Network Security Assignment (10%)

Assignment Topic Securing the Network using a Packet Filter Firewall. Scenario: You are the administrator for a small network which has the following users. Your provider has assigned you the 149.209.16.0/28 subnet. You have one Cisco 1841 router and one Catalyst 2960 switch. There is one publicly accessible Web/FTP/email server. This provides the company sales information, product data, online sales system, and the email service. Router outside interface, S0/0/0 IP address 149.209.16.1/30 Public Web/FTP server is on 149.209.16.6/30 connected to Fa0/0 IP address 149.209.16.5/30 Office network is on subnet 149.209.16.8/29 connected to Fa0/1. Management: 2 hosts Sales office: 2 hosts, 1 printers Workshop: 1 host Security requirements: Fire wall requirements 1. Internet access: The management and sales hosts can access the internet at any time. The Workshop hosts can access the internet only during working hours. 2. There is no restriction for access to the public Web/FTP server at any time. Assignment Requirements: 1. Network Design Design your network giving appropriate IP addresses for your hosts. Provide a topology showing your addressing scheme. 2. Firewall policy You, as network administrator, must set out the policies for access between the different hosts so that the network is secure and effective, besides ensuring the above internet access is provided. Specify clearly what your policy will provide. Consider the special case for the network administrator to access the router for remote administration. 3. Implementation Implement a packet filter firewall in the router (not CBAC or zone based). Demonstrate your implementation in the lab. Submit your router configuration file, both hard and soft copies. Due date: 18 May 2012, 5 pm. Submit both hard and soft copies. Instructions on submitting to Turnitin will be given later. Note: This assignment is to be done individually on your own. Copying will be penalised.