IT Network Security Assessment For Southworth-DeSassure Bank

Abstract

This research paper provides information about network security, firewall and database problems facing by Southworth-DeSassure banking sectors. This paper focus on network security issues due to lack of proper firewall rules and advantages of cloud over traditional data centers. Cloud computing provide flexible access to different high-performance computing services and provide storage infrastructure. Cloud services help to decrease the complexity of IT infrastructure and it provides scalability, reliability and high-performance capabilities. Firewalls play a key role to protect IT infrastructure from untrusted traffic or intruders. Security engineers play a key role in designing the firewall rules by taking proper analysis. Southworth-DeSassure bank has poor configuration of firewall and traditional data center that has minimal security features. Updating or writing new firewall rules every quarterly and upgrading traditional data center to cloud can help Southworth-DeSassure bank to provide better services to its clients and make more profits. This paper portrays a novel procedure for investigating vulnerabilities in firewalls and benefits of using cloud services over traditional data center.

Introduction

In Cyber Wall Network and Security Services (CWNSS) we offer wide range of IT security services to assist businesses to dodge from being a victim of cybercrime. Our IT professionals’ teams up with strategic partners to offer cybersecurity solutions. There are about 500 employees working in two locations (Seattle (WA) and Dallas (TX)) of the Southworth-DeSassure Corp bank (SDCB) which generates revenue of $500 million per annum through its business model.

The Network is like a blood that flows through the vein. It keeps the information flowing and makes sure that employees can do their work without any impediments. Network has to be secured and need regular scans to make sure it is safe. CWNSS conducts Pen test and Vulnerability scans to determine the level of exposure to a targeted attack against SDCB with an aim of Identifying whether SDCB’s defenses could be penetrated by a remote attacker or not. Determining the Impact of SDCB’s data breach.

Problem Statement

Banking sectors facing major threats from hackers and computer viruses that steal valuable information. To avoid these problems banks practices best IT security infrastructure. After through study of Southworth-DeSassure bank IT infrastructure, it needs some improvements. The results show that Firewalls at both locations are not advanced and Data center has poor security measures in place. The old rules in firewall cannot stop intrudes to enter the network and place malicious software that steals the valuable information. Also, the data center is not UpToDate with the current industry security standards. It has poor physical security as well as not following compliance. Research QuestionHow do we prevent hackers from breaching the bank through by passing through firewalls and stealing data from data center that has less security standards?Literature ReviewFirewall is a network device. The main function of the firewall is to filter the data that is incoming and outgoing through it. Firewall can be placed in between internal network and outside internet or between internal departments. The idea of firewall is to follow the rules that are configured in side of it. Firewall might be a physical device or logical such as windows firewall, web firewall.

Methodology

Different strategies utilized to investigate the subject. Although their naming transformations might be unique. The proposed arrangement or strategy that utilizes dynamic measurements gathered on firewall approach guidelines and utilizes these outcomes to build an arrangement of principles for denying or permitting activity. Most research has introduced and recognized this is an ongoing issue. They utilized a calculation that procedures the firewall approach disconnected and concocts ideal arrangements. preparing cost is powerfully chosen dependent on system activity measurements. This can be compared to. Heuristic based calculations have been utilized in finding the most limited time of coordinating a bundle by doing the minimum pursuit. These are a blend of the greater part of the methods talked about above. Disjoint administer set maker for lead set-based enhancement, Filtering Trees among others, all utilization at least one of the above systems as a solitary usage or in a half breed shape. A large portion of these techniques depend on the standard execution assessment benchmarks set by the Internet Engineering Task Force in its. The inspiration for this examination is the way that system movement is never static. Along these lines, keeping a lead set of settled length in this powerful condition makes so much repetition and irregularities.

Occasionally it is even hard to know which demands for essential system administrations are permitted to pass through the firewall because of extensive run sets. This along these lines, impacts on throughput and decreases firewall execution. This is the reason the work being done in this examination to advance a manage set for execution gain fits in.

Findings

By utilizing security appliances (Firewalls) unauthorized traffic can be prevented coming into our internal Network. By placing the firewall at the perimeter level, between internet and organization devices, secure information can be stopped exposing to prohibited traffic on the internet from within organization. To give access to the secure environment the Vendor/customer required to submit the firewall request form with user’s information who desire to access his applications or servers and on which ports they are trying to communicate. The requested firewall form then should be verified by the ISU (Internal Security Unit) unit of the organization, will then the access rules be implemented in the firewall (on the Inbound interface and outbound interface) by creating the object-group based on source, destination address and on required type of service with explicit deny at bottom. When the packet received to the firewall from external it verifies all the access-rules with the source IP to destined IP and type of protocol (TCP, UDP) and if rule permit the packet will be send to inside network. The secure socket layer (SSL) is one methods for giving secure communication between various points that are associated through the Web In the same firewall module Intrusion detective system can be installed with (on new cisco devices) to screen the traffic and record the log. It gives alert for the bad threats, to the management with the information of it and user can take priority and safe measures before the attack has occurred. Traditional data centers lack the security features and technical advancement that can be provided by Cloud storage.

Traditional data center is a physical infrastructure which confines the amount of data that can be stored and also should reside within organization’s local network. But, Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e. g. , networks, servers, storage, applications and services) that can be rapidly provisioned and releases with minimal management effort or service provider interaction. Cloud storage is much cheaper than traditional data centers as there is minimal maintenance and there will be no location, labor, equipment and power costs as they are operated by a cloud provider. Storage in traditional data centers are confined to certain limit and incase of any upgrade, an organization should go through all the process as same as its initial setup whereas upgrades can be done in Cloud almost instantly. Cloud providers bills customers as they use the storage whereas data centers should invest a way before their initial setup even though they don’t use its complete volume. With latest advancement in technology, replacing equipment at physical data centers will be a huge investment whereas providers would take care of such things in the case of Cloud. Failures or redundancy at physical data centers would be almost building an equivalent facility again whereas cloud at single entity level it is already redundant. Finally, Cloud based are strongly reliable and have less outages compared to traditional data centers.

Conclusion

In conclusion, Cyber Wall Network and Security Services identified two major network security issues in Southworth-DeSassure Corp bank. One of them is poorly configured firewall and other is minimal security standards data center. To avoid hackers to breach bank and steal valuable data Southworth-DeSassure Corp bank should update their firewall rules every quarterly and should move their data center to more advanced Cloud. By doing this, Southworth-DeSassure Corp bank can provide better services to their clients and make more profits.