Proper network design provides for compliant security, not only isolating users and their traffic, but also preventing attackers from easily traversing a network.
Using Microsoft Visio or another online network diagramming tool, diagram the network that was analyzed in the Topic 1 “Quantify the System” assignment.
Then, create a diagram for a better approach for compliance, based on one of the following frameworks: PCI, HIPAA, NIST, or any other accepted framework.
Ideally, the network will be an Enterprise class consisting of 1000+ clients for various corporate departments, with 50-100 servers providing typical network services. The network infrastructure will be using Layer 3 switches and layered routing to provide separation of subnets.
Your diagram, at a minimum, should include the following secure network design elements: Firewalls, IDS/IPS, DMZ, Vlans, Border and Gateway routers, private IP addressing, Isolated Server Subnets, Network Access Control, and VPN concentrator.
APA style is not required, but solid academic writing is expected.
Refer to “Demonstrating the Gap Scoring Guide,” prior to beginning the assignment to become familiar with the expectations for successful completion.
A policy cannot be written to guide the integration and implementation of technologies unless and until the risks to an organization are explored. During this topic, students will look at a business area and identify risks associated with it (e.g., the oil and gas industry has different risks than health care or banking).
- Quantify a system.
- Identify governing policies.
- Prioritize risks, threats, and known vulnerabilities.