Network Guardians

NT2580 Project
Part 1

Randolph Gallegos Jr, Justin Freetage, Deborah Patterson

Safety of data and information is a real important aspect of a company. Before we can
create an outline for general security solutions we must first define what is needed. We
recommend that we use a multi-layered security plan. There are a total of seven
domains of an IT infrastructure including user domain, workstation domain, LAN
domain, LAN-to-WAN domain, WAN domain, remote access domain, and
system/application domain.
User domain is essentially the people who access the information system. User
domains tend to receive risk due to the users carelessness due to lack of awareness,
not caring for policies, and security violations. These can easily be rectified with training.
Conduct security awareness training, display security posters around the office, and
send email reminders to keep the policies fresh in the employees mind. Another
common threat is caused by employee misuse of the system. Employees might insert
USB drives, or download photos music and videos. These items might contain viruss
which in turn damages the system. The USB ports should be disabled and content
filtering and antivirus scanning should be enabled.
Workstation domain is any device that connects to the network. A few threats might be
encountered are unauthorized access to the workstation and unauthorized access to
applications and data. These issues can be mitigated simply by enabling password
protection on workstations and by defining strict access control policies.
LAN domains are a collection of computers connected to one another. Threats for LAN
domains include unauthorized access to the LAN, and unauthorized access to systems

applications and data. The solutions for these threats are similar to that of the
workstation domain. Another major threat is confidentiality of data transmissions via
when a WLAN connection is compromised. Implementation of encryption between
workstation and WAP is crucial.
LAN-to-WAN domain is where the infrastructure links to a wide area network and
internet. A few issues include unauthorized network probing and port scanning. To
resolve this issue disable ping, probing and port scanning on all exterior IP devices
within the domain. Another major issue is unauthorized access through the LAN-to-WAN
domain. Simply applying strict security monitoring controls for intrusion and detection
and preventing would solve this problem.
WAN domains connect from remote locations. For these types of domains it is easy to
open, publicly and accessible to anyone that wants to connect. Create new laws
regarding unauthorized access to the systems, malicious attacks on the infrastructures
and financial loss due to malicious outages. Another issue is that most internet traffic is
sent in clear text. To prevent this prohibit using the internet for private communications
without encryption and VPN tunnels.
Remote access domain connects remote users to the infrastructure. Threats for this
type of infrastructure are brute force user id and password attacks, multiple logon retries
and access control attacks. To stop this from occurring creates user id and password
policies requiring periodic changes. Set up automatic blocking for attempted logon
retries.

System/application domain holds all the critical systems, applications and data.
Unauthorized access to data centers, computer rooms and wiring closets is a major
issue for this domain. Apply policies, standards and procedures for staff and visitors.
The servers must sometimes be shut down to perform maintenance. Create a system
that brings together servers, storage and networking.
These are a couple things that we have outlined that would make this multi-layered
security plan a success. We must know the various threats for each layer and how to
resolve each layer. This plan will greatly save the company money as well as lawsuits
due to information leakage.