You Have Been Hired As Part Of The Networking Team At UMUC ✓ Solved
You Have Been Hired As Part Of The Networking Team At Umuc After Comp
You have been hired as part of the networking team at UMUC. After completing orientation and training, your manager calls you into a meeting to discuss your first project. The university has recently leased a building in Adelphi, Maryland. The building will house offices, classrooms, a library, and computer labs. Security is important for UMUC, as the university must protect students’ and employees’ data, as well as any intellectual property that UMUC has on its servers and computers.
As a result, IT management would like to review proposals on how best to move forward on security issues. As a network engineer, you have been asked to prepare a network proposal on how to set up a secure network infrastructure in this building to support university operations.
Sample Paper For Above instruction
Introduction
The rapid expansion of university facilities necessitates a robust and secure network infrastructure to ensure the safety of sensitive data, intellectual property, and seamless operational functionality. In response to UMUC's recent lease of a new building in Adelphi, Maryland, a comprehensive proposal has been developed for implementing a secure and efficient network infrastructure tailored to the specific needs of university operations, encompassing offices, classrooms, a library, and computer labs.
Assessment of Network Security Needs
The primary concern for UMUC is data security, which encompasses protecting student and staff information, safeguarding university research and intellectual property, and preventing unauthorized access to university resources. The diverse nature of activities within the building—academic, administrative, and research—demands a layered security approach that includes physical security, network security, and administrative controls.
The network must also support high bandwidth demands for applications such as online learning platforms, library databases, and research tools, while maintaining resilience against cyber threats such as malware, phishing, and intrusion attempts.
Designing a Secure Network Infrastructure
The proposed network architecture involves a combination of physical and logical security measures designed to provide defense-in-depth.
Physical Security Measures
Physical security starts with controlled access to networking equipment rooms, surveillance cameras, and biometric access controls. Ensuring that core networking hardware such as switches, routers, and servers are housed in secure, access-controlled environments is fundamental to prevent unauthorized physical access.
Network Segmentation and VLANs
Network segmentation involves dividing the internal network into multiple Virtual Local Area Networks (VLANs). Separate VLANs for administrative staff, faculty, students, and research servers prevent lateral movement of potential threats, limiting the scope of attacks. Critical servers housing sensitive data should reside within a highly secure, isolated VLAN with strict access policies.
Firewall and Intrusion Detection Systems
Deploying enterprise-grade firewalls at the network perimeter provides a barrier against external threats. Firewalls should be configured to enforce strict access policies, prevent unauthorized inbound and outbound traffic, and monitor network activities. An Intrusion Detection System (IDS) or Intrusion Prevention System (IPS) should be integrated to monitor network traffic for suspicious activities and respond promptly to threats.
Secure Wireless Networks
Wireless access points (APs) should be configured with WPA3 encryption to secure wireless communications. Separate SSIDs can be established for staff, students, and guests, with appropriate access controls and bandwidth limitations for guest networks to prevent abuse and unauthorized access.
Implementing VPN and Secure Remote Access
For remote access, Virtual Private Networks (VPNs) should be established to encrypt data transmitted between remote users and the network. Multi-factor authentication (MFA) enhances security for VPN access, ensuring that only authorized personnel can connect securely.
Data Encryption and Backup
All sensitive data stored on servers and transmitted over the network should be encrypted using strong encryption protocols. Regular backups should be scheduled and stored in secure off-site locations or cloud services to ensure data integrity and availability in case of attacks or hardware failures.
Administrative and Policy Controls
Technical measures are insufficient without proper policies and personnel training. Developing comprehensive cybersecurity policies, conducting regular staff training, and establishing incident response procedures are vital components of overall security management.
Implementation and Monitoring
The deployment should follow a phased approach, starting with infrastructure setup, security configurations, and testing. Continuous monitoring using Security Information and Event Management (SIEM) systems allows for real-time threat detection and response. Routine audits and vulnerability assessments are essential to maintaining a secure environment.
Conclusion
A secure network infrastructure for UMUC's new Adelphi building is critical for protecting sensitive data and supporting academic and administrative activities. Combining physical security measures, network segmentation, advanced firewalls, secure wireless configurations, encrypted data transmission, and robust administrative policies will establish a resilient and secure environment conducive to university operations. Regular monitoring and updates are necessary to adapt to evolving cyber threats, ensuring ongoing protection for the university’s assets.
References
1. Stallings, W. (2019). Network Security Essentials: Applications and Standards. Pearson.
2. Kim, D., & Solomon, M. G. (2020). Fundamentals of Information Systems Security. Jones & Bartlett Learning.
3. Northcutt, S., & Novak, J. (2020). Network Security: A Beginner's Guide. McGraw-Hill.
4. Cisco Systems. (2022). Network Security Architecture. Cisco Press.
5. Harris, S. (2019). CISSP Exam Preparation: The Ultimate Guide. McGraw-Hill.
6. National Institute of Standards and Technology (NIST). (2018). Framework for Improving Critical Infrastructure Cybersecurity. NIST.
7. Symantec Enterprise Security. (2021). Best Practices for Wireless Security. Symantec.
8. Muniz, L. (2020). Implementing VPN Security for Secure Remote Access. Cybersecurity Journal, 15(2), 45-59.
9. Schneier, B. (2015). Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World. W. W. Norton & Company.
10. Kizza, J. M. (2018). Guide to Computer Network Security. Springer.