Network Access Control And Goals Of Nac Computer Science Essay

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Network Security is a process that ensure all the computers in a network are working finest and the users only have the rights that allowed to them . The approval of access to files and data within a network. Different passwords and usernames are allocated to each user which allows them to access to the files and information within the network. Network security is managed by the administrators of the network system.

A user can protect the machine by using software protectors. Mainly the use of software guards helps to keep a computer safe. When running a network there are various aspects which need to be considered.

Network access control is a method use to protect the network resources from unauthorized access and to execute it within the network system. Traditional network access server carry out operations of authorization and authentication.

Authentication is the method of influential whether an object, who or what it is stated to be. In private and public network systems authentication dine through the login in passwords. Through the password it helps to recognize that the user is authentic.

And the disadvantage of this system is that the password or usernames can be hacked by others and by mistake the password exposed.

Fire Walls

System which designed to avoid unauthorized access from an external network. Firewall is combination of both hardware and software that used to stop the unauthorized access from other private networks. Specially the intranets when messages entering or leaving and when it exceed through firewall then it checks the each message and block it if it affects the security system.

There different types of firewall methods:

Packet Filters - It check each information packet that enter and exit the network system and accept it if there aren't any threats and rejects it if there are any threats. And it will base on the user-defined policies.

Packet Filtering - this is effective to users but hard to configure.

Application Gateway: It applies security system to each application. This method is very effective but can inflict performance degradation.

Circuit-level gateway - It applies security methods when TCP connection is recognized. Once the connection has been recognized the data packets can move between the hosts without any further checking.

Proxy Server - Stop all the messages than enter and exit the network system.

Generations

First generation - Packet Filters

Second Generation - Application Layer

Third Generation - Stateful filters

Virus Protection

Virus detection software Programs which detect the intrusion of Viruses into a computer system. This type of software can be categorized into two types: software that is continually executed while a computer is running and software which is periodically executed to check for the presence of viruses.

There are four main virus detection programs: 

ACTIVITY MONITORS 

APPLICATION MONITORS

SCANNERS

 INTEGRITY CHECKERS.

Viruses are written for various reasons,

To prevent Hacking

To avoid copying software and files

Reprisal

Forged

Political and terrorist causes

Viable break

Competition.

Main motto of virus activity:

Expand right to use the system

Dishonesty unknown

pass around

Virus is activated by some event

Virus action

Accessing the Internet

There are huge amount of security issues that user will face when using the internet, because the internet is the vital network. Here all the aspects (NAC, User authentication, firewall, virus protection) of network security will play a major part at a higher level. All the users in the world use the internet therefore the security issues are higher.

Here are some areas to be considered

Protecting data form viruses

Limiting Internet exploration privileges of employees.

Preventing employees from visiting malicious sites in the Internet through deceptive hyperlinks.

To avoid security issues when accessing the internet the user must use antivirus software. Even though the user uses all of these protection methods there is a chance of being impure by a virus, because new viruses are developed to penetrate these safeguard barriers.

TASK - 02

SOLVE A PROBLEM IN A NETWORK WORKSTATION

The user (network manager) of this company currently facing a problem with the company network. The network manager reported a problem that he/she is unable to log on to email where he/she was the only one who was using the company network so its bit harder to identify whether this problem is solitary or common to entire network. And also the user is unable to print from his/her machine. To solve this problem it is better to trouble shoot the network system from the user's computer.

Trough structured trouble shooting methods it's a method that used to solve network problems in a certified approach. This approach helps to reduce cost and not time consuming. Its consist of 8 steps.

Verify the problem classification and the possibility

Collect data/information about the problem.

Reflect on the potential reasons

Work out a solution for the problem.

Apply the solution to the problem

Test the solution.

Record the solution in a document.

Work out protective procedures

The steps are shown in flow charts below.

Start

Verify the problem classification and the possibility

Collect data/information about the problem

Reflect on the potential reasons

Work out a solution for the problem.

Apply the solution to the problem

Test solution

Problem Solved

No

Yes

Record the solution in a document

Work out protective procedures

Stop

Verify the problem classification and the possibility

The problem is that the user cannot log in to the email through their company network and also the user is unable to print through her machine. This particular problem can affect the whole network or it can affect that particular machine.

Collect data/information about the problem

To get a better knowledge about the problem I need to get some information therefore I had a small conversation with user (network manager) where I asked some questions relative to the problem that the user has faced to identify whether this problem is odd or common to entire network.

Question

Answer

Any other problem with machine or the network?

No

Are you using company's internet mail server or other?

Company's internet mail server.

Are you using a printer that connected to entire network?

Yes

Have ever gone through this problem before?

No

Were you able to log on to email and take print outs before (yesterday)?

Yes

Did someone change/update the network system?

No

Reflect on the potential reasons

Failure in User's Machine hardware connections.

Destruction of cables and unfastened connection of cables.

NIC (Network Interface Card) break down.

Malfunction of Hardware device.

Failure in the computer's software.

Malfunction of Software programs.

Inaccurate network configurations.

Corruption of computer viruses.

Failure in the network

Destruction of cables and unfastened connection of cables.

Breakdown in Routers.

Corruption of computer viruses.

Work out a solution for the problem

Solutions for hardware failures in the user's machine.

Ensure that cables are implementing and the cable connections.

Ensure the NIC is implementing properly and the hardware devices are connected to necessary devices.

Solutions for software failure in the user's machine.

Ensure that all the necessary programs are installed to the machine and check whether it's working or not.

Ensure user's computer network configurations are acceptable and make sure that the machine free of viruses.

Solutions for network problems.

Ensure cables are functioning in the network and verify the cables connection=s in the network.

Make sure that the routers work properly and the computer is free of viruses.

Apply the solution to the problem

Implement solutions for hardware failures in the user's machine.

If cables are scratched/damaged then use new cables.

Confirm that cables are strongly connected and drivers are installed properly.

To check whether NIC is working or not use the ping command in the command prompt to check whether NIC is replying. If not check the NIC (Network Interface Card). Whether it's connected properly or not.

Implement solutions for software failure in the user's machine.

Install all the necessary programs and make sure network configurations are correct

Use antivirus software to protect the computer from virus attacks.

Implement solutions for network failures

Network problems should be solved when no users are not using the network.

If cables are scratched/damaged then use new cables.

Confirm that cables are strongly connected and drivers are installed properly.

To check whether NIC is working or not use the ping command in the command prompt to check whether NIC is replying. If not check the NIC (Network Interface Card). Whether it's connected properly or not.

Use antivirus software to protect the computer from virus attacks.

Still find any failures in the network system check the service provider whether there are any problems in the service provider.

Test the solution

After implementing the network test the network system whether problems are over or not.

Record the solution in a document

If there are not any problems in the testing then record all the information about the problem and the solution for it to use it in the future if required.

Work out protective procedures

Preventive measures for computer hardware failures.

Once a week check whether cables are working and check whether cables are connected strongly.

Check the NIC and ensure its plugged properly and it's working and update the hardware devices regularly.

Preventive measures for computer software failure.

Prevent any new changes to software programs and in the network configurations.

Update antivirus software regularly and run it regularly.

Preventive measures for network problems.

Once a week check whether cables are working and check whether cables are connected strongly.

Ensure the router gets continuous/constant power supply.

Install antivirus software and run it regularly and give a better knowledge to users about the virus threats and attacks.

TASK - 03

Firewall

Firewall is combination of both hardware and software that created to prohibit unauthorized access and allowing authorized users. And firewalls is designed to allow the network transmissions that based on rules and other

There different types of firewall methods:

Filters - It check each information packet that enter and exit the network system and accept it if there aren't any threats and rejects it if there are any threats. And it will base on the user-defined policies.

Packet Filtering - this is effective to users but hard to configure.

Application Gateway: It applies security system to each application. This method is very effective but can inflict performance degradation.

Circuit-level gateway - It applies security methods when TCP connection is recognized. Once the connection has been recognized the data packets can move between the hosts without any further checking.

Proxy Server - Stop all the messages than enter and exit the network system.

Firewall Products

Guardian Firewall (Net Guard)

Cyberoam (Elite core)

Cisco Secure PIX Firewall (Cisco Systems)

Guardian Firewall (Net Guard)

Combine the connection control functions:

A single gateway reduces the need for cascading gateways offering high security, bandwidth control and connection monitoring.

A single packet inspection: Net guard firewall checks all the packets at once for all security, bandwidth control, authentication and monitoring operations. This increase the throughput compared to programs and gateways and it increases network speed.

Cyberoam (Elitecore Technologies)

Cyberoam user identity-based with bandwidth management which avoids the bandwidth abuse and pipeline choking throughout the bandwidth control and it offers devoted and burstable bandwidth.

Cyberoam CR100i, CR250i, CR500i are gateway security applications which offer complete security to protect from different threats. And these solutions offer complete network protection with complete suite of security features.

Cisco Secure PIX Firewall (Cisco Systems)

Cisco System - Devoted firewall system which deliver strong security without crashing network performance. The Cisco PIX Firewall provides full protection that completely hides the structure of a network from outside the world. And it enforces secure access between internal network and an internet.

Recommended Product

Guardian Firewall

When comparing the features of different firewall products, Guardian firewall can be highly recommended for the above requirement. Guardian Firewall's ability to,

high security, bandwidth control, connection supervising

Net guard Firewall checks every packet at once for all security, bandwidth control, authentication and monitoring operations.

Increases network speed and it's an integrated strategy that contains some security rules.

TASK - 04

USER SECURITY POLICIES

Introduction

Security policies outline the rules, laws and practices for computer access. This verifies regulates how an organization will manage, protect and share its information and place the framework for the computer network oriented security of the organization.

The three areas can be defined as follows:

Accessing the WWW (World Wide Web)

E-mail usage

Instant Messaging and Chat Rooms

Accessing the WWW (World Wide Web)

Protection

User should use tricky usernames and passwords when accessing the internet and the user should keep his/her user name and password securely. (do not share among other users)

When you downloading files or software there will be some pop-up to add to download and its safety to ignore those pop-up adds.

User should not give his/her personal information to unauthorized websites

When accessing the internet the user must ensure that a firewall is active and in order to protect the computer from interloper attacks. And use appropriate antivirus software and update it regularly.

User should scan the files before he/she download it from the web and before opens the file. And they should only have the access to the websites that are authorized by the company.

Effects

Using tricky user names and passwords will make it hard for hackers to crumple the user name and password. Can prevent the misuse of user name and password by not sharing it.

By ignoring pop-up adds it will help to avoid cruel attacks.

Threats can be avoided to the company through without providing the personal information and details.

Firewall will prevent the unauthorized access; antivirus software will help to protect the computer from viruses.

Through scanning the file before its download or open we can prevent the virus attacks that are in those files.

E-Mail Usage

Protections

User should use well known and protected e-mail sources and should use strong user name and passwords. And they should not exchange their user name and password.

Don't open or check unidentified e-mails do not download unidentified attachments and unidentified spam (except you know the person) and Scan attachments before it download or open.

Don't add unknown contacts, block the unknown contacts and delete the messages received from unknown contacts.

Log out after working with e-mail

Effects

Using tricky user names and passwords will make it hard for hackers to crumple the user name and password. Can prevent the misuse of user name and password by not sharing it.

Threats can be avoided to the company through without providing the personal information and details.

Through scanning the file before its download or open we can prevent the virus attacks that are in those files.

Open the spam mail if it's identified as secured to open. And spam mail will be reduced by avoiding unidentified contacts. And by blocking unknown people it will help to keep mail box neat.

After using the email user should log off otherwise others can access to it and damage it.

Instant Messaging and Chat Rooms

Protection

Don't accept the messages from unidentified people don't add unknown contacts and block the unidentified contacts.

Clear out messages and other details when user finished with the work.

Don't join unidentified chat rooms; do not share the personal information, user name and password over the chat rooms.

Log- out when you are done

Use the instant messaging and chat room for official purposes not for unofficial purposes.

Effects

Refuse the unknown mails in order to reduce virus attacks. By refusing unidentified contacts user will not receive unwanted mails. And by blocking unknown contacts user will not receive any harmful messages.

By clearing the other messages it will easier to get newest messages and user can avoid virus threats by without joining unidentified chat rooms.

Threats can be avoided to the company through without providing the personal information and details. Can prevent the misuse of user name and password by not sharing it.

After using the email user should log off otherwise others can access to it and damage it.

TASK- 05

Introduction of IPSec

IPSec is a procedure set to protect the internet protocol communications by validating and encrypting each internet protocol packet of communication session. And it includes procedures for setting up mutual verification between agents at the opening of the session and corporation of cryptographic keys to be used during the session. Security architecture the IPSec suite is an open standard. IPSec uses different protocols to carry out various operations. Authentication Header (AH) Encapsulating Security Payload (ESP).

Security architecture

The IPSec suite is an open standard. IPSec uses the following protocols to perform various tasks

Internet Key Exchange (IKE and IKEv2)

Authentication Header (AH)

Encapsulating Security Payload (ESP)

Modes of operation

There two modes of operations that IPSec can implemented

In a host to host transport mode

In a network tunnel mode

Microsoft IPSec Diagnostic Tool

Microsoft IPSec Diagnostic tool helps the user with troubleshooting and network related breakdowns. It's appropriate on Windows XP, windows server2003, Vista and windows server 2008. And IPSec tool checks for the network failures in the host machine and if it recognized any errors or problem then it propose renovate commands. And it gathers IPSec information on the system and parses the IPSec records in order to reduce breakdowns that have occurred. It provides sketch collection for VPN, NAP client windows firewall, group policy updates, and wireless and system events. The analytical report produced by the tool of decisive is derived from the system logs gathered by the tool through its analysis stage. The logs are self adequate to identify any network related breakdown. And the logs will need to be shared with network administrators.

System Requirements

Supported Operating Systems:

Windows Server 2003 Service Pack 1

Windows Server 2003 Service Pack 2

Windows Server 2003 Service Pack 2 x64 Edition

Windows Server 2008

Windows Vista Business

Windows Vista Business 64-bit edition

Windows Vista Enterprise; Windows Vista Enterprise 64-bit edition

Windows Vista Ultimate

Windows XP 64-bit

Windows XP Home Edition

Windows XP Professional Edition

Windows XP Service Pack 1

Windows XP Service Pack 2

Screen shots

Configuration Screen

Select the configuration and then click 'NEXT' button to log in to next window.

Local mode screen before summary after setting Non IPSec parameters

Then select the all the Non IPsec parameters and then click 'Start Diagnose' in order to run the system.

Local mode screen after the diagnose started

Local mode screen with the summary

Finally user will get the summary after diagnostics completed and by 'Generate Report' user will be able to get a Report.

Final Report

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.