NETWORK MERGER AND SECURITYBrian Cerny

ECPI Cap480

Instructor: Heather Willis

OPENING

• The orientation: the task of the mission is to merge and secure the networks in the presentation, This is important because companies merge all the time and they bring there networks along with them. Security is the most important thing for a network with out it you are vulnerable and susceptible to attacks.

• Blue Corp. “We are driven by our vision and mission to transform the treatment of expensive epidemic diseases, including atrial fibrillation, heart failure, stroke, coronary artery disease, congenital heart defects, Parkinson’s disease and chronic pain”(St. Jude Medical, n.d.).Blue Corp “is uniquely positioned to achieve our goal by providing innovative solutions that reduce the economic burden of costly diseases on health care systems worldwide and provide improved outcomes for patients” (St. Jude Medical, n.d.)

• Cerny Corp. “is a leading distributor of electrical stimulation and other orthopedic products used for pain management, orthopedic rehabilitation, physical therapy, fitness and sport performance enhancement. We are committed to delivering positive patient outcomes and providing leading-edge products specifically designed to meet the needs of the patient and medical professional.”(EMPI, n.d.)

GOAL:INTEGRATE AND SECURE THE NETWORK MERGER OF CERN CORP. AND BLUE CORP.

•Cern Corp. is merging with Blue Corp. to fall in line and better the pain management program within Blue Corp.

•There will be many task to be completed for the merger, there is not only the need to merge the networks together but a need to secure and protect the network from attackers, and unauthorized access to the intra networks.

• There will be a creation of a DMZ( demilitarize zone) for email servers and such other services for clientele access.

•The presentation will be showing how the networks are laid out, how they will be transformed, and our different options for the security devices.

NETWORK GUIDE

• ISP( internet service provider): this is the company that links us to the internet. This will always be a cloud icon (Gibson, 2012, page 102);

• End users: this will always be the representation of all of the computers that we have on our intra network;

• Switch: This is the device that we connect all of the computers to get them connected to the internet, this allows for separation and multiple section to split up the departments (Gibson, 2012, page 62);

• Router: this is the device that transfers the communication between all of the devices on the network ( it routes the traffics like on a highway) (Gibson, 2012, page 62);

• Server: This is like a work station computer, but this is were we hold all of the records, this is a device that we have to protect the most because of the data we store.

(Cerny, 2015)

SECURITY GIUDE

• Firewall: “A firewall is a network security system, either hardware- or software-based, that controls incoming and outgoing network traffic based on a set of rules” (Rouse, n.d.).In other words it is a wall that has a guard who knows who is allowed in and who is not (Rouse, n.d.);

• NIPS (network intrusion prevention system): NIPS is a detection system that “is focused on detecting attacks and modifying access control list”, it is a hardware detection system that can act upon the detection of someone attacking the system (Gibson, 2012, p. 226);

• HIDS ( host based intrusion detection system): This is similar to the device above, the only difference is that it is software base system ( would be installed on PC or server), and that it can only monitor it cant act on an attack (Gibson, 2012, p. 226).

NETWORK MERGERWe will look at the networks and see how I will merger them together

BLUE CORP. CURRENT NETWORK

• multiple internal and external clients both propitiatory and public

• There are many types of data and systems on this network

• Right now, the only security that the network has is antivirus system and firewall that are installed on the network

• There is no physical security on the network and the server and the network definitely need to be protected

(Cerny, 2015)

CERN CORP. CURRENT NETWORK

• The network is the same as Blue Corps. there is only basic security on the network and that leaves the system extremely vulnerable to attack and viruses

• the network shares the same types of connections, the connections are at a smaller scale

(Cerny, 2015)

PROPOSED INTEGRATED NETWORK• The network has strong security and is simple to

manage

• 5 hardware firewalls, three NIPS sensors, and have HIDS on the two servers

• there will be an added server to the network to go into the DMZ

• The DMZ acts like a buffer between users outside of the network, and for people that use our email service/ It helps protect the network from unwanted access (Gibson, 2012, page 81)

• all of the workstations come with firewall and antivirus software, they will remain active

• There will also be encryption used on all of the workstation data, servers, router and switches

• The fallowing slides have each area separated, the DMZ, Blue Corp., and Cern Corp.

DMZ

Blue Corp.

Cern Corp.

(Cerny, 2015, Sanket, n.d,SecurEdge Networks, n.d.)

PROPOSED DMZ• we will have access for clients to our network email, website, and customer account area.

• The DMZ is a protection zone to keep people out of our intra network.

• This area is protected by two firewalls and a NIPS

• For the DMZ to work with out buying another router for the company we would use one from the Blue Corp. network, The network will not be affected by the change (Gibson, 2012, page 81);

• The NIPS is in a good place it will protect the firewall and be able to stop negative traffic before it hits the firewall

(Cerny, 2015, Sanket, n.d,SecurEdge Networks, n.d.)

PROPOSED BLUE CORP. SECTION

• two firewalls, NIPS and HIDS• A firewall controls the access to areas, this

being said I have placed the firewall directly in front of the server. This is allow me to configure who is allowed to access it and who can not. (Rouse, n.d.)

• The best place to put the NIPS is right in line with the first router connection. Again, this should be able to prevent an attack from going further in to the network

• The HIDS is going to be installed on the server, the program will be able to notify in the event that it is being attacked.

• The network also allows for trunking. trunking allows the network to keep the same number of mini networks but use less routers to perform the same task.

PROPOSED CERN CORP. SECTION

• Cern Corp. Section is similar in fashion as Blue Corp.

• This section will use all same means of protection.

EQUIPMENTThis next section is the different type of equipment we should use

FIREWALL(PART 1)• CISCO ASA 5585-X• This was chosen by two different source as the best

hardware firewall on the market, according to SC magazine, and Redmond magazine. (SC Magazine, n.d., Redmond Magazine, n.d.)

• “The Cisco ASA 5585-X combines a proven firewall with the a comprehensive IPS and a high performance VPN. The ASA 5585-X hardware delivers 8X performance density of competitive firewalls by supporting the highest VPN session counts, twice as many connections per second, and 4X the connection capacity of competitive firewalls”(SC Magazine, n.d.)

• This gives great control of your network, allows for high speed connection, and traffic in and out of the network.

(TigerDirect Business, n.d.)

(TigerDirect Business, n.d.)

( Sanket, n.d,)

FIREWALL(PART 2)• “It significantly reduces initial procurement costs by 80

percent, power consumption costs by 85 percent, and rack space requirements by 88 percent”(CISCO, n.d.)

• this is a huge deal when it comes to making up the cost for the equipment because it takes less to run the system and takes up less space, also if I was to get certified in cisco equipment we would also be able to get the equipment at a lower cost from CISCO.

• I am very comfortable and trust in the CISCO products, our routers are cisco as well they are the best in the business in my opinion.

• The equipment is worth the cost, they run between $13000 and $200,000 That is a big range but the type for the integrated network is 40,565 at Tiger direct, Tiger direct is a company I have bought from before and trust there equipment sales. (TigerDirect Business, n.d.)

(TigerDirect Business, n.d.)

(TigerDirect Business, n.d.)

NIPS( NETWORK INTRUSION PREVENTION SYSTEM)

PART 1 • According to SC magazine one of the top devices for security for network intrusion prevention system is the Sourcefire Next-Generation IPS (NGIPS) (SC Magazine, n.d.)

• “FirePOWER received top ranking in NSS Labs’ 2012 Security Value Map for IPS and in NSS Labs’ 2013 Security Value Map for NGFW which measures security effectiveness and TCO”(Sourcefire, n.d.)

• Sourcefire is a part of the Cisco corporation(Sourcefire, n.d.)• The device is call the firepower 8350, it is a part of the 8000

series(Sourcefire, n.d.)• The 7000 series would not be able to handle the amount of

traffic or network protection(Sourcefire, n.d.)• “Sourcefire is a world leader in intelligent cybersecurity

solutions. Our flagship family of intrusion detection and prevention systems (IDS/IPS) lies at the heart of our security solutions portfolio. We offer standalone Next-Generation IPS (NGIPS) solutions, the only Next-Generation Firewall solution with NGIPS built-in, as well as several complementary products to protect your network.” (Spiceworks, n.d.)

(Cisco, n.d.)

(Cisco, n.d.)

(,SecurEdge Networks, n.d.)

NIPS( NETWORK INTRUSION PREVENTION SYSTEM)

PART 2 • The 8350 Gives great security for the system, allows for up to 4 intrusion prevention connection to defend and protect the network(Ashlin technology solutions, n.d.).

• The device comes with either a one year or a three year support, updates for current attack, and service for the equipment(Ashlin technology solutions, n.d.).

• The best selection would be the whole system plus a 3 year service subscription for $124,684.69 through ashlin technology solutions (Ashlin technology solutions, n.d.).

• Keep in mind that this allows for 4 different network connections to protect and the integrated network only calls for three, this allows us to expand

(Cisco, n.d.)

(Cisco, n.d.)

HIDS(HOST BASED INTRUSION DETECTION SYSTEM)

• SC magazine covered only one software that is based for the computer as the top in its class "IBM Security Network IPS / Network Protection ” (SC Magazine, n.d.)

• The product that would be used is there Security Server Protection, this will work perfectly for the servers keeping them protected.

• “IBM® Security Server Protection offers multilayered protection against known and unknown threats. It protects servers running IBM AIX®, Linux, Solaris and Windows. IBM Security Server Protection enables compliance with host network security and system integrity monitoring and auditing capabilities” (IBM, n.d.)

• It would protect the system from threats, be able to detect and report attacks on the system

• The price is unknown at this time, There is still a wait on the quote request from IBM

CLOSING

FINAL THOUGHTS

• I fully believe that this layout is the best protection we can use. It gives us control of everything in the network and protects our assets. There is still a chance that we could get attacked but we wont be breached with out a fight.

• Since there was not budget given yet for this project I feel that even at the prices I have quoted we are still in a very good spot to add these new pieces of equipment.

• I am sure with all of the medical records that we control, I think this system will be above the HIPA standards. We also can assure our customers that their information is protect and secure.

• We also are giving ourselves a system that will give us more flexibility for what we can do with and for our customer in our DMZ area, while still protecting us

• Thank you for your time during this PowerPoint, feel free to ask me any questions.

• There was a lot that I cover in all of these slides, when you review this project please let me know if there is anything that I need to change or further explain to correct the errors.

REFERENCES• Ashlin technology solutions. (n.d.). Cisco FirePOWER 8350 Chassis 2U 7 Slots. Retrieved from

https://www.ashlintech.com/a/Miscellaneous_Cisco_Systems_Inc_FP8350-K9_Cisco_FirePOWER_8350_Chassis_2U_7_Slots_2038720599.htm#tabs

• Cerny, B.(2015) designed image through Cisco Packet Tracer

• Cisco. (n.d.). Cisco FirePOWER 8000 Series Appliances Data Sheet - Cisco. Retrieved from http://www.cisco.com/c/en/us/products/collateral/security/firepower-8000-series-appliances/datasheet-c78-732955.html

• CISCO.Retrieved from http://www.cisco.com/c/dam/en/us/products/security/firepower-8000-series-appliances/product-large.jpg

• EMPI. (n.d.). Orthopedic Braces, Orthopedic Rehabilitation Braces | Empi | DJO Global. Retrieved from http://www.djoglobal.com/our-brands/empi

• Gibson, D. (2012). SSCP systems security certified practitioner: Exam guide : all in one. New York: McGraw-Hill.

• IBM. (n.d.). IBM Security Server Protection. Retrieved from http://www-03.ibm.com/software/products/en/server-protection

REFERENCES• Redmond Magazine. (n.d.). 2013 Reader's Choice Awards: Third-Party Products Shine --

Redmondmag.com. Retrieved from http://redmondmag.com/articles/2013/02/01/readers-choice-awards.aspx

• Rouse, M. (n.d.). What is firewall? - Definition from WhatIs.com. Retrieved from http://searchsecurity.techtarget.com/definition/firewall

• Sanket, J. (n.d.). Intrusion Detection and Prevention Systems| Information Security | Sanket R Jain. Retrieved from http://sanketrjain.com/intrusion-detection-and-prevention-systems/

• SecurEdge Networks. (n.d.). SecurEdge Networks | What is a Next Generation Firewall? Retrieved from http://www.securedgenetworks.com/security-blog/What-is-a-Next-Generation-Firewall

• SC Magazine. (n.d.). 2013 SC Awards US Finalists: Round Four - SC Magazine. Retrieved from http://www.scmagazine.com/2013-sc-awards-us-finalists-round-four/article/270296/

• SC Magazine. (n.d.). Best Enterprise Firewall - SC Magazine. Retrieved from http://www.scmagazine.com/best-enterprise-firewall/article/196005/

• Sourcefire. (n.d.). Next Gen Network Security | Sourcefire. Retrieved from http://www.sourcefire.com/products/firepower-appliances

REFERENCES• Spiceworks. (n.d.). SourceFire Network Security Reviews, Price Quotes, Problems, Support | Reviews

| Spiceworks. Retrieved from http://community.spiceworks.com/product/50908-sourcefire-network-security

• St. Jude Medical. (n.d.). Vision and Mission | St. Jude Medical. Retrieved from http://www.sjm.com/corporate/about-us/mission

• TigerDirect Business. (n.d.). Enterprise Networking | Enterprise Networking Firewalls | Cisco ASA 5585-X Firewall Appliance | YYT1-10116238 - TigerDirect Business. Retrieved from http://biz.tigerdirect.com/p/networking-products/enterprise_networking/firewalls/cisco-asa-5585-x-firewall-appliance