Order Now
Uncategorized

Discuss About The Network Security Using Tree Rule Firewall

12 min read
Posted on 
April 25th, 2025
Home Uncategorized Discuss About The Network Security Using Tree Rule Firewall

Discussion

Network security are certain policies as well as procedures that are significantly implemented by any specific administrator of network for the purpose of avoiding or keeping the track of the unauthenticated access, modifications, denial of the respective networks, denial of any network resources and exploitation of the network resources (Perlman, Kaufman & Speciner, 2016). This eventually means that the well implemented network security is responsible for blocking any type of viruses, hackers and malware to access or alter the secured information. The IT security problem comes into account when this type of security is hampered and various security risks are exposed. This report explains about the several risks of IT with their mitigation plans and proper recommendations for the company.

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

 The set of few strategies that help to manage the tools, policies or processes of an organization for the major purposes of prevention, detection, documentation and finally countering the risks to the non digitalized as well as digitalized information is termed as information technology security (Stallings, 2017). The most significant responsibilities of this type of security is that the establishment of business processes would be effective for the protection of confidential information, assets or even resources within any storage or database. The entire control of the physical accesses to the significant software or system hardware is checked with this IT security. However, there is always a high chance that the confidential data or assets will be hacked by the attackers by any means. The proper protection against the damage and harm are usually done by unauthorized network access, virus injections and malicious data injection (Kahate, 2013). These attacks within the security of information technology are called the IT security problems.

The Comodo Certificate Authority Fraud Hack has just come into news and it has hacked the digital certificates of various popular websites or social networking sites. After this news, all the companies are worried regarding their data or network security. Since, the contractor of the organization has the responsibility to properly maintain the various networks of the business clients for the purpose of securing the transactional data (Grimes, 2018). Since, the payments are received online; there is a high chance that the account details would be hacked by the attackers. However, the risks should be identified properly for proposing the respective solutions to all these security threats or risks.

For the significant case study of Comodo Certificate Authority Fraud Hack, the Iranian hacker was responsible for duping the respective certification authorities and also issuing the several digital certificates to one or other unauthenticated or unauthorized parties (Grimes, 2018). This hacker from Iran eventually moved the critics for calling Microsoft as well as Mozilla browsers and thus eradicating Comodo as one of the most authenticated and authorized root CA or certification authority. The hacker then generated the certificates for four distinct famous web sites, which are Live.com, Skype, Google and Yahoo.

Conclusion

Since, after the news of Comodo Certificate Authority Fraud Hack, the organization is concerned about their data and network security, a proposed list of the major IT security threats and risks are made and these are as follows (See Appendix A):

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper
  1. i) Distributed Denial of Service Attacks: The first and the foremost dangerous and significant risk to the data as well as network security of this particular company is the DDoS attack or distributed denial of service attack (Chen et al., 2015). This is the type of security event, which occurs when any specific hacker takes the action that would be preventing all legitimate or legalized users from using or accessing the target computer system, network resource and device. The denial of service attack usually floods the servers or networks with network traffic and thus obtaining the resources and making them inaccessible for the intended users. These legalized users could not access the resources easily and hence when any attack occurs, the system is automatically rebooted (White, Fisch & Pooch, 2017). This typical activity restricts these users from accessing the data and hence the entire system gets locked. The network performance is degraded by this and the situation becomes worse when websites are accessed. The DDoS attacks have become a major issue within the cyber world and network security.
  2. ii) Phishing: The second important IT security threat for any network security is phishing (Bejtlich, 2013). It can be defined as a fraud activity that enables the attackers to obtain any type of sensitive information like login credentials, bank details, credit card details and many others. Phishing most occurs for some of the malicious reasons and the hacker disguises himself or herself as a trustworthy entity. This is mostly done within an electronic communication either by electronic mails or by any other means. The easiest ways to carry out phishing security threat is either by instant messaging or by spoofing of emails (Zhuang et al., 2013). The moment, any user logs in to his or her mailbox, a link is sent by the attacker and when he or she clicks on that link, all of system’s data are hacked.

iii) Breaching of Confidential Data: The next important IT security threat or risk for the organizational network security is the breaching of confidential data. This type of threat can occur both intentionally as well as unintentionally. The intentional data breaching often occurs from the employees of the organization (Anwar et al., 2014). The data is leaked either on the Internet or the cloud. This data can occur contain the financial details of the users and thus the account details will be made public. As the business clients are receiving payments from the government, they can easily lose the confidentiality and integrity of transactional details or data.

  1. iv) Eavesdropping: Another significant network security risk or threat is the eavesdropping. The threat of eavesdropping can be easily defined as the unauthenticated real time interceptions of the respective private communication and conversation such as instant messages, fax transmissions, video conferences and audio conferences (Pal et al., 2014). The eavesdropping is much easier for the performance with few IP based calls than the TDM based calls. The protocol analyzer would be picking and recording these calls without getting observed by these callers.
  2. v) Threats to the Digital Certificates: The threat to the digital certificate is the fifth risk of network security that has occurred for the case study of Comodo Certificate Authority Fraud Hack. Digital certificates are also known as the electronic passports that allow the companies and systems to exchange the sensitive data safely and securely on the Internet (Kang & Kang, 2016). This is kept secured with the public key infrastructures or PKI or even public key certificates. Hence, when the digital certificates are hacked, it becomes a major issue for the websites.

After a significant analysis of the Comodo Certificate Authority Fraud Hack, few solutions are proposed for the identified threats and these solutions will be helpful for mitigating the various risks (Shirali-Shahreza & Ganjali, 2013). These proposed solutions to the security threats are as follows:

  1. i) Solutions for DDoS Attacks: The proper implementation of the mitigation tool and technique will be helpful for the specific reduction of distributed denial of service attack (See Appendix B). This particular tool is used for the resistance or mitigation of the complete impact of DDoS attacks within the network, which is attached to the Internet connection (Budka, Deshpande & Thottan, 2014). This type of attachment is done by the protection of target networks or relay networks. This organization must use the mitigation technique to secure the network and thus network security can be maintained properly.
  2. ii) Solutions for Phishing: The phishing security threat could be easily mitigated if virtual private network or VPNs would be implemented. The attacker will not get any access to the remote web servers or local area connections (Mansfield-Devine, 2015). The most effective virtual private networks for this organization will be SonicWall and Fortinet. Both of these VPNs are much more efficient and cost effective than the other virtual private networks.

iii) Solutions for Breaching of Confidential Data: Disk encryption would be the best solution for the breaching of confidential data. This type of system can be kept protected by disk encryption and the sensitive data is saved.

  1. iv) Solutions for Eavesdropping: Encryption would be the best solution in this case (He et al., 2014). This particular organization should implement the technique of encryption within their network for ensuring that only confidential data is being utilized by the users and moreover, only the authenticated users are using the confidential data. This would be stopping all types of unauthenticated data access to a greater level.
  2. v) Solutions for Digital Certificates’ Threat: For this particular IT security threat or risk, all the authenticated CA or certificate authorities must be used (Liyanage et al., 2016). This could only be done when the pre existing certificate authorities are removed from the systems and finally the PKI gained certificate authorities are added here.

Conclusion

Therefore, conclusion could be obtained that network security is one of the most basic and significant requirement in any information technology or software company. This type of security enables the organizational staffs and employees to use the data without any type of complexity and thus is quite popular within the organizations. The very first layer of the network security is secured with the help of a username and password and hence only allowing the authenticated users to access the data with several customized privileges. The data integrity as well as confidentiality is saved by this procedure. Private networks are the best solutions for this purpose. This report has clearly explained about the various risks and threats related to IT security and proper solutions to those issues. Relevant recommendations are also provided here.

This organization might be facing some of the most important and noteworthy security risks related to information technology such as the phishing, DDoS attacks, eavesdropping, data breaching, digital certificates threats and various others. All of the mentioned security threats are much vulnerable to the specific network of the company. These threats are promptly prevented by proper countermeasures. Following are the three important suggestions for the better security of the organizational network.

  1. i) Change of Passwords: The first suggestion for this company is to change the passwords within a fixed period of time. This particular suggestion would help them in securing sensitive information to a greater level. Since, the passwords would be changed within a timely manner; the attackers would not get the hold of the data.
  2. ii) Utilizing Encryption on WAPs: Encryption technique is the second suggestion for the organizational network security. The wireless access points must be kept encrypted for securing the confidential data. The encryption of WPA2 would be securing the authenticity of this confidential data. Furthermore, they can easily store their information within a database securely.

iii) Using Virtual Private Networks: VPN implementation is the third relevant suggestion for the organizational network security. VPN implementation will be reducing the overall chance of data theft or data hacking.

References

Anwar, R. W., Bakhtiari, M., Zainal, A., Abdullah, A. H., Qureshi, K. N., Computing, F., & Bahru, J. (2014). Security issues and attacks in wireless sensor network. World Applied Sciences Journal, 30(10), 1224-1227.

Bejtlich, R. (2013). The practice of network security monitoring: understanding incident detection and response. No Starch Press.

Budka, K. C., Deshpande, J. G., & Thottan, M. (2014). Network Security. In Communication Networks for Smart Grids(pp. 209-225). Springer, London.

Chen, G., Gong, Y., Xiao, P., & Chambers, J. A. (2015). Physical layer network security in the full-duplex relay system. IEEE transactions on information forensics and security, 10(3), 574-583.

Grimes, R. (2018). The real security issue behind the Comodo hack. [online] CSO Online. Available at: https://www.csoonline.com/article/2623707/hacking/the-real-security-issue-behind-the-comodo-hack.html  [Accessed 27 Aug. 2018].

He, X., Chomsiri, T., Nanda, P., & Tan, Z. (2014). Improving cloud network security using the Tree-Rule firewall. Future generation computer systems, 30, 116-126.

Kahate, A. (2013). Cryptography and network security. Tata McGraw-Hill Education.

Kang, M. J., & Kang, J. W. (2016). Intrusion detection system using deep neural network for in-vehicle network security. PloS one, 11(6), e0155781.

Liyanage, M., Abro, A. B., Ylianttila, M., & Gurtov, A. (2016). Opportunities and challenges of software-defined mobile networks in network security. IEEE Security & Privacy, 14(4), 34-44.

Mansfield-Devine, S. (2015). The growth and evolution of DDoS. Network Security, 2015(10), 13-20.

Pal, R., Golubchik, L., Psounis, K., & Hui, P. (2014, April). Will cyber-insurance improve network security? A market analysis. In INFOCOM, 2014 Proceedings IEEE (pp. 235-243). IEEE.

Perlman, R., Kaufman, C., & Speciner, M. (2016). Network security: private communication in a public world. Pearson Education India.

Shirali-Shahreza, S., & Ganjali, Y. (2013, August). FleXam: flexible sampling extension for monitoring and security applications in openflow. In Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking (pp. 167-168). ACM.

Stallings, W. (2017). Cryptography and network security: principles and practice (p. 743). Upper Saddle River, NJ: Pearson.

White, G. B., Fisch, E. A., & Pooch, U. W. (2017). Computer system and network security. CRC press.

Zhuang, R., Zhang, S., Bardas, A., DeLoach, S. A., Ou, X., & Singhal, A. (2013, August). Investigating the application of moving target defenses to network security. In Resilient Control Systems (ISRCS), 2013 6th International Symposium on (pp. 162-169). IEEE.

Order an Essay Now & Get These Features For Free:

Turnitin Report

Formatting

Title Page

Citation

Outline

Place an Order
Calculate the price
Pages (275 words)
$0.00
Course Scholars
Company
Legal
How Our Service is Used:
Course Scholars essays are NOT intended to be forwarded as finalized work as it is only strictly meant to be used for research and study purposes. Course Scholars does not endorse or condone any type of plagiarism.
Subscribe
No Spam
© 2025 Course Scholars. All rights reserved.
Course Scholars will be listed as ‘Course Scholars’ on your bank statement.

Order your essay today and save 15% with the discount code GINGER

Order Now