Improving Network Security Posture And Use Of Cybersecurity Tools

Vulnerabilities in the network

The real vulnerabilities exist inside the present system topology of “Lucent Pharma” are illustrated below:

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Missing patches: Missing patches is considered as one of the real vulnerabilities that is available inside the present system topology of “Lucent Pharma”. It is distinguished that missing patches largely allows a verified indirect access way and summon insight into the web condition for the rouge insider. Hence, it very important to be very careful while utilizing patches. It is recognized that it is important to use proper policy procedures for organizing security by updating the OS.

Default passwords: It is found that passwords are not considered inside the network vulnerability but it is recognized because huge numbers of the content management framework and web applications utilizes feeble passwords requires SQL infusion. This issue can be settled by testing the passwords consistently to ensure that the passwords that are used are appropriate and secure.

Misconfigured firewall: The misconfigured firewall discharge is  one of the real vulnerabilities that is available inside the system of the organization. It is recognized that misconfiguration of firewall discharge can be one of the genuine design related shortcoming that for the most part helps in permitting unapproved web condition. With a specific end goal to moderate this issue, it is very essential to use suitable security approaches.

USB flash drives: The threat that is related with USB flash drives can make number of system vulnerabilities and in addition issues. It is distinguished that USB drivers are a standout amongst the most well-known courses through which the whole system can be tainted from or inside the firewall. With a specific end goal to moderate this issue, it is very vital to use appropriate security related strategies in setting to individual stockpiling gadgets.

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

The security devices that are placed within the network of the organization are illustrated below:

Firewall: Firewall is considered as one of the device of system security that f helps with checking both active and ingoing movement that causes in choosing that assists in deciding whether to permit or block the traffic as per the permit security rules. Firewall is considered as one of the principal line of barrier inside the system security. They for the most part help with making appropriate impediment between controlled and in addition secured inside system, which largely can trust and untrusted outside system including the web.

IDS/IPS: Intrusion discovery is considered as one of the methodology that helps with checking the whole event that happens inside the whole system by deciding the indications of different sorts of incident violations and assists in setting to different security arrangements. Nonetheless, IPS is one of the system that aides in playing out the whole interruption discovery that for the most part helps in blocking the occurrence that is recognized. It is discovered that this safety efforts that are present as IDS and IPS end up one of the piece of the system for distinguishing and halting distinctive kinds of potential occurrences.

Honeypot: Honeypot is one of the PC framework that is for the most part set for going about as one of the imitation keeping in mind the end goal to bait different cybercriminals and for identifying and diverting different examination endeavours with a specific end goal to accomplish unapproved access to different data framework. It for the most part traded off different applications, information and PCs that for the most part helps in recreating conduct of the genuine framework.

Explanation of the security devices

Switch/Routers:  Router aides in sending different information related packets inside the system. They are for the most part situated inside the gateways for interfacing different systems and devices. Switches use headers with a specific end goal to forward tables for deciding appropriate way to forward the whole packet. In addition to this, switch is characterized as of the gadget that aides in separating and also sending packets between LAN sections. It is distinguished that switches for the most part works as the information connect layer and hence helps with supporting the parcel convention.

The devices like Firewall, IDS, Honeypot, and Routers are put inside the chose area because of the reasons that are illustrated below:

Firewall: The firewall is used inside the system with a specific end goal to keep unapproved access various private systems. It is recognized that system firewalls largely help with in preventing unapproved clients of the web from getting access that are private and associated with intranets. Every messages that enters and the intranet needs to go through the firewall and the then the firewall inspects every one of the messages appropriately a obstructs those messages that do not by meet the security related criteria.

IDS/IPS: Network interruption discovery framework is put inside the system with the goal that they can have the capacity to screen the conduct of the framework and can have the capacity to give caution on different sorts of conceivably pernicious system activity. It is discovered that the two IDS and IPS are largely used so the side effects of movement and additionally interruptions can without much of a stretch be distinguished so the security related vulnerabilities and difficulties could be settled in the underlying stage. IPS/IDS help in breaking down malicious code that can make security challenges for the system.

Honeypot: This is considered as one of the vulnerable and disconnected framework that is kept inside the system to think about the different strategies and procedures of attacks and for shielding the genuine framework from various kinds of attacks. Honeypots is considered as a standout amongst the best security of system that for the most part can helps in copying vulnerabilities, tolerating and in addition reacting to different tests that is set by different aggressors.

Switches/Routers: Routers or switches used between different type of networks so as to interface the system with the assistance of web. It helps in checking both the goal and additionally source IP address that is related with every packet and aides in steering the packet to another switch. It is discovered that switches help in giving ISP that further aides in assigning switch IP address, which is one of the general population IP address.

Lucent Pharma requires network segregation into different areas which reflects that VLANs are needed to be used. VLANs are primarily characterized as one of the system PC that is chiefly situated inside a similar region. It is discovered that VLANs are for the most part used inside the system keeping to make the whole system administration framework significantly less demanding in number of ways. It is recognized that VLAN are  ordered into number communicate spaces and also number of intelligent subsets for making the whole system administration framework less demanding. One of the best-preferred standpoints of VLANs is that it helps with setting up particular domain segment for single hardware that is identified with the switch. It is recognized that VLANs gives number of advantages that are as follows:

Explanation for the need of placing the security devices

Security: VLANs helps in giving enhanced security of the network. It is found that VLAN organize condition helps in controlling each port and in addition client. A noxious client can by and large attachment workstation for exchanging system.

Broadcast control: Broadcast is considered as one of the ordinary capacity of the system. It is distinguished that there are number of conventions and applications that for the most part rely upon the correspondence communicate to capacities fittingly. It is distinguished that usage of VLANs inside the system by and large helps with decreasing the communicate movement as every one of the communicate are by and large sent to the significant and additionally particular VLAN as it were.

Physical layer transparency: VLANs are very transparent on the physical topology and medium over which the whole system is associated.

Cost: It is recognized that portioning huge VLAN helps in making appropriate steered connect with the switches as switches are for the most part very costlier when contrasted with the switches.

It is distinguished that VLANs aides in limiting the need switch arrangement on the system that for the most part have communicated movement. Notwithstanding this the control of the communicate areas for the most part helps with lessening the activity.

Firewall is considered as one of the device that is mostly intended for controlling the stream of the web convention with a specific end goal to frame appropriate system or electronic gear. The system activity and additionally to enforce strategies that is reliant on directions contained inside the rule set of the firewall. The arrangement that is predominantly planned is useful in giving appropriate direction when the firewall is required. The firewall arrangement that is used is very useful in bringing issues to light on the importance of legitimately designed firewall. The firewall strategies that must be executed by the system head are recorded beneath:

Network connection: All the remote association of the association organize must go through the firewall of the system. Furthermore, all the system associations that for the most part enters high security organize by and large goes through the system firewall.

Dedicated functionality: The system firewall must be used for securing the system of the association by running on single reason gadgets. Every firewall arrange must have fitting arrangement of tenets that must be particular to its motivation according to the IT’S standard of system firewall.

System firewall change control: It is distinguished that system firewall design tenets ought not be changed unless appropriate authorization is given by the data security officer and also organize supervisor. It is discovered that any of the of the progressions to different administrations and in addition leads should be legitimately archived.

Regular auditing: Proper review on the system firewall must be done appropriately. These reviews must incorporate the best possible execution vulnerability scanning to the ITS vulnerability assessment policy.

System firewall physical security: The system firewall of the organization is situated on the ITS server farm and it must be available by the parts and duties that for the most part gives access to the system firewall that is characterized inside the whole ITS entrance control approach. It is distinguished this protected space by and large has appropriate security related measures introduced and thusly all the physical access that is for the most part secured will be for the most part consequently logged. It is distinguished that every one of the guests get to must aides in securing spaces that is for the most part keep the ITA get to control related arrangement.

Intrusion detection system are found  as one of the framework that helps with observing and also breaking down the system movement because of different exercises that for the most part coordinates through known examples of pernicious exercises. It is recognized that to break down and additionally screen the movement, number of approaches are required to be executed by the system manager with the goal that the arrangements and principles are very useful in settling the difficulties of cyber security from the system. The policies that are needed to be executed include:

1) It is distinguished that the perimeter firewall ought to be set between the router and also the switch

2)  It is discovered that both inbound and in addition outbound of system must be confined and it must be subject to the framework order as appropriately distinguished by the method of hazard evaluation

3)  It is recognized that framework must hold the confined information that must be outbound and in addition inbound the whole activity that is limited to that is required for the business for working all other inbound and additionally outbound movement.

4)  Firewall arrangement must be effectively updated according to the new sorts of vulnerabilities that are for the most part recognized

5)  IDS and IPS must be suitably checked for confining the whole information

6)  Proper hazard investigation requires to be effectively directed for deciding the inward limited framework and in addition IDS IPS.

7)  It is discovered that IDS and also IPS that for helps with confining information condition must be appropriately designed for ready work force of different presumed bargains.

8)  It is discovered that IPS and IDS, baselines and signatures are required to be keep up to date.

The security strategies that are especially needed for the system of Lucent Pharma are principally provided below:

Sys administrator: The power of the system relies upon the framework administrator. The whole part of the framework administrator relies upon the whole usefulness of the system. It is discovered that security related difficulties occurs then the sys admin needs to deal with the situation by managing it properly. The system functionality must considers all the security related arrangements while working with the framework so no security related difficulties can have the capacity to influence the framework successfully.

Audit: It is distinguished that the audit area assumes an extraordinary part in the field of networking because of number of variables that are required within the different segments of functionality is accomplished. It is discovered that the primary approach that relevant inside the devices must be performed effectively and additionally framework prerequisites. The audit idea must be done as such that the individual can assume the whole liability. It is discovered that if any kind of blunder is found inside the system it would largely aides in securing the whole framework. Some of the time legitimate arranging must be done in setting to strategy because of number of sorts of changes inside the framework which would influence the typical usefulness of the framework.

System: The approach that related with the system can be inside the segment which reflects that every one of the packets are  exchanged inside the system must be legitimately accessed. It is identified  that the primary thought process of the system is to limit the general time that is essentially connected with the bundles conveyance starting with one section then onto the next. It is found that the system must be legitimately secured with the goal that no action can affect the working of the system contrarily. It is recognized that as system involves different kinds of bundles and hence it must incorporate distinctive sorts of fundamental data that are particularly basic.

Security: Security is considered as one of the critical perspective of networking.  Number of different kinds of attacks occurs within the system that negatively impact the system function. Therefore, in order to resolve this type of challenges and issues it very much important to use proper policies as well as rules within the entire system. It is recognized that there are number of principles and arrangements that must be incorporated inside the idea of system with a specific end goal to keep up the system secure.

Command used to scan server

Sudo nmap scanme.namp.org

IP address of the server

45.32.33.156

Ports open in the server

22 – ssh

25 – smtp

30 – http

Sunning Web server

Http Server, port 30

web server version in use is patched

No

Chen, G., Gong, Y., Xiao, P., & Chambers, J. A. (2015). Physical layer network security in the full-duplex relay system. IEEE transactions on information forensics and security, 10(3), 574-583.

Cruz, T., Barrigas, J., Proença, J., Graziano, A., Panzieri, S., Lev, L., & Simões, P. (2015, May). Improving network security monitoring for industrial control systems. In Integrated Network Management (IM), 2015 IFIP/IEEE International Symposium on (pp. 878-881). IEEE.

Durkota, K., Lisý, V., Bosanský, B., & Kiekintveld, C. (2015, July). Optimal Network Security Hardening Using Attack Graph Games. In IJCAI (pp. 526-532).

Hyun, S., Kim, J., Kim, H., Jeong, J., Hares, S., Dunbar, L., & Farrel, A. (2018). Interface to Network Security Functions for Cloud-Based Security Services. IEEE Communications Magazine, 56(1), 171-178.

Jang, H., Jeong, J., Kim, H., & Park, J. S. (2015, March). A survey on interfaces to network security functions in network virtualization. In Advanced Information Networking and Applications Workshops (WAINA), 2015 IEEE 29th International Conference on (pp. 160-163). IEEE.

Kountouras, A., Kintis, P., Lever, C., Chen, Y., Nadji, Y., Dagon, D., … & Joffe, R. (2016, September). Enabling network security through active DNS datasets. In International Symposium on Research in Attacks, Intrusions, and Defenses(pp. 188-208). Springer, Cham.

Mishra, S. (2015, December). Network security protocol for constrained resource devices in Internet of things. In India Conference (INDICON), 2015 Annual IEEE (pp. 1-6). IEEE.

Moreira, R., Moreno, R., & Strbac, G. (2016). Value of corrective network security for distributed energy storage applications. IET Generation, Transmission & Distribution, 10(7), 1758-1767.

Ochang, P. A., & Irving, P. (2016). Performance analysis of wireless network throughput and security protocol integration. Int J Future Generation Commun Netw, 9(1), 71-78.

Olivier, F., Carlos, G., & Florent, N. (2015). New security architecture for IoT network. Procedia Computer Science, 52, 1028-1033.

Shin, S., Wang, H., & Gu, G. (2015). A first step toward network security virtualization: From concept to prototype. IEEE Transactions on Information Forensics and Security, 10(10), 2236-2249.

Shin, S., Xu, L., Hong, S., & Gu, G. (2016, August). Enhancing network security through software defined networking (SDN). In Computer Communication and Networks (ICCCN), 2016 25th International Conference on (pp. 1-9). IEEE.

Singhal, A., & Ou, X. (2017). Security risk analysis of enterprise networks using probabilistic attack graphs. In Network Security Metrics (pp. 53-73). Springer, Cham.

Wang, L., Jajodia, S., Singhal, A., Cheng, P., & Noel, S. (2014). k-zero day safety: A network security metric for measuring the risk of unknown vulnerabilities. IEEE Transactions on Dependable and Secure Computing, 11(1), 30-44.

Yang, N., Wang, L., Geraci, G., Elkashlan, M., Yuan, J., & Di Renzo, M. (2015). Safeguarding 5G wireless communication networks using physical layer security. IEEE Communications Magazine, 53(4), 20-27.

Yu, T., Sekar, V., Seshan, S., Agarwal, Y., & Xu, C. (2015, November). Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the Internet-of-Things. In Proceedings of the 14th ACM Workshop on Hot Topics in Networks (p. 5). ACM.

Zaalouk, A., Khondoker, R., Marx, R., & Bayarou, K. (2014, May). Orchsec: An orchestrator-based architecture for enhancing network-security using network monitoring and sdn control functions. In Network Operations and Management Symposium (NOMS), 2014 IEEE (pp. 1-9). IEEE.

Zseby, T., Vázquez, F. I., King, A., & Claffy, K. C. (2016). Teaching network security with IP darkspace data. IEEE Transactions on Education, 59(1), 1-7.