Scribd Logo
Upload

Welcome to Scribd!

  • Enterprise Network Security Proposal

    Uploaded by

    Kalesanwo 'Farah' Ifarajimi
    154 views4 pages
    Network Security is a major issue for large organizations. Organizations need to have a Unitified Threat Management (UTM) System. This includes installation of enterprise wide virus protection, VPN, Firewalls and QoS.

    Original Description:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Network Security is a major issue for large organizations. Organizations need to have a Unitified Threat Management (UTM) System. This includes installation of enterprise wide virus protection, VPN, Firewalls and QoS.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    154 views4 pages

    Enterprise Network Security Proposal

    Uploaded by

    Kalesanwo 'Farah' Ifarajimi
    Network Security is a major issue for large organizations. Organizations need to have a Unitified Threat Management (UTM) System. This includes installation of enterprise wide virus protection, VPN, Firewalls and QoS.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    Enterprise Network Security Proposal

    March29th, 2008

    Head Office :46 Awoniyi Elemo Street. Ajao Estate. Isolo. Lagos UK Office: 96B Albert Square, Stratford, London

    Tel: 017910846,+44203-0511228 Email: info@telecomlabs.net Website: http://www.telecomlabs.net

    Network Security is a major issue of concern for large organizations. When interconnecting branch offices to the head office over the internet, organizations need to have a Unitified Threat Management (UTM) System. This includes installation of enterprise wide virus protection, Virtual Private Networks (VPN), Firewalls and Quality of Service (QoS). The following processes must be followed to achieve the proper VPN and QoS configuration for a UTM: Network Entity, Application and Protocol Identification and Prioritization

    Network Entity Identification and Prioritization


    Create a list of all Network Entities including switches, routers, computers, network printers and VoIP Phones and Servers. In addition, create a schematic diagram of where the VPN gateways, Firewalls routers and Bandwidth managers (QoS enabled routers) will be placed in the network as shown in Figure 1 Below.

    Application and Protocol Identification and Prioritization


    1) Protocol Identification and mapping: We will identify all protocols to be permitted on the network and create a mapping document that details which protocols each network entity is allowed to use. We will then configure the Firewall to block out all unused protocols and effectively ensure no unauthorized access or threat can arise form use of those protocols. 2) Application Classification and Prioritization: We will group protocols into several categories and assigned them priority codes. Protocols with high priority codes get preferential access to network resources. For example,access to application server should have a higher priority then VoIP calls while Voip calls should have higher priority than email retrieval. An Application classification document will be created and agreed upon. It will then be used to implement Quality-of-Service (QoS).

    Head Office
    The head office will have a MH-5001 that will be configured as a VPN hub so that the VPN router at the branch office and the VPN/Firewall protecting the Server can connect to it. It will also give priority to business appilications, VoIP, eMail, and Internet browsing in that order. This will ensure that staff that need business application to complete their work always have highest prefential access on the network. VoIP is essentially to save
    Head Office :46 Awoniyi Elemo Street. Ajao Estate. Isolo. Lagos UK Office: 96B Albert Square, Stratford, London Tel: 017910846,+44203-0511228 Email: info@telecomlabs.net Website: http://www.telecomlabs.net

    communication cost between head offices and branches and to ensure effective routing of calls so it should have a lower priority than business applications but a higher priority then email and web browsing as it is a real time application and so must not be delayed but email and web browsing can be delayed and still operate effectively.

    Branch Office
    The branch office will have a MH-2001 that is configured similarly to the MH-5001 however it will also have workstation-based-QoS as certain users can be giving high priority on the network based on the nature of their work.

    Servers
    The servers will have a MH-2001 that will offer firewall protection for the servers. It will also provide QoS for the Servers so that certain hosts on the VPN have priority to the servers.

    Project Time Line


    Stage Procurement Installation Testing Total Terms & Conditions Initial payment Final Payment (Upon Completion of Project) Accommodation &Travel to Remote Sites outside Lagos Duration (Working Days) 10 7 3 20

    75% 25% Customers responsibility

    Head Office :46 Awoniyi Elemo Street. Ajao Estate. Isolo. Lagos UK Office: 96B Albert Square, Stratford, London

    Tel: 017910846,+44203-0511228 Email: info@telecomlabs.net Website: http://www.telecomlabs.net

    Figure 1. Proposed Network Layout

    Head Office :46 Awoniyi Elemo Street. Ajao Estate. Isolo. Lagos UK Office: 96B Albert Square, Stratford, London

    Tel: 017910846,+44203-0511228 Email: info@telecomlabs.net Website: http://www.telecomlabs.net

    You might also like