1. Discuss LAN-to-WAN traffic and performance monitoring and analysis
According to our textbook, an important part of ensuring proper security is monitoring the traffic that flows through the LAN to WAN domain. Traffic monitoring and analysis is the process of capturing network traffic and examining it to determine how users and applications are using your network. After the traffic is captured, software can be used to analyze it. The goal is to detect problems before they become critical. Your efforts should focus on identifying degrading performance that might affect data availability or traffic that might indicate attack activities.
2. Discuss WAN configuration and change management
According to our textbook, the functionality in the LAN-to-WAN Domain depends on the configuration of the devices in the domain. Each device or software component operates based on configuration settings and rules. Any change to settings or rules changes the way the domain components operate. After you configure the components in the LAN-to-WAN Domain to operate securely, you must prohibit unauthorized changes to the domain configuration. The change-management process must be enforced to ensure only authorized changes are made to any configuration and that you document all changes for later auditing.
Change Management Steps:
requestor submits a configuration setting or rule change request.
configuration control board reviews each request and approves/denies it.
implementers receive approved change requests and make the approved changes.
security administrators validate the current configuration against the latest authorized baseline.
security administrators should validate configuration changes in a test environment.
after applying changes, security administrators should create a new authorized baseline.
implementers validate the changes made to ensure they satisfy the original request.
3. Discuss remote access domain best practices
assume threats will occur.
create a telework policy.
encrypt sensitive information.
designate and secure specific remote work devices.
employ user authentication.
set up a VPN.
manage sensitive data securely.
collaborate with third-party partners and vendors.
Kaplan, D. (2021, Oct 6) 8 Best Practices for Secure Remote Work Access. Retrieved from: https://www.siemplify.co/blog/8-best-practices-for-security-remote-work-access/
Weiss, M., & Solomon, M.G. (2015). Auditing IT Infrastructures for Compliance. Second Edition. Jones & Bartlett Learning: Information Systems Security & Assurance Curriculum. ISBN: 1284090701 978-1284090703
-JAMIE
RESPONSE 2:
Discuss LAN-to-WAN traffic and performance monitoring and analysis.
The connection between an organization’s internal network and the internet is known as LAN-to-WAN communication. Because so many corporate tasks depend on some kind of internet connectivity, an external network link is frequently deemed important. Because of its importance, this connection’s traffic and performance are often monitored (What is Network Traffic Analysis). Traffic analysis entails the use of either hardware or software capable of recording the data that passes through it. This logging usually takes place on the network device that is responsible for sending traffic out of the LAN. Logging is possible using a router, but it may also be done with traffic logging software on other devices. The goal of traffic monitoring is to figure out how users interact with the network. Performance monitoring is similar to traffic monitoring in that it is used to verify that the network is operating at peak efficiency. Users with adequate upload and download speeds may complete their business duties thanks to performance monitoring.
Discuss WAN configuration and change management.
It’s critical to ensure that network devices keep their settings once they’ve been set up appropriately. Configuration and change management is the notion of keeping a device’s authorized configuration (Shaw, J. F. A. K.). After a configuration change request has been tested, configuration and change management ensures that it is sent to a network administrator for approval or disapproval.
Discuss remote access domain best practices.
Users may utilize remote access to access LAN resources from outside the network. While this adds capabilities, it also exposes the LAN to another possible attack vector. Best practices for remote access domains seek to mitigate some of the risks associated with remote access. Two-factor authentication and using a VPN are two of the most prevalent remote access best practices. If an attacker obtains a user’s password, they will be unable to access the LAN of the company (What is Network Traffic Analysis). The VPN encrypts the communication between the distant user and the LAN resources.
-jimmy
References:
Shaw, J. F. A. K. (2020, December 2). What is a WAN? Wide-area network definition and examples. Network World. https://www.networkworld.com/article/3248989/what-is-a-wan-wide-area-network-definition-and-examples.html
What is Network Traffic Analysis (NTA) and Monitoring? (2021). Rapid7. https://www.rapid7.com/fundamentals/network-traffic-analysis/
less
-JAMES
ISSC 341
RESPONSE 3:
For this week’s discussion, disaster recovery, I will identify how hurricane Sandy effected the U.S. internet infrastructure. Disaster recovery is an organizations method of regaining access and functionality to its IT structure after events like a nature disaster, cyber-attack, etc. On average, .3 percent of the internet is down any given day. Before hurricane Sandy hit it was .2, after the storm hit it jumped to .43 percent. Areas that were hit the hardest by the hurricane had the worst drops in connectivity. Hurricane Sandy had disrupted wireless and internet services in New York, New Jersey, and Connecticut.
There are a few steps a system administrator could take in case of natural disaster occurs and disrupts a network starting with a wide area network (WAN). A WAN is a geographically distributed private telecommunications network that interconnects multiple local area networks (LAN). This will allow for your sites to communicate in case one goes down. For example, if your sites are depending on the information, they get from a data center, you will want to make sure there’s a backup data center far from the primary network. Disaster recovery as a service (DRaaS) has been the turn to model that is disaster proof.
DRaaS delivers people power, when systems are down, there will always be people there to work during the problem away from the disaster. Sandy had wiped out power and communications across the eastern seaboard. DRaaS has facilities in one or more regions and offers failover access between facilities. The services are affordable and accessible for any organization. Hope everyone is having a great start to their weeks and I look forward to future discussions.
Regards,
-ALI
Works Cited:
Reardon, M. (2012, October 30). Hurricane Sandy disrupts wireless and Internet services. CNET. https://www.cnet.com/tech/mobile/hurricane-sandy-disrupts-wireless-and-internet-services/
https://www.sd-wan-experts.com/blog/superstorms-drass-and-disaster-recovery/work
RESPONSE 4:
Natural disaster can having a drastic impact on all types of networks and servers, whether that be physical or virtual. A example of a time where a natural disasters created a form of network or server outage was tropical storm or Hurricane Harvey, which left texas underwater back in 2017. During those devastating times, a small city Rockport texas was left without nearly 95% of their cell networking towers which left some counties with limited or no cellphone service (Knutson, 2017). Customers where unable to access the internet, send messages or make calls unless they had Wi-Fi capability through their servicing provider whether that had been from a cable or a wireline telecom company. Although most cellphone towers have backup batteries that can last nearly 8 hrs, outages were still probable due to the amount of flooding and whether not the equipment was blown off the towers. Overall, this network outage created numerous of problems for some of the largest branded companies within the cellular network community such as Sprint, T-Mobile, and AT&T, requiring their technicians to work harder than ever to retore the networks.
Network disaster plans are crucial in times of natural disasters becuase they are capable of causing significant dammage to production centers or even virtual infrastructures (Reed, 2019). Without networks in the mist of natural disasters, companies and organizations are unable to function and that could leave you and your network vulnerable to whatever threats they may present themselves. Things to include in your network disaster plan may be things such as having IT recovery teams in place, being able to assess potential risks and threats, test and update plans, having back up network cinfiguration files, or even constantly reconfiguring your networks infrastructure (2019).
Jessie Reed. (2019, March 5). A short guide to network disaster recovery planning. Official NAKIVO Blog. Retrieved December 6, 2021, from https://www.nakivo.com/blog/create-effective-network-disaster-recovery-plan/.
Knutson, R. (2017, August 27). Cell networks suffer outages in Harvey’s Wake. The Wall Street Journal. Retrieved December 6, 2021, from https://www.wsj.com/articles/cell-networks-suffer-outages-in-harveys-wake-1503792185.
-CHRISTOPHER