Enterprise Security Assignment

Case Study Report

Security architecture design

for

Work Integrated Learning Program (WILP)

BITS Pilani

Student name:
Student number:
Assessor name:
Campus:
Date:

1|Page
Executive summary

Developing a high security architecture is not an easy task because several security threats

are always there in any system and network. One should take it as an iterative process in

which we regularly need to search for threats or vulnerabilities which may have negative

impact over network security. Security policies are one of an important method to ensure

security to some extent. Developing a security architecture and use it to identify issues

impacting security of a network is more beneficial approach. This helps in easy rectification

of possible security issues and threats to the network. This report will provide details about

the best suitable security architecture for a large college campus namely WILP BITS Pilani.

This security architecture will demonstrate our network design and implementation skills as

a secure network for a learning environment such as a college. Before we begin, we must

examine their current network design, security techniques in place, and future

requirements. We will use an iterative method to create a security architecture, followed by

a security framework (model), and then create a real-time productive version of the entire

system. The designed architecture is the result of a risk assessment procedure and a

thorough examination of their present design.

2|Page
Table of Contents

Executive summary...............................................................................................................................2
Introduction...........................................................................................................................................4
Analysis of business requirements........................................................................................................4
Risk assessment.....................................................................................................................................5
Use case diagram...................................................................................................................................7
Network security development model..................................................................................................7
Secure network development model....................................................................................................9
Recommended high security architecture...........................................................................................12
a. Architecture purpose...............................................................................................................12
b. Security service used...............................................................................................................12
c. Required network type............................................................................................................13
d. Assumptions made..................................................................................................................14
e. High security architecture........................................................................................................14
f. Best security practice...............................................................................................................17
Description of security architecture for each site................................................................................19
a. Security services......................................................................................................................19
b. Network services.....................................................................................................................21
c. Security of application system.................................................................................................22
Detailed design....................................................................................................................................23
a. Security devices.......................................................................................................................23
b. Networking devices.................................................................................................................24
c. Storage equipment..................................................................................................................25
d. Recommended management tool...........................................................................................25
Developed network security policies...................................................................................................26
Cost estimation....................................................................................................................................28
Conclusion...........................................................................................................................................29
References...........................................................................................................................................29

3|Page
Introduction

This report provides an in-depth detail about the analysis and development of security
architecture for WILP (work integrated learning program), a division of BITS Pilani. It is an
institute that offers high-quality education to industry experts. They are now experiencing
several challenges with their IT infrastructure and wish to totally overhaul IT security. Their
current IT system supports a headquarters, three regional offices, and seven regional
campuses. The WILP is concerned about the security of all of these sites. Compliances,
security policies, privacy laws, cyber security and assaults from external and internal
sources, data or storage secrecy, and system security are top priorities for them (both
logically and physically). As a result, in this article, we will look for the finest high-level
security design for all of their office sites, including the headquarters, regional offices, and
regional campuses. However, before developing an architecture, we must do some risk
assessments that will assist us in overcoming the highlighted challenges. A network security
design is used to analyse hazards and create security architecture. In addition, when
preparing for this proposed security development, Cisco's design, development, and
deployment best practises are followed. This article presents prepared architecture for each
office type, together with a thorough discussion of the design, security procedures and
technology employed. A cost estimate for this development is provided in this report.

Analysis of business requirements

The institution is now working on its old network design, which is growing antiquated and
causing several problems. Several security problems, compliance, privacy regulations, cyber-
attacks, confidentiality, and the protection of student records and college data are among
these challenges. To address these challenges, they decided to create a new security
network architecture for all of its operations. This security architecture will be high-level,
providing them with a high level of protection by implementing high-level security. One of
the primary issues is cost, which should be reduced, but they do not want to compromise on
security and do not want the network to be vulnerable.

4|Page
Risk assessment

When we looking to secure a network, several risks are always there which may positively or
negatively impact the security of the network. For the provided business case study, their
current network architecture is become older and it is not enough capable to safeguard the
new security requirements. There are also several more hazards associated with internal or
external threats, data security threats, cyber-attack risk, virus infection risk, and so on. We
can analyse the needed environment and deliver a high degree of protection to them using
the risk assessment technique. To accomplish so, we must examine the dangers connected
with their network and the security measures required to protect the environment. Some
identified risks in the current network are described here –

 Cyber-attacks – This form of assault can cause a website to crash, a server or system to
fail, and the organisation to suffer losses. During this period, cybercriminals may
launch attacks on network-connected devices. After a successful attack on the target
system, they will transform their presence into a bot and remain on the system for an
extended period of time. In this case, the attacker can utilise the system as an
attacking bot, sending a large volume of traffic and requests to the servers.

 Risk of malware – These are malicious software apps that are used to collect data from
a specific user or machine. When the assault is successful, the attacker can collect user
information and launch more dangerous attacks such as blackmail, data damage, data
theft, and so on. Malware comes in numerous forms, including rootkits, worms,
spyware, and trojans. All of them have various effects on a system.

 Data protection – Data is increasingly important to everyone, and many assaults

nowadays target data resources. This strategy is highly helpful for them when they
prevent access to data and demand money to release it, such as in a ransomware
assault. If effective access control and authentication are not established, data is
potentially vulnerable to internal theft. Anyone with access to secret or sensitive
material can expose it for a fee.

 Phishing attack – Phishing is a popular sort of fraud used by many hackers today. They
retain trust with the intended victim and attempt to acquire access to their
confidential information for future exploitation or disclosure. After collecting some

5|Page
 vital personal information, such as an email address, they will send a malicious email
that appears to be from a recognised person. Their system will be compromised if
they open the email.

 Rogue software security – These are bogus applications that deceive us into thinking
our IT architecture is under assault or is down due to a virus. It gives several warning
signals as well as suggested solutions to the problem. When such software infects a
machine, it pushes the victim to install non-existent software and pay for it. These
software programmes might also ruin the security solution that we have put on our
machine.

To keep protected the organisation’s assets from the above discussed security risks, here
are some recommended preventive measures –

The suggested secure architectural implementation for the new upgraded network would
keep firewalls at each network entry point. Such firewalls will be both hardware and
software in nature. The installation of a firewall on every network gateway will make it
simpler to authenticate users and will prohibit any illegal access to this upgraded network.
These firewalls will enforce particular access restrictions, and any breach of those rules will
be easily notified. The administrator can take the necessary procedures to ensure security
against any conceivable assaults from internal or external sources. The action description
will also be available with the establishment of a firewall on each network gateway.

All open ports on the deployed large-scale network will be recognised, allowing any
potential external assault to be neutralised. Open network ports are the most typically
utilised by attackers to launch attacks on any network. The discovered open ports will be
blocked, and the possibility of a cyber-attack will be reduced. Every system or device linked
to the planned network will have the antivirus installed. The implemented antivirus will
detect any viruses that may attempt to assault the suggested network.

Malware detection also will take place in the planned network. The identification of email-
based malware will provide security for all workplaces against any ransomware assault. The
upgraded network will include several filters that will be utilised to screen the operations
and incoming traffic towards this network. If any suspected activity is discovered in the
filtered network, network services can prohibit it from entering the proposed network.

6|Page
Use case diagram

A use case diagram is prepared for this project which shows the communication between
the WILP users and server. Here it is –

Figure: Use case diagram of communication between users and server

As seen in the use case picture above, it represents a common communication between the
WILP user and the server. This use case diagram is part of the overall process in which the
user interacts with the server to access stored data, learning resources, authenticate, and
login. The server here responds to the user by granting or refusing his/her requests and
access to resources, as well as responding to email and authenticating a user depending on
the access provided.

Network security development model

Many security frameworks have been built throughout the years. The bulk of these,
however, have been applied to security policies or threat and risk models. In terms of a
framework to view a network security architecture and the fundamental services it should

7|Page
provide, the classes listed below are the best framework suited to the WILP. Cisco Systems
invented the method in the middle of the last decade which have six basic functionalities.
These functions are discussed here (Kirkham, 2015) –

 Separation and isolation – The concepts of Isolation and Separation ensure that the
consequences of a disruption or event inside one section of a system is limited to
that area of the overall system. Isolation permits disturbances or occurrences inside
one part of the overall system to have little impact on other users, services, or sub-
systems. This idea allows you to split a network into security zones in order to
regulate access across network areas or system portions and therefore restrict the
reach of assaults. Compartmentalisation is an extension of this concept in which an
entire system is separated into many compartments. We can deploy VLAN, secure
tunnel (VPN), security zone, virtual routers, and other security measures to obtain a
high degree of security.

 Policy enforcement – You may utilise Policy Enforcement to enforce appropriate

behaviour among linked systems, users, IP networks, applications, subnets, or
endpoints. In a network security setup, Access Control Lists (ACLs), firewall rules,
application control, and file blocking policies are all examples of Policy Enforcement.
Policy enforcement can be static, in which a control is applied continuously, or
dynamic, in which a control is imposed to specifically minimise some specific
occurrence or security concern.

 Identity and trust – The concept of Identity and Trust describes a system's ability to
identify entities accessing a certain resource and decide a trust degree or state of
trust. The identification, and hence the level of trust, can be established through the
examination of credentials or in other methods. Identity and trust systems include
username and password credentials, multi-factor authentication, digital
certificates, and trustworthy IP addresses or ranges. It may also include 802.1x
authentication, network access control (NAC), and other end-point posture
assessment features.

 Better instrumentation and visibility – It are quite beneficial to have greater insight
into network security. It enables us to better monitor user and network behaviour,
network use, traffic, and any questionable network activity discovered.

8|Page
  Implementation of resiliency – Resilience refers to an architecture's ability to
withstand, respond to, and/or recover from unfavourable, uncontrolled, or
unexpected circumstances. Acceptable performance, high-availability device pairs or
clusters, and redundant profiles are all factors to consider for resilience.

 Correlation among the resources – Through the interpretation and transmission,

analysis, and classification of instrumentation and visibility data, a correlation
function translates seemingly unrelated occurrences, changes, or traffic patterns into
usable operational information. The foundation for recognising and responding to
events is provided by event correlation, which is critical in security operations.

Secure network development model

When discussing a real-time network and its security, there may be several vulnerabilities
present. So many threats and vulnerabilities are regularly identified, making the network
vulnerable. Security implementation will necessitate ongoing assistance and the use of
security solutions to protect assets. Adopting a network security model, such as the refined
network security model, would assist us in overcoming such security issues and easily
managing security. This security model includes nine phases that will assist us in creating an
appropriate architecture.

Here are the steps in detail (Yang & Nguyen, 2006) –

 Service identification – All services delivered to users and others will be recognised
at this level. Access to the internet, DMZ, FTP, user data, study materials, videos
(online classes), wireless network access, DNS/DHCP service, VPN service, remote
access, and other security setups are examples of these services.

 Assets identification – all the assets can be categorised in four categories, as network
assets include – networking devices, servers, and related services, workstations
assets include – all the servers and systems used, data assets include – all types of
data, and other resources include – internet, coverage, IP address scheme, etc.

9|Page
 Threat assessment – This stage offers information on all external and internal
network and asset risks discovered in the previous stage. Unauthorized access to
networks, devices, servers, data, information manipulation, service alteration, DDoS,
and other IT assets are among the most prevalent risks.

 Assets and service relationship – We create a link between the services and assets
based on the identified assets and threats. This relationship will assist us in
understanding the need for safety, security, and support in order to keep the service
functioning. Consider a server that requires tight security, stringent authentication,
and services that should be located in the DMZ.

 Risk assessment – It is rated based on the relationship assessed for a specified

service. All assets are graded based on their associated risk and needed level of
security, which includes integrity, availability, confidentiality, non-repudiation, and
service originality. All network assets are graded in the same manner. This stage
assists us in determining the necessary security measures as well as how and where
to execute them.

 Preparing network security architecture – Once all of the security policies are in
place, we can move on to designing the network security for WILP (complete design
and details are discussed in further section of this paper). According to this
framework, we must go through the following design phases:

o Created policies are turned into a series of tasks.

o An appropriate network device or component is selected to carry out that

duty.

o Connect the new device to the network and test its compatibility

o Assessed security will be prioritised during the installation of configuration and

security devices such as firewalls, IIPS/IDS, VPNs, NAT services, and so on.
Servers are put in the DMZ zone and are accessible from the outside network.

o Servers needed to administer network resources, such as a domain controller,

DNS, DHCP, database, and backup domain controller, will be deployed.

10 | P a g e
 o An access control policy is set up to restrict access to network or server
resources. In the network, an access control server (Cisco's access controller) is
deployed to allow extensible authentication protocols and enable encryption
when interacting and accessing data.

o The VPN service is set up for remote access, and authentication is enabled.

o The WAP standard is used to configure authentication for wireless network

access.

 Implementation of security architecture – At this stage, it is time to execute the

security rules and architectural design that have been developed. This phase
includes numerous duties such as wiring, device installation, connecting, configuring,
and testing. There could be several issues while configuring a security policy. These
issues include placement of firewalls, placement of data servers, create allowing and
blocking rules on firewall.

 Audit and update – The proposed security architecture will be reviewed and
amended on a regular basis for improvements, particularly when a security breach in
the network is discovered. When all of the network's devices, servers, and other
services are setup, certain new security requirements may be recognised,
necessitating more effort. For example, we might set up a certificate server that
supports PKI and digital certificates for encryption and decryption. The certificate is
utilised on the access control server, the IIS service, the SSL service, and the
encrypted connection between the server and the client. As a result, we must
examine the security architecture and incorporate a new feature. Certificate and key
encryption (PKI) are only two examples; we may also add more network services
such as an extra domain controller, certificate authority, enhanced access control
capabilities, firewall rules, and so on.

Finally, creating a security architecture is a time-consuming and complicated undertaking.

However, the redesigned security architecture framework will assist us in easing this
challenge and securing the network. The architecture's stated procedures will assist us in
assessing and analysing security needs and developing a resilient network security
architecture for the WILP.

11 | P a g e
Recommended high security architecture

a. Architecture purpose

This report is based on a study of the requirements of the WILP, a division of BITS Pilani. The
primary goal of this security architecture is to give a high degree of protection to their new
WILP campus while also eliminating compliance, law, data security, and cyber security risks.
A high-level security architecture is created utilising a common security architecture to suit
this need.

b. Security service used

There have been several security frameworks established throughout the years to aid in the
design and implementation of security architectures. The network was designed using an
improved security architecture, discussed in the previous section of this report. To meet a
desired level of security, a total of six security services used in this architecture. These are
discussed here (Kirkham, 2015) –

- Identification and trust – It provide the capacity to identify and trust a resource. To
validate a user's identification, a AAA service is set to inquire for the user's identity
and verify it using the credentials given. A username and password, digital
certificate, multi-factor authentication, network access control, and authentication
protocols are offered to users to confirm their identity.

- Cor-relation – A correlation function converts seemingly unconnected encounters,

changes, or traffic patterns into valuable operational information by interpreting and
transmitting, analysing, and classifying instrumentation and visibility data. Event
correlation, which is crucial in security operations, provides the framework for
recognising and responding to occurrences.

- Instrumentation and visibility – Visibility is the fundamental ability to monitor the

network's activities and utilisation, including its resources, related devices, users, IP
traffic, applications, and any quickly noticed security problems.

12 | P a g e
 - Resiliency – The capacity of an architecture to resist, adapt to, or recover from
unfavourable, unmanageable, or unexpected events is referred to as resilience.
Resilience requires elements like as redundancy, high-availability device pairs or
clusters, and acceptable performance profiles.

- Security policies – Security rules are critical in offering the ability to enforce allow or
deny behaviour for all connected systems and devices. Security policies in this
context include ACL, user access control, firewall rules, and allow and blocking
policies. These policies will be either static or dynamic in nature. Static policies apply
control on an ongoing basis, but dynamic policies can be altered or updated as
needed.

- Network isolation, separation, and compartmentalisation – These strategies will

assist us in ensuring that the impacts of a security event or any interruption are low
and manageable from a security standpoint. Isolation allows issues within one
portion of a system to be controlled while having little influence on others. To
mitigate the damage, we used zoning, access restriction, and subnets.
Compartmentalisation is an extension of this concept in which an entire system is
separated into many compartments. If just one compartment is breached, the
breach can be limited to that compartment. Isolation constructs in a network
security environment include VLANs, Virtual Routers, tunnelling mechanisms, and
Security Zones.

c. Required network type

As per the provided case study of college, all of their fundamental needs are examined to
aid in the development of a security architecture. Some points have been created based on
the needs analysis to assist us in constructing the necessary network, are here –

- The network must adhere to all applicable compliances and security rules.

- Privacy and legislation must be followed as necessary.

- Security methods such as firewalls, IPS/IDS, and other devices must be configured.

- Data confidentiality and secrecy are also major concerns to be addressed.

13 | P a g e
 - Security, access control, users, and admin level authentication will be configured.

- A new network design for all four offices will be developed and configured to meet a
high level of security.

d. Assumptions made

Some assumptions are made while designing the high-level security architecture design,
which include -

- An appropriate timeline for preparing and installing the security architecture design
is created.

- Standard devices are acquired and employed to reduce the cost of this implantation
while meeting higher security standards.

- Firewall rules are being developed to enable and prevent access to the internet and
user segments on the internal network.

- WILP is preparing to adopt a variety of security policies.

- A variety of cyber security risks are discovered and preventative measures are put in
place

- All current network threats are examined and respected protection is put in place

- The redefined security architecture is employed to assist this development

e. High security architecture

Here is the prepares high level security architecture for WILP –

- Architecture of head office –

14 | P a g e
 Figure: High security architecture for head office

- Architecture of regional office –

Figure: High security architecture for regional office

15 | P a g e
- Architecture of regional campus –

Figure: High security architecture for regional campus

- Complete architecture of WILP –

Figure: High security architecture of WILP

16 | P a g e
 f. Best security practice

There are several dangers and weaknesses in a network that must be considered while
creating a security architecture for the college. Threat actors are opportunistic, according to
the 2021 security assessment. They will alter their strategy when the trend shifts. As a
result, we must adhere to some security best practises, which are also outlined in the
developed security architecture for WILP, in order to strengthen cyber security and guard
against known threats and vulnerabilities (Malviya, 2021) (Chkadmin, 2022).

- Network segmentation – A network is segmented when it is divided into trustable

zones or tiny networks. Each zone is segregated from the others in order to ensure
security. This method also reduces the chance of infiltration and has an influence on
the entire network.

- Network auditing – It is preferable to audit the network as a first step. This will assist
us in identifying network weaknesses. Any security risk in the network, underused
apps, undesirable open ports, malicious traffic detection, and the need for any
security implementation may all be detected.

- Network and device security – These devices are in charge of network security and
service protection. A firewall, often known as a web application firewall, can be used
to protect against web-based assaults and secure data. To maintain the
organization's optimum security and monitor traffic, additional systems such as
intrusion detection and prevention (IDS/IPS) systems, security information and event
management (SIEM) systems, and data loss prevention software should be used.

- Authorization and authentication – This strategy ensures that only authenticated

users have access to the secured resources and that no unauthorised users have
access to them. This may be accomplished in a variety of ways, including AAA
service, login and password, access control through ACL, and many more.

- Disabling open ports – There might be several ports open on the firewall, server, or
any other device, resulting in a vulnerability. This may be detected by auditing the
network and immediately closed or disabled to ensure security.

17 | P a g e
 - Install malware and antivirus applications – It is suggested that all systems be
installed with a bought antivirus solution. This application is always updated and up
to date. It is also necessary to ensure that the programme is bug-free and that the
most recent security updates are deployed.

- Security of networking devices – Simply hitting the reset button on the network
router might result in a security breach or disaster. As a result, it is necessary to think
about moving routers to a more secure location, such as a locked room or closet. In
addition, video surveillance and CCTV can be installed in the server or network room.
Furthermore, the router should be configured to change default passwords and
network names, which attackers might readily find online.

- Security maintenance – It is critical to maintain the security system placed at the

WILP on a regular basis. This includes frequent backups, software updates, password
changes on a schedule, and adhering to security regulations.

- Use of private IP addresses – To prevent unauthorised users or devices from

accessing crucial network devices and servers, private IP addresses should be
assigned. This strategy allows the IT administrator to easily monitor any
unauthorised attempts by persons or devices to connect to your network for any
suspicious behaviour.

- Follow a security culture – This involves educating and training workers on the
significance of network security so that they understand the ramifications of a lack of
network security, how they may help protect company networks, and other security
problems.

Description of security architecture for each site

a. Security services

We look for and pick many security services to implement in the network to fulfil the WILP
security standards. Some of the most important security services are described below
(Kirkham, 2015) –

18 | P a g e
 Log capturing – Logging is one of the most fundamental forms of security. Logs are
generated by IPS, firewalls, routers, switches, VPN, applications, databases, access
control, and a variety of other services and devices. These logs will assist us in
keeping track of an activity. A substantial volume of log information offers enough
information about a harmful occurrence. There are several technologies available to
assist us in collecting and analysing logs in order to identify suspicious activities.

 Firewall – It is a critical security device that every network should have. There are
several types of firewalls that can gather high-speed connection logs and are either
software or hardware based. A firewall can be used to determine who is linked to
whom. Increasing the load on a firewall may reduce its performance but, to some
extent, maintain security.

 Secure DNS – Because practically all malware utilises DNS to locate C&C server
destination addresses, DNS may be one of the most important sources of security
visibility within the organisation. While fixed C&C IP addresses are utilised in some
circumstances, this is often not a viable method because these C&C servers are
routinely shut down, and a more reliable mechanism is required to guarantee the
virus continues to work. Monitoring recursive DNS requests, in particular, gives
critical information. Furthermore, any odd changes in DNS activity, such as a sudden
or unexpected increase in query rate, might indicate that botted inside hosts have
launched an outside DDoS attack.

 Monitoring of network traffic – Capturing network packets and scanning them for
suspicious behaviour would be extremely beneficial in guaranteeing security. It can
be used to record harmful events or malware from a security aspect, usually after an
IPS has been engaged on some event. Packet capture may be done with network-
based tools like Wireshark or host-based ones like TCPDUMP.

 Secure applications – In terms of visibility, the ability to identify traffic on an

application level is really useful. There are several applications that are ideal for
business usage, many that have no place in a company context, and some that were
purposely created for criminal objectives, such as tunnelling beneath exterior
security measures. As earlier said, many applications nowadays are designed simply

19 | P a g e
 to execute bad actions. Other applications provide a considerable risk of virus
transmission or data loss. Transparency of application traffic provides information
about network activities and the hazards connected with them.

 IDS/IPS devices – Intrusion Prevention Systems (IPS) have essentially taken the place
of Intrusion Detection Systems (IDS) (IDS). It is useful to evaluate these systems in
terms of visibility from an architectural approach. IDS/IPS technology is designed to
detect and, in the case of IPS, prevent efforts at exploitation and misuse. If someone
is attempting to abuse a computer system on your network, you must be aware. If
such behaviour does in fact violate the system, you must be aware of it and take
appropriate action. Whether the effort was successful or not, IDS/IPS provides
critical visibility.

 Security policies – As we covered in the previous portion of this paper, there exist
several security rules. To perform the function between security zones, a firewall and
an intrusion prevention system (IPS) would frequently be utilised, resulting in a
compartmentalised design. On that basis, it is important to understand the
fundamental functions of both a firewall and an intrusion prevention system. In
recent years, several vendors have delivered 'Next Generation' technology to the
market, which increases the fundamental capabilities. The whole 'Next Generation'
issue is significant and requires significantly more consideration than what is
provided below.

 TLS and SSL service – The majority of network communication is encrypted using TLS
or SSL protocols. Because it is utilised by so many systems today, malwares exploit it
to make it comply with the new security standard and break in. The visibility of the
traffic contained within these tunnels is becoming an increasingly important aspect
in a security architecture.

b. Network services

The purpose of network security architecture is to provide a conceptual design of network

security infrastructure, security features, and security rules and processes. The security

20 | P a g e
architecture connects the security infrastructure components to form a coherent whole.
This united unit's objective is to protect company information. To construct the security
architecture, the network design and IT security teams should work together. It is often
integrated into the existing enterprise network and is dependent on the network
infrastructure's IT services. Before segmenting the network into modules with clearly
defined trust levels, the access and security requirements of each IT service should be
specified. Each module may be handled separately and assigned its own security model. The
goal is to have many levels of security in place so that intruder's access is limited to a tiny
section of the network. The layered security architecture, like a ship's bulkhead design,
lowers the impact of a security compromise on the overall network's health. In addition, the
design should find common security services that will be utilized across the network. The
security architecture modelling hierarchy consists of three levels: planner, owner, and
designer. For increased protection, a builder level layer can be implemented. They present
the consumer perspective of the system's end user, the system's "owner or contracting
entity's side, and the designer's or systems engineer's viewpoint. In other words, there are
three main aspects: as built and used in daily operations, as wanted, and as truly defined.
The highest level, the Planner View, defines the people, subsystems, and requirements
impacted by the system by establishing a clear and coordinated system boundary (Ramadan
& Hefnawi, 2007). The firm and organisational links, as well as their external interfaces, are
depicted in the Owner's Perspective. It also keeps track of the origins of system
requirements, such as those gained from earlier systems. The Designer's View establishes
and explains the security architectural design and forms the basis for system measurement.
Finally, the Builder's View goes into depth on the design and methods for monitoring and
adjusting system performance.

c. Security of application system

Security policies will be critical in securing an application and related services. The security
policy must be widely applied to apps. It has always been utilised to protect the network's
resources. Because applications are resources, there is more danger and a higher need to
adequately protect them at this level. When these programmes are installed and utilised by

21 | P a g e
WILP users, we must assure their security. Here are several security components that may
be used to assist safeguard applications (Simhadr, 2002):

- Confidentiality and integrity – The component of modifications during data transfer

that ensures data is not changed is known as integrity. An application's integrity
warns the recipient if data is altered by unauthorised users during storage or
transmission. Several hash approaches, such as SHA-1 or MD5, can offer the integrity
component. The property of not making information public or releasing it to
unauthorised individuals, organisations, or procedures is described as confidentiality.
Confidentiality keeps the information secret from everyone except those who have
been authorised access to it. Many cryptographic algorithms might be used to
achieve the secrecy component. The art or science of converting an intelligible
communication into an incomprehensible message and then transforming that
message back to its original form is known as cryptography.

- Authorization and authentication – When seeking to access apps, authentication is

used to confirm a user's validity. Depending on the risk associated with the
application, several levels of authentication may be used to protect it. Risk concerns
may include data sensitivity, application functioning, application design, and
userbase. Username, password, and a verification ID such as a smartcard, badge, or
biometric are the three key criteria necessary for user authentication. The cost of
implementing this solution may vary depending on the amount and kind of
authentication employed. While authorization is a component of access control in
which an authenticated user validates whether or not to grant or prohibit access to a
resource. Data/control may be transmitted across processes on various systems after
a person has been authenticated and authorised to perform a business function
(transaction).

- Non-repudiation – The component of non-repudiation, confirms the existence of the

communication. Non-repudiation with proof of origin provides evidence that
confirms the origin of the data to the receiver, safeguarding the recipient from the
originator's attempt to falsely deny sending the data. Non-repudiation with proof of
receipt gives evidence to the data originator demonstrating that the data was
received as addressed, safeguarding the originator against a recipient's attempt to

22 | P a g e
 falsely deny receiving the data. The goal of a nonrepudiation component is to collect,
maintain, and make available irrefutable evidence.

- Security audit – Auditing is another security feature that must be included in the
application. Because no application is ever completely protected from attack,
auditing must be in place to provide the data needed for incident response. Over the
life of the programme, the auditing feature should provide a trail of who did what
and when.

Detailed design

a. Security devices

Here are the details of security equipment used in this architecture for the head office and
all other campus locations (DOE, 2007) –

- Policies and procedures – All of the policies and processes specified in the preceding
section are utilised to keep the WILP secure. These policies will be reviewed on a
regular basis to ensure that they are up to current. The administrator is in charge of
recording everything connected to authentication and identifying a legitimate user to
access a service. These policies also aid in the management of the WILP's information
system.

- Data encryption – Aside from authentication, data encryption is used as a security

component in the network, particularly on the database server. All authentication-
required information systems must ensure that the user credentials are encrypted
with FIPS 140-2 certified cryptographic units.

- Management of authentication – The authenticator service manages user

authentication and service access. Authentication mechanisms include security
tokens, PKI, biometrics, usernames and passwords, and key cards.

23 | P a g e
 b. Networking devices

Here is the detail of all the used networking devices in this architecture –

 Switch – In this arrangement, we utilise a Cisco 3560 CX catalyst switch. This switch
series is the most recent, small, and supports a wide range of modern technologies.
It offers multi gigabit ethernet connectivity, wireless local area network functions are
improved, and power over ethernet (PoE) characteristics are available. These are
relatively compact in size but can support a greater data rate of up to 10 Gbps and
high-speed wireless protocols such as 802.11ac with wave 2 in conjunction with an
ethernet connection. Other advantages include support for up to 12 Gbps ethernet
packet forwarding data rate with multi gigabit connection, SFP uplinks, use of either
a DC or an AC adapter for powering, instant access modes, layer two and layer three
IP base support with upgraded IP service, and the absence of fans that operate
quietly.

 Router – In this design, we utilise Cisco's 4321 integrated circuit router (ISR). Each of
the three locations has two 4321 routers. It is a little gadget with a lot of features
and capabilities. With its 8 GB RAM and 8 GB flash memory, it can give a throughput
speed of 50 Mbps to 100 Mbps. This series supports WAN access to various sources
and has intelligence network features built in for quick convergence. It provides
upgraded MPLS technology to facilitate cloud deployment approaches. It facilitates
VPN connections as well as numerous important IT services. The 4321 series routers
include modular network interfaces that provide improved load balancing, network
resilience, and online insertion and removal of interfaces, which assists network
administrators with fast network upgrades.

 Cable – Cables are an essential component of an ethernet network since they

connect different hosts on the network. To connect to various sorts of equipment,
cables such as twisted pair, straight through, and cross cable are employed. In this
network design, we employ CAT 6a twisted pair wires. These are the most recent
gigabit ethernet cables, where a stands for enhanced. This connection doubles the
data transmission rate, which is between 250 and 500 MHz, reducing the possibility
of nosiness and providing better throughput speed with dependability. The
maximum cable length supported by CAT 6a to enable the committed data rate of 10

24 | P a g e
 Gbps is 100 metres. It connects end devices with the older RJ 45 connections. With
the qualities mentioned above, its pricing is not as expensive as that of standard
category cables.

 Firewall – A firewall is a common security mechanism found in small to big networks.

It can be software or hardware-based, and it can monitor data packets as they enter
or exit the network in real time. The firewall operates on pre-defined firewall rules
that are specified by the network administrator depending on the network's access
control requirements. It permits, drops, or rejects the defined network traffic based
on the firewall settings. In this network setup, we utilise Cisco's ASA 5585 X firewall.
These are the cutting-edge firewalls that provide a plethora of new security features.
It may function as a stateful inspection firewall on both layers two and three of the
OSI model. It can provide access control, regulatory and compliance regulations,
network address translation, and can secure sensitive data centre resources. These
firewalls enable an eight-time faster data rate, double the speed of other
connections, a quicker connection for virtual private network (VPN), and increased
connection capacity as compared to other firewalls.

c. Storage equipment

Storage servers are used to store data. These servers run Windows Data Centre Server
Edition 2020 and are set up for daily, weekly, and monthly backups. Backups are saved on
tape drives in the server room, which are physically secure.

d. Recommended management tool

Management tools are used to monitor networks and provide a complete picture of the
network's linked devices. These tools will assist a network administrator in detecting faults,
connection failure issues, component logs, device logs, network traffic monitoring, and a
variety of other tasks. The network management tool PRTG is used to monitor this network
design. This utility is capable of network maintenance, monitoring, and provisioning. It will
also aid in the monitoring of network bandwidth, software and hardware health,
performance, and availability. This application provides a wide range of monitoring options,

25 | P a g e
including bandwidth monitoring, Syslog monitoring, network monitoring, use tracking,
storage monitoring, AWS monitoring, and many more (Paessler, 2022).

Developed network security policies

Policies aid in the formation of a framework to safeguard all of the identified assets
indicated in steps 1 and 2 against the threats identified in step 3 of this framework.
According to RFC-2196, there are nine fundamental aspects of a strong security policy, and
we will design all nine policies for the college using this framework. Here are the complete
details about policies developed –

 General access policy – All users do not have access to all assets. Policies governing
access control govern it. So, unless a user is refused access to a resource, access is
denied. Data of any kind is not available to certain groups, and no one else is allowed
to access it. Only the administrator or IT personnel may change access permissions,
increase or decrease user rights. Connections to the college network are always
secured by a security protocol, and users must verify their device before connecting
to the network, either locally or remotely over VPN. After verifying oneself, it is the
user's entire obligation to secure their devices so that they are not utilised by an
unauthorised individual.

 Internet access policy – There are two sorts of user access in this network: when a
user accesses the network to access internal resources, and when a user attempts to
access internet resources. Type one access is always open to all users to help them
with their studies. While the second type of access is regulated by a VPN service,
when a user attempts to access the internet, they must connect to a VPN tunnel for
both incoming (remote to local) and outgoing (local to distant) connection requests.

 Encryption policy – All external connections from a distant network or the internet
must be encrypted. To increase security, asymmetric, symmetric, or both forms of
encryption are permitted.

26 | P a g e
 Server access policy – Some servers in the network are publicly accessible, while
others are only available via a private network. The server with public access can be
accessed from the outside world exclusively for research and educational purposes.
However, access to private servers from the outside world is tightly prohibited.
These servers can only be accessed by authorised users or administrators.

 System and device maintenance policy – All network devices and services configured
there are managed by certain lab managers and network administrators. Every user
who wants to connect to a distant network must authenticate themselves, and all
communication between them must be secured. Any connectivity problems should
be addressed to the lab manager and administrators.

 Service availability policy – Except for maintenance or troubleshooting periods such

as installing new devices, upgrading, updating, security setups, and so on, the
network should be available at all times. One of the most important tasks in ensuring
security is availability.

 Authentication policy – Authentication is necessary to access all network resources,

and users must authenticate themselves for logging, accounting, and auditing
purposes. All internet connections will go via two levels of security, as the connection
will first authenticate at the server and then reach the network's access controller.

 Acceptable use policy – All college materials are made available to all users at any
time for the primary goal of research and study. It is forbidden to use the resources
for purposes other than those mentioned. These resources are always available to
them; however, they may be unavailable due to planned maintenance or
troubleshooting.

 Accountability policy – According to this policy, all users are liable for their actions
that may jeopardise network security. All users must be conversant with the rules or
guidelines that have been issued to them and report any harmful or suspicious
behaviour to the administrator.

27 | P a g e
Cost estimation

This is the area where we must devote adequate attention in order to keep the cost of
developing and implementing the architecture to a minimum. As a result, it is critical to
examine the cost of all devices, labour, services, and other components in this security
architecture. It would be wonderful to live in a world if cost was not a consideration in
product design. In every design process, money is a crucial consideration. Cost must be
addressed both from a capital and an operational standpoint. Using a minimal level of
protection to protect a low-value item is not necessarily a bad thing. However, you must be
assured that you understand the asset's worth and who could be interested in it. Recent
occurrences have demonstrated that certain non-obvious targets are extremely valuable as
cyber-targets. The ultimate goal here is to maximise security while spending as little money
as possible. Below is the complete cost estimation to develop the required security
architecture for WILP –

Resource Estimated cost (Approx.)

Analysis of requirements $1,800

Assess and plan $2,800

Search and choose a framework $3,600

Prepare logical and physical designs $6,000

Estimation of devices used $1,600

Device purchase $150,000

Purchase required software $73,000

Cabling $16,400

Device installation and configuration $45,000

Install required applications $9,000

Testing configuration $18,000

28 | P a g e
 Update config and test $10,000

Manpower cost $25,000

Total $3,62,200

Conclusion

The primary purpose of this study is to go through the essential characteristics of network
security architecture. We create a thorough security architecture based on our learning
experiences and research into the most recent architectures available on the market today.
The revised security model offers us with some precise and comprehensive methods for
developing the WILP security architecture design. The whole framework or model is used to
prepare this design and produce a high level of security. Creating network security is a
laborious and time-consuming operation. The refined security development process
contributes to the development of a secure network by providing a well-defined framework
for developers to analyse security requirements, design security into network architecture,
construct network security policies, implement the design, and be prepared for new
requirements.

References

Chkadmin. (2022, March 8). Network security best practices. Check Point Software.
Retrieved November 10, 2022, from https://www.checkpoint.com/cyber-hub/network-
security/what-is-network-security/network-security-best-practices/

DOE. (2007, February). IT SECURITY ARCHITECTURE. Department of Energy. Retrieved

November 10, 2022, from
https://www.energy.gov/sites/prod/files/cioprod/documents/DOE_Security_Architecture.p
df
29 | P a g e
Kirkham, A. (2015, August). Neon-knight.net. Neon Knight (Australia) Pty Ltd ACN: 601 087
281. Retrieved November 10, 2022, from
https://neon-knight.net/images/PDF/Net_Sec_Design_Fundamentals_1-01.pdf

Kirkham, A. (2015, August). The Fundamentals of Network Security Design.

https://www.neon-knight.net/. Retrieved November 10, 2022, from https://neon-
knight.net/images/PDF/Net_Sec_Design_Fundamentals_1-01.pdf

Malviya, N. (2021, June 6). best practices for network security. Infosec Resources. Retrieved
November 10, 2022, from https://resources.infosecinstitute.com/topic/9-best-practices-for-
network-security/

Paessler. (2022, November 7). PRTG takes care of all your network management needs.
Paessler. Retrieved November 10, 2022, from https://www.paessler.com/network-
management

Ramadan, A. B., & Hefnawi, M. (2007, January). A Network Security Architecture Using The
Zachman Framework. NATO Security through Science Series C: Environmental Security
DOI:10.1007/978-1-4020-6385-5_8. Retrieved November 10, 2022, from
https://www.researchgate.net/profile/Abou-Bakr-Ramadan/publication/
226076238_A_Network_Security_Architecture_Using_The_Zachman_Framework/links/
5a172d9aaca272df0808aa8a/A-Network-Security-Architecture-Using-The-Zachman-
Framework.pdf?origin=publication_detail

Simhadr, H. (2002, August). Application Security Architecture . Global Information Assurance

Certification Paper - GIAC . Retrieved November 10, 2022, from
https://www.giac.org/paper/gsec/2720/application-security-architecture/104640

Yang, T. A., & Nguyen, T. A. (2006, January). Network Security Development Process: A
Framework for teaching network . Journal of Computing Sciences in Colleges 21(4):203-209.
Retrieved November 10, 2022, from
https://www.researchgate.net/publication/234782019_Network_security_development_pr
ocess_a_framework_for_teaching_network_security_courses

30 | P a g e