Introduction
In this
scenario, E-Tat Marketplace is a startup company providing a digital
marketplace for pre-owned goods. The usage of the platform has increased
significantly, so they are looking to invest in a larger and more secure
network. They have hired you as a security consultant to design them a new
secure network from scratch. However, you are constrained to using their
approved hardware and staying within budget.
Learning Outcome to be
assessed
Display critical awareness of
the relationship between theoretical and practical security concepts and their
implementation.
Detail of the task
This
assignment requires you to interpret the criteria and produce a secure network
design, which meets the company’s criteria. Your work should be presented as a
professional report to give to the company; the quality, presentation and
writing of this report will be assessed. This is an individual assignment and
all designs, diagrams and explanations should be your own work. Although you
are strongly advised to undertake additional research, the use of credible
academic resources should only be used to strengthen/support your own work.
Your report should use either the Harvard or IEEE referencing style.
Task 1
The current logical and
physical network designs for E-Tat Marketplace’s network are available on
Canvas. You are required to carefully analyse these designs and identify and
explain five security weaknesses within this design. For each weakness,
you need to include the following:
• A
snippet of the respective network design (annotations are encouraged)
demonstrating the area of the design being discussed.
• A detailed explanation of the issue.
•
A detailed explanation of the potential impacts.
Task 2
E-Tat
Marketplace has asked you to design a new network from scratch for their
business. This new design should be based on the provided requirements ONLY (no
inclusion of existing components is required). You are to create a secure and
resilient network design, and document this in a technically detailed,
and professional report. The design can only utilise the approved
hardware listed in Table 1, it must fulfil all of the service requirements
shown in Table 2 and provide 10 PCs for staff to use. The cost must be
within the company’s budget of £100,000.
Table 1. E-Tat Marketplace’s Equipment List
Individual Device
Cost
Storage server
•
250 GB
•
500 GB
•
750 GB
£2600
£3700
£4300
1000 GB
£5100
Compute server
•
• 1 CPU
•
• 2 CPUs
•
• 4 CPUs
•
• 8 CPUs
£2600
£3700
£4300
£5100
Load balancer
£600
Desktop PC
£420
8 port switch
£90
16 port switch
£200
24 port switch
£350
Security gateway
£130
Network Anti-Virus
£750
Firewall
£110
Router
£170
IDS
£250
IPS
£300
Table 2. Overview of Required Services
Service
Required CPU
Capacity
Required
Storage
Capacity
(GB)
Accessed Externally
Notes
Selling Web App
16
0
Y
All data is stored on DB
Buying Web App
16
0
Y
All data is stored on DB
Admin Web App
2
0
N
Staff only, local application
Payment Gateway
8
200
Y
SMTP
2
100
N
CRM Web App
4
100
N
Staff only, local application
DB
10
500
N
SIEM
4
10
N
Staff only, local application
VPN
2
0
Y
Only allows access to CRM and
SIEM
Active Directory
2
0
N
Serves in DS and LDS roles
Backup
1
500
N
The following assumptions
should be made in the development of your design:
•
• 2 ISP uplinks have been installed from different providers.
•
• All necessary infrastructure hardware is in place e.g. CAT6 cabling,
network wall jacks.
•
• Externally hosting any service is not permitted.
•
• Each server has a dual network interface card.
•
• Any OS licence is included in the costs shown in Table 1.
•
• Only software included with the OS as standard, or open source
software may be used.
Your professional report should
be both detailed and technical, and must contain the following:
•
• Design Overview
•
▪ Explanation of the design principles
followed.
•
▪ Explanation of the network security
considerations integrated into the design.
•
▪ A financial breakdown of the design
proposed.
•
• Physical Network Design
•
▪ Technical illustration of proposed physical
network design
•
▪ Descriptions of the design/decision made
•
• Logical Network Design
•
▪ Technical illustration of proposed logical
network design
•
▪ Descriptions of the design/decision made
•
• Services
•
▪ How
each service will be deployed (e.g. standalone, co-located, virtualised)
•
▪ A recommendation of the software used to
implement the services
•
References
Harvard Style.
What you should hand in
You must
submit a professional report in .doc/docx format.
Marking Scheme/Assessment
Criteria Task
Assessment Criteria
Weighting
1
Security Analysis (total 20%)
•
Identification of suitable design weakness (x4)
•
Appropriate diagram snippet (x4)
•
Explanation of suitable design weakness (x4)
1% each
1% each
3% each
2
System Design Report (total 75%)
•
Financial Breakdown
•
Logical Diagram
•
Logical Explanation
•
Physical Diagram
•
Physical Explanation
•
Service Implementation
5%
25%
5%
20%
5%
15%
Quality of report (total 5%)
•
Professionalism of report
•
Use of references
3%
2%
Last Completed Projects
topic title | academic level | Writer | delivered |
---|