03-01-2013, 09:57 AM
Secure File sharing on LAN
1Secure File.docx (Size: 112 KB / Downloads: 29)
Abstract
To design and build a well-secured network, many factors must be taken into consideration, such as the topology and placement of hosts within the network, the selection of hardware and software technologies, and the careful configuration of each component. My paper will be an examination of some of the issues in designing a secure Local Area Network (LAN).
Introduction
In order to design and build a well-secured network, many factors must be taken into consideration, such as the topology and placement of hosts within the network, the selection of hardware and software technologies, and the careful configuration of each component. My paper will be an examination of some of the issues in designing a secure Local Area Network (LAN) and some of the best Practices suggested by security experts. I will discuss securing a LAN from the viewpoint of the network architect considering three main areas: the network topology which comprises the physical and logical design of the network; securing the routers and switches which connect segments and hosts to form the Network; and, finally, some of the emerging and advanced techniques in network security will be examined.
Implementation
Topology and Architecture:
A critical step in designing our network is defining the network topology. The topology is the physical and logical layout of the network. On the physical side, we will need to provide distribution to the offices or buildings where the users are located. We will need to provide connectivity to the servers which comprise our intranet, to the Internet, and possibly to other company locations or business partners, remote users connecting via telephone lines, etc. The logical topology must be considered as well. It is bound to some degree by the physical topology, but with technologies such as Virtual LANs (VLANs) and Virtual Private Networks (VPNs) there is considerable flexibility in designing the logical topology. In laying out the logical topology we will need to consider our security policy, and decide what our trust model is.
Conclusion
This paper has examined several strategies for designing a secure Local Area Network. We have identified the need to define a security policy, and balance the organization's security needs with the available resources. Next, we considered a basic topology that allows for the grouping of hosts by function, and implementing security within the layer 3 designs. We looked at how to implement the layer 2 network design securely, implementing layer 2 security features and minimizing threats at layer 2. And finally, we rounded out our discussion by discussing additional steps we can take to secure the LAN, such as network intrusion detection systems, private VLANs and IPSEC. The network architect must exercise careful planning, and attention to detail to maximize the security of the network while meeting the communication needs of the organization.