other computers, network devices as well as other types of networks. It is identified that function of router are quite different and they are generally integrated within a single device. Routers generally connect two or more logical subnets that generally des not map within a single interface of the router. Routers are generally considered as the workhorse that generally helps in transferring packets of data between various networks in order to establish as well as sustain proper communication between the nodes within an internetwork.
The devices that are generally placed within the lucent Pharma network are due to some of the reasons that are generally explained below:
Firewall: Firewall will be utilized within the network for restricting unauthorized users entry within the private network. They are used in the network of Lucent Pharma so that the users of internet cannot directly be able to enter within the private network of the organization that is mainly connected with the intranets. It is found that all the messages as well as information needs to be pass through the firewall so that the information or message that can create cyber security related issues can be blocked and thus they are not able to enter within the private network of the organization. They are generally helpful in limiting the access of the network and generally allow access through appropriate secure authentication based logins.
IDS/IPS: Both IDS as well as IPS are generally placed within the network so that they can be able to analyze the sings of occurrence of different types of violations as well as security related incidents. IDS are placed so that they can be able to stop the incidents whereas IPS generally becomes one of the parts of the network for detecting as well as stopping various types of possible incidents. IDS as well as IPS constantly visit the network and identify various types of possible incidents and logging information about tem and generally play a great role in preventing the incidents and then reporting to the network administrator. In addition to this, some of the networks utilize IDS/IPS for determining different types of security related policies.
Honeypot: Honeypot is one of the computer systems that are generally set up for acting as proper decoy in order to lure the cyber attackers and for detecting attempts of unauthorized access within the information system. It is basically comprises of number of applications, computers as well as data that generally helps in stimulating the behaviour of the system that are generally appeared to be part of the network that are generally isolated as well as monitored properly. It is found that all communication with appropriate honeypot is found to be hostile. They are utilized for attracting the attackers in order to reflect on the study about their movements as well as behaviours and thus they generally helps in playing an important role in securing the network of the organization.
IDS/IPS
Routers/switches: It is identified that switches are mainly utilized in order to connect the server. It is found that a switch general serves as one of the controller that generally help in enabling proper networked devices in order to talk efficiently. The switches help in saving money as well as assists in enhancing the productivity of the employees. Other hand, routers are generally utilized for checking the source as well as destination of the IP address in order to look up the destination of the entire attack in the routing table of IP.
It is identified that Lucent Pharma organization generally needs network segregation into multiple domain and thus it is reflected that it is necessary to utilize VLANs. Virtual LAN is one of the logical sub networks that generally group together a number of devices from different types of physical AN. It is found that larger computer networks of the larger business often set up the entire VLANs in order to re-partition their networks for improving traffic management. It is identified that several kinds of network generally helps in supporting virtual LANs that generally include both Wi-Fi and Ethernet. It is found that VLANs helps in bringing proper security benefits to the larger networks in order to allow proper control the devices over local access. WI-FI helps implements the networks by utilizing wireless access points that generally helps in supporting the VLAN’s. In addition to these VLANs, assists in providing advantages that are generally listed below:
Physical layer transparency: It is found that VLANs are very much transparent on the present physical topology and medium over which the entire network is entirely connected.
Security: It is identified that separating system that generally have sensitive data helps in minimizing the chances that is gained by the people to access information when they are not authorized to see it. This is helpful only due to the utilization of VLANs and thus it is analyzed that utilization of VLANs are quite helpful in securing the data and information of the organization.
Cost: It is identified that segmentation of VLAN to smaller LAN generally considered being cheaper as compared with network as well as routers as routers are much more costlier than the network.
Broadcasts: As one of the main element of VLAN does not helps in passing broadcasting traffic to nodes that are not a part within the VLAN and it generally assists in reducing the broadcasts. It is found that access lists generally helps in providing proper network administrator with a appropriate way for controlling the traffic of the network. It is found that an access list is one of the tables that are created by the network administrator for addressing the access of the entire network.
Honeypot
Performance: It is found that proper monitoring of the network utilization generally assists in allowing the network to create proper network administrator for creating VLANs for minimizing the number of router hops and for enhancing the apparent bandwidth for the various users of the network.
Departments: The various departments of the organization that generally have large number of network users generally set VLAN or VLANs are generally connected across various departments that is mainly dedicated for particular types of employees.
Firewall is considered as one of the appliance that is mainly designed for controlling the flow of entire internet protocol or electronic equipment. Firewall are generally utilized for examining the entire network traffic in order to enforce various types of policies that is dependent on instructions that is mainly contained within the entire rule set of the firewall. The policy statement of the firewall is mainly categorized in order to give appropriate guidance on the required firewall. It is found that a network firewall is mainly needed in all the instances where the confidential data are generally processed It is found that both the host firewall as well as network generally helps in affording protection to the operating environment so that redundancy of control is provided if the additional security that is provided is compromised or fails. It is found that proper awareness is generally raised on the significance of a properly configured firewall. In addition to this, the rules that are utilized by the firewall are provided below:
Rule set 1: Responses to internal requests must be allowed. It is found that in most implementation, it is very much desirable to allow the response to proper internal requests in order to achieve information. It is found that in dynamic as well as stateful firewalls, the most easily accomplished by matching the traffic into outgoing requests within proper state table. It is found that in simple packet filtering, this must generally be accomplished with appropriate rule for the external filtering in context to router.
Rule set 2: The firewall must not be accessible directly from the public network. If the hackers access the firewall directly, then can be able to modify or delete the entire rules and generally helps in allowing unwanted traffic. Therefore, firewall must not be allowed to access from other networks directly. If the hackers or cybercriminals generally compromise the firewall and utilizes the permission for accessing other clients or servers of the network, the they may cause additional mischief or damage.
Routers/Switches
Rule set 3: All the traffic must be allowed out from the trusted network. It is not considered wise for restricting the network. As a proper rule, it is necessary to restrict the outgoing traffic unless separate router is generally configured for handling the entire traffic. It is found that assuming that the dangerous traffic is inbound and screening the traffic generally works for the entire firewall. It is found that this level of trust is considered to be fine for most of the organizations. If the work organizations generally require proper control over bound traffic then it is quite necessary to utilize proper separate router.
Rule set 4: It is found that the rule set for the simple mainly transport protocol data is mainly used. It is found that the packets are mainly governed by proper rules in order or allow the firewall as well as for routing well-configured SMTP gateway. It is quite necessary to email traffic server. It is found that some of the hackers generally tries for disguising dangerous packet to fool a firewall.
IDS are mainly considered as one of the proper automated system that mainly helpful in analyzing as well as determining the entire network traffic in response to number of activities that can match through different patterns of malicious activities. In order to determine as well as analyze the traffic, number of polices are well as needs are needed to be developed by the network administrator so that the security of the network is maintained In addition to this, the policies are very much advantageous in mitigating the challenges of cyber security from the entire network. The policies that are needed to be developed within the entire network are listed in the table below:
1) The perimeter firewall should always e located between the switch as well as router.
2) Inbound as well as outbound of the entire network must be restricted and therefore t must be dependent on the classification of the network that is mainly determined with the help of the procedure of risk assessment that is mainly utilized.
3) Restricted data must be hold by the system for the inbound and inbound traffic so that it can be successfully restricted form the business in order to function al other outbound as well as inbound traffic.
4) Proper update is required in the configuration of the firewall for successfully updating new types of vulnerabilities that are mainly identified.
VLANs
5) Proper monitoring of IDS as well as IPS must be done appropriately in order to restrict the data successfully.
6) It is necessary to undertake risk analysis in order t identify the internal as well as restricted system and IDS and IPS.
7) Both IDS and IPS must help in restrict the data environment for properly configuring the alert of personnel for various suspected compromises.
8) It is quite essential that IPS as well as IDS must be properly baseline with the help of the signatures in order to keep the entire data up to date.
The security related issues, which are necessary for the network of Lucent Pharma, are listed in the below table:
Sys admin: The entire responsibility of network is dependent on the Sys Admin. The rle of the sys is as per the functions of the system so that the entire network is properly intended for work. If any type of security issues generally rises within the network, then it is the responsibility of Sys admin to resolve the security related challenges quite effectively so that the system will be kept secured. Proper security related policies are required to be utilized by the sys admin to keep the entire network secure.
Audit: Audit plays a significant role in the networking fields as lot of factors is there that are generally dependent within the functionality off the entire system. It is found that the policies that are generally utilized within the devices must per appropriately perform for the system requirements. This concept is generally utilized so that the person can be able to take care the entire network quite effectively. If is found that any type of error that is found within the network must be appropriately helpful in securing the entire system. Appropriate planning is required to be performed related wit policy in order to deal with the changes that are required to be one within the entire system.
Network: The policy, which is mainly associated with the network generally, assists in reflecting that the packets are transferred in the network can be accessed quite easily. The main motive that is present for the network is to reduce the time that is mainly related with the delivery of packets. It is necessary to secure the entire network quite effectively so that none of the activity can create negative impact on the network.
Security: Security is found as one of the essential perspective of networking. As there are number, of attacks that are done on daily basis on the network and thus the entire functions of the network got affected. In order to mitigate the challenges, proper policy is generally used in the concept in order to enhance the security of various networks so that it can be able to create proper impact on the internal as well as external working of the entire organizations. It is identified that there are number of policies as well as rules that are generally applicable within the network in order to keep it secure from external and internal attacks.
Advantages of VLANs
Figure 1: Proposed Secure Network
(Source: Created by author)
|
Command used to scan server |
Sudo nmap scanme.namp.org |
|
IP address of the server |
45.32.33.156 |
|
Ports open in the server |
22 – ssh 25 – smtp 30 – http |
|
Sunning Web server |
Http Server, port 30 |
|
web server version in use is patched |
No |
References
Acemoglu, D., Malekian, A., & Ozdaglar, A. (2016). Network security and contagion. Journal of Economic Theory, 166, 536-585.
Baktir, A. C., Ozgovde, A., & Ersoy, C. (2017). How Can Edge Computing Benefit From Software-Defined Networking: A Survey, Use Cases, and Future Directions. IEEE Communications Surveys & Tutorials, 19(4), 2359-2391.
Chen, G., Gong, Y., Xiao, P., & Chambers, J. A. (2015). Physical layer network security in the full-duplex relay system. IEEE transactions on information forensics and security, 10(3), 574-583.
Czyz, J., Luckie, M. J., Allman, M., & Bailey, M. (2016, February). Don’t Forget to Lock the Back Door! A Characterization of IPv6 Network Security Policy. In NDSS.
DeLoach, S. A., Ou, X., Zhuang, R., & Zhang, S. (2014). Model-driven, moving-target defense for enterprise network security. In [email protected] run. time (pp. 137-161). Springer, Cham.
Fox, J., & Rooney, M. C. (2015). The Dark Triad and trait self-objectification as predictors of men’s use and self-presentation behaviors on social networking sites. Personality and Individual Differences, 76, 161-165.
He, X., Chomsiri, T., Nanda, P., & Tan, Z. (2014). Improving cloud network security using the Tree-Rule firewall. Future generation computer systems, 30, 116-126.
Kreutz, D., Ramos, F. M., Verissimo, P. E., Rothenberg, C. E., Azodolmolky, S., & Uhlig, S. (2015). Software-defined networking: A comprehensive survey. Proceedings of the IEEE, 103(1), 14-76.
Mishra, S. (2015, December). Network security protocol for constrained resource devices in Internet of things. In India Conference (INDICON), 2015 Annual IEEE (pp. 1-6). IEEE.
Olivier, F., Carlos, G., & Florent, N. (2015). New security architecture for IoT network. Procedia Computer Science, 52, 1028-1033.
Ramos, F. M., Kreutz, D., & Verissimo, P. (2015). Software-defined networks: On the road to the softwarization of networking. Cutter IT journal.
Shin, S., Xu, L., Hong, S., & Gu, G. (2016, August). Enhancing network security through software defined networking (SDN). In Computer Communication and Networks (ICCCN), 2016 25th International Conference on(pp. 1-9). IEEE.
Singhal, A., & Ou, X. (2017). Security risk analysis of enterprise networks using probabilistic attack graphs. In Network Security Metrics (pp. 53-73). Springer, Cham.
Wang, L., Jajodia, S., Singhal, A., Cheng, P., & Noel, S. (2014). k-zero day safety: A network security metric for measuring the risk of unknown vulnerabilities. IEEE Transactions on Dependable and Secure Computing, 11(1), 30-44.
Yang, N., Wang, L., Geraci, G., Elkashlan, M., Yuan, J., & Di Renzo, M. (2015). Safeguarding 5G wireless communication networks using physical layer security. IEEE Communications Magazine, 53(4), 20-27.
Zaalouk, A., Khondoker, R., Marx, R., & Bayarou, K. (2014, May). Orchsec: An orchestrator-based architecture for enhancing network-security using network monitoring and sdn control functions. In Network Operations and Management Symposium (NOMS), 2014 IEEE (pp. 1-9). IEEE.
Zhang, L., Afanasyev, A., Burke, J., Jacobson, V., Crowley, P., Papadopoulos, C., … & Zhang, B. (2014). Named data networking. ACM SIGCOMM Computer Communication Review, 44(3), 66-73.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
