1 / 18

Designing a Secure Home Office Network Solution

Design a scalable, secure home office network solution meeting given specifications. Evaluate design and user feedback.

pamelaabel
Download Presentation

Designing a Secure Home Office Network Solution

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Design Unit 26 Design a small or home office network HND in Computing and Systems Development

  2. Timeline

  3. Learning outcome 2 • Be able to design small or home office networks • Devices: number of connected devices; anticipated participation • Bandwidth: average load; peak load; local Internet availability; cost constraintCommunications plan from lesson 2 • Users: quality expectations; concept of system growth • Applications: requirements eg security, quality of service • Communications: considerations eg suited to devices, suited to users, lifestyle preferences, commercial requirements • Scalable: considerations eg supporting device growth, supporting additional devices, bandwidth use trend change • Security: considerations eg addressing policy, device participation, firewall rules, encryption preference

  4. LO2 Assessment criteria 2.1 Design a small or home office network solution to meet a given specification 2.2 Evaluate the design and analyse user feedback

  5. Previously …. • You created a physical and logical network design • There are still design decisions to be made • Namespaces • Operating systems • Applications • Scalability • Security

  6. Namespaces • Names are needed for accounts, machines, shares, emails, directories • What are the rules for naming • Formulaic – eg T202Bay12 • Thematic – eg Chewie, Leiai, Deathstar • Functional – Staff007, Student40917 • Descriptive – Staffshare, Studshare, T104Printer • Can be difficult to stick to one type • Often mixed, with one type dominant

  7. Namespace example • Student userIDs are their MIS number • Staff userIDs are their SurnameInitial • Email addresses are the UserID@domain name • Home directories are UserID • Servers are Starwars names • PCs are BayNumberRoomNumber • Printers are PrinterTypeLocation

  8. Activity • Decide on the namespace policies for MWS

  9. Operating systems • Choices for servers, desktops, laptops, mobiles, tablets • Open source – Linux • Proprietary • Microsoft • Apple • Google • Consider cost, support, features, technical knowledge • Make a justified recommendation for MWS

  10. Applications for MWS • Office • Manufacturing • Payroll • Accounting

  11. Scalability • How easy will it be for the network to grow with the business? • Server file space and additional users • Network ports • Increased bandwidth • More CNC machines • Assess your design for scalability. How will it cope if the business grows to 4 times the size • Employees • Extra building • Machines and devices

  12. Security • Wireless LAN • No Default Settings – change SSID and Admin account • Cell Sizing – modify transmitter power • SSID Naming – use a meaningless name • Cloaking – turn of broadcast SSID name • MAC Filters – et allowable MAD addresses • Encryption – use WPA2 • Restricted IP – set IP ranges in DHCP • Turn off unnecessary services

  13. Password security • Set minimum and maximum lengths • Passwords should use three of four of the following four types of characters: • Lowercase • Uppercase • Numbers • Special characters such as !@#$%^&*(){}[] • Require a number of unique passwords before an old password may be reused - say 24 • Set a maximum password age - 60 days

  14. Password security • Account lockout threshold - 4 failed login attempts • Reset account lockout after 30 minutes. • Password protected screen savers should be enabled and should protect the computer within 5 minutes of user inactivity • Rules that apply to passwords apply to passphrases which are used for public/private key authentication

  15. Malware protection • Anti virus • Update OS and applications • Firewalls • Software in OS • Built into routers • Appliances

  16. Security appliances • Unified threat management (UTM) • network firewalling • network intrusion prevention  • gateway antivirus (AV) • gateway anti-spam • VPN (virtual private network) • content filtering • load balancing • data leak prevention  • on-appliance reporting • Easy to manage but comprehensive

  17. Examples • WatchGuard Firebox T10 • Easy to install • Web interface • Subscription updates • Priced feature set (£300-700) • Check Point 600 Appliance • Easy to install • Web interface • Can pay for management (£20/month) • £300

  18. Security for MWS • Write a brief security and recommend any security products for MWS

More Related