Display critical awareness of the relationship between theoretical and practical security concepts and their implementation.

Introduction
In this
scenario, E-Tat Marketplace is a startup company providing a digital
marketplace for pre-owned goods. The usage of the platform has increased
significantly, so they are looking to invest in a larger and more secure
network. They have hired you as a security consultant to design them a new
secure network from scratch. However, you are constrained to using their
approved hardware and staying within budget.

Learning Outcome to be
assessed
Display critical awareness of
the relationship between theoretical and practical security concepts and their
implementation.

Detail of the task
This
assignment requires you to interpret the criteria and produce a secure network
design, which meets the company’s criteria. Your work should be presented as a
professional report to give to the company; the quality, presentation and
writing of this report will be assessed. This is an individual assignment and
all designs, diagrams and explanations should be your own work. Although you
are strongly advised to undertake additional research, the use of credible
academic resources should only be used to strengthen/support your own work.
Your report should use either the Harvard or IEEE referencing style.

Task 1
The current logical and
physical network designs for E-Tat Marketplace’s network are available on
Canvas. You are required to carefully analyse these designs and identify and
explain five security weaknesses within this design. For each weakness,
you need to include the following:
• A
snippet of the respective network design (annotations are encouraged)
demonstrating the area of the design being discussed.
• A detailed explanation of the issue.
•
A detailed explanation of the potential impacts.

Task 2
E-Tat
Marketplace has asked you to design a new network from scratch for their
business. This new design should be based on the provided requirements ONLY (no
inclusion of existing components is required). You are to create a secure and
resilient network design, and document this in a technically detailed,
and professional report. The design can only utilise the approved
hardware listed in Table 1, it must fulfil all of the service requirements
shown in Table 2 and provide 10 PCs for staff to use. The cost must be
within the company’s budget of £100,000.

Table 1. E-Tat Marketplace’s Equipment List

Individual Device

Cost

Storage server
•
250 GB
•
500 GB
•
750 GB

£2600
£3700
£4300

1000 GB

£5100

Compute server
•
• 1 CPU
•
• 2 CPUs
•
• 4 CPUs
•
• 8 CPUs

£2600
£3700
£4300
£5100

Load balancer

£600

Desktop PC

£420

8 port switch

£90

16 port switch

£200

24 port switch

£350

Security gateway

£130

Network Anti-Virus

£750

Firewall

£110

Router

£170

IDS

£250

IPS

£300

Table 2. Overview of Required Services

Service

Required CPU
Capacity

Required
Storage
Capacity
(GB)

Accessed Externally

Notes

Selling Web App

16

0

Y

All data is stored on DB

Buying Web App

16

0

Y

All data is stored on DB

Admin Web App

2

0

N

Staff only, local application

Payment Gateway

8

200

Y

SMTP

2

100

N

CRM Web App

4

100

N

Staff only, local application

DB

10

500

N

SIEM

4

10

N

Staff only, local application

VPN

2

0

Y

Only allows access to CRM and

SIEM

Active Directory

2

0

N

Serves in DS and LDS roles

Backup

1

500

N

The following assumptions
should be made in the development of your design:
•
• 2 ISP uplinks have been installed from different providers.
•
• All necessary infrastructure hardware is in place e.g. CAT6 cabling,
network wall jacks.
•
• Externally hosting any service is not permitted.
•
• Each server has a dual network interface card.
•
• Any OS licence is included in the costs shown in Table 1.
•
• Only software included with the OS as standard, or open source
software may be used.

Your professional report should
be both detailed and technical, and must contain the following:
•
• Design Overview
•
▪ Explanation of the design principles
followed.
•
▪ Explanation of the network security
considerations integrated into the design.
•
▪ A financial breakdown of the design
proposed.

•
• Physical Network Design
•
▪ Technical illustration of proposed physical
network design
•
▪ Descriptions of the design/decision made

•
• Logical Network Design
•
▪ Technical illustration of proposed logical
network design
•
▪ Descriptions of the design/decision made

•
• Services
•
▪ How
each service will be deployed (e.g. standalone, co-located, virtualised)
•
▪ A recommendation of the software used to
implement the services

•
References
Harvard Style.
What you should hand in
You must
submit a professional report in .doc/docx format.

Marking Scheme/Assessment
Criteria Task

Assessment Criteria

Weighting

1

Security Analysis (total 20%)
•
Identification of suitable design weakness (x4)
•
Appropriate diagram snippet (x4)
•
Explanation of suitable design weakness (x4)

1% each
1% each
3% each

2

System Design Report (total 75%)
•
Financial Breakdown
•
Logical Diagram
•
Logical Explanation
•
Physical Diagram
•
Physical Explanation
•
Service Implementation

5%
25%
5%
20%
5%
15%

Quality of report (total 5%)
•
Professionalism of report
•
Use of references

3%
2%

Last Completed Projects