Friday, October 18, 2019

Network Security and the Demilitarized Zone Coursework

Network Security and the Demilitarized Zone - Coursework Example The researcher states that the disadvantages associated with DMZ are not significant, but one issue can be highlighted, as the segregation may create a hassle for the network administration because DMZ requires frequent updates and maintenance. Moreover, the hardware cost is high and requires dedicated hardware in order to implement DMZ within the network. Deployment includes a switch, separate firewall, and IDS etc. The most significant advantage that is shared by both of these technologies is communication. However, intranet provides limited communication as compared to the extranet, but it is still effective. In order to implement the intranet, local area network and a host is required. The network must adhere to the requirements of the intranet application. Moreover, the application will be deployed on a separate workstation called as a host or server. The star topology is recommended for intranet-based networks as the network administrator can manage and administer intranet issu es in a centralized environment. Furthermore, the presence of the intranet will enable new trends for communication. For example, paperless communication between employees, chatting, e-mails and blogs etc. disadvantage includes maintenance and security issues. Hardware requirements for an extranet are similar, except Extranet provides a wide coverage for employees, who want to work from home, or communicate while traveling. However, in order to provide or publish contents on the Internet, certain advanced protocols are required. For instance, VPN is a secure choice. Accordingly, due to its broad functionality, security issues are also more as compared to the intranet. Network address translation is defined as â€Å"An Internet protocol that allows individual sites to support more IP hosts than the number of IP addresses assigned to it. This is done using special Internet addresses that have been reserved for this purpose. These special addresses are invalid on the Internet itself. The hosts using these addresses may communicate among themselves, but they cannot access the Internet directly† (Campus infrastructure guidelines). NAT translates private IP addresses into global IP addresses, making it simple for the network administrator, as incremental changes are required without modifying host and routers. Moreover, the disadvantage NAT has is that it is slow because each packet is processed, prior to the decision of translating it or not. ‘IP traceability’ also becomes difficult as data packets are difficult to trace.   Tunneling is also called as port forwarding. Port forwarding is configured for a secure channel within the medium or corporate networks. One way of implementing a tunneling protocol is to configure a DSL modem by defining the port number that is allocated for using specific service. For instance, in order to access remote desktop via port forwarding, port number 3389 and RDP service is defined in the router against the IP a ddress of the workstation on which the service needs to be executed. A popular tunneling protocol developed by Microsoft is known as Point to Point Tunneling Protocol (PPTP).

No comments:

Post a Comment