Ask Question, Ask an Expert

+61-413 786 465

info@mywordsolution.com

Ask Computer Network & Security Expert

Computer Science


Home >> Computer Network & Security

You are tasked with writing rule sets for two firewalls that protect your network and form a DMZ. All traffic from your internal network to the Internet passes through the DMZ. All servers that are accessible from the Internet reside inside the DMZ. All computers inside the network (internal network and DMZ) have private IP addresses. All traffic to and from the Internet passes through a NAT device which is located just inside the perimeter firewall. All computers on this network are Windows computers

Servers in the DMZ
Service Public IP Address Private IP Address Comments
HTTP/HTTPS 200.100.100.10 192.168.20.10
FTP 200.100.100.11 192.168.20.11
DNS 200.100.100.12 192.168.20.12 Uses TCP for zone transfers, services DNS lookup requests from all computers in the internal network and DMZ
Email 200.100.100.13 192.168.20.13 SMTP
Proxy 200.100.100.14 192.168.20.14 Not accessible from the Internet. Client computers connect to the proxy service on port 8080



Clients on the internal network: All user workstations access web sites via the Proxy server. There are three different internal subnets: 10.10.10.0/24, 10.20.20.0/24 and 10.30.30.0/24. Computers on the 10.10.10.0/24 subnet may access FTP servers on the Internet. Computers on the 10.20.20.0/24 network may access an SSH server on the Internet with the IP address 220.20.30.110. All computers on the internal network may access the company's Email, DNS, FTP and web servers that reside in the DMZ.

Computers on the three internal subnets use dynamic NAT pools as follows when making connections to the internet.
Private IP address range NAT Pool
10.10.10.0/24 200.200.200.50 through 200.200.200.100
10.20.20.0/24 200.200.200.101 through 200.200.200.150
10.30.30.0/24 200.200.200.151 through 200.200.200.200


Answer the following:
(1)prepare the two rule sets for the two firewalls that will allow only the traffic described to flow.



Part 3

You are tasked with implementing a rule set for a firewall. Internal computers are running Windows operating systems. 

(3) In the following table create a rule set to implement the following requirements. 
• Internal users are allowed to access web servers on the Internet (both HTTP and HTTPS) but do so via a proxy server that has an IP address of 192.168.20.5.
• Access to the following servers is not allowed:
a. www.riaa.com
b. www.mpaa.org
• Users are allowed to directly access an SSH server running at andromeda.cs.odu.edu
• Computers on the Internet should be allowed to connect to your email server (SMTP only) in order for your company to receive emails from other organizations. The IP address of the email server is 192.168.20.10.
• Your email server must be able to connect to other email servers on the Internet to forward outgoing email (SMTP only).
• All other traffic is not allowed

Rule
Number Protocol Source Address Source
Port Destination Address Destination
Port Direction Action





Part #4


You are tasked with implementing a rule set for two firewalls protecting your network in a DMZ configuration. Internal computers are running Windows operating systems. 

(4)In the following table create a rule set to implement the following requirements. 

Note:
NAT occurs just inside the perimeter firewall.



DMZ Servers
Purpose Private IP Public IP
Web proxy 192.168.10.10 150.150.150.10
FTP Proxy 192.168.10.11 150.150.150.11
DNS 192.168.10.20 150.150.150.20
Web server - public 192.168.10.30 150.150.150.30
Web server - corporate only 192.168.10.40 150.150.150.40
Email 192.168.10.50 150.150.150.50



Internal network servers
Purpose Private IP 
Microsoft SQL Server Database 10.50.50.100

Requirements
Workstations
• User workstations are on the two subnets 10.10.10.0/24 and 10.20.20.0/24
• User workstations can access web servers on the Internet (http and https) but only via a proxy server which resides in the DMZ 
• User workstations can access ftp servers on the Internet but only via an FTP proxy server which resides in the DMZ 
• User workstations can access the DNS server which resides in the DMZ


DMZ Servers
• Web proxy may access web servers on the internet
• FTP proxy may access FTP servers on the internet
• DNS server will accept incoming requests from both internal workstations and from the Internet. 
• DNS server will accept zone transfer requests from other name servers on the internet
• The public web server will accept requests from the internet only via HTTP
• The corporate web server will accept requests from the internet only via HTTPS
• The corporate web server will make connections to the internal Microsoft SQL Server database on its default port.
• The email server will accept SMTP requests from the internal network and the Internet. It will also make SMTP requests to other email servers on the Internet.

Internal Server
• The internal Microsoft SQL Server database server will accept incoming connections from the corporate web server in the DMZ

Rule
Number Protocol Source Address Source
Port Destination Address Destination
Port Direction Action

Computer Network & Security, Computer Science

  • Category:- Computer Network & Security
  • Reference No.:- M9127643

Have any Question?


Related Questions in Computer Network & Security

Overview of network security assessment - security

Overview of Network Security Assessment - Security Challenges in Emerging Networks Purpose of the assessment - The purpose of this assignment is to develop skills to independently think of innovation. Students will be ab ...

Since quotas do not raise revenues but have the same trade

Since quotas do not raise revenues but have the same trade effects as do tariffs, why not just have tariffs? Why would the government impose quotas when tariffs not only would reduce imports but also bring in new revenue ...

Shadow register setsa describe the use of shadow register

Shadow Register Sets a. Describe the use of shadow register sets. b. How many shadow register sets are supported? c. What instructions are used to move data between them? Floating Point Numbers. We have heretofore focuse ...

If a router is attached to a network with a base ip address

If a router is attached to a network with a base IP address of 198.10.0.0/20 and receives a packet addressed to 198.10.10.144, answer the following questions: a. What is the network mask used by the router? (in dotted de ...

Income effects depend on the income elasticity of demand

Income effects depend on the income elasticity of demand for each good that you buy. If one of the goods you buy has a negative income elasticity, that is, it is an inferior good, what must be true of the income elastici ...

Assignment1 consider a tcp connection between host a and

Assignment 1, Consider a TCP connection between Host A and Host B. Suppose that the TCP segments traveling from Host A to Host B have source port number 10526 and destination port number 80. What are the source and desti ...

Question suppose you wish encrypt the message beyonce using

Question : Suppose you wish encrypt the message BEYONCE using the one-time pad with the key RIHANNA (a) Encode to this message and the key as bits. (b) Encrypt with the one-time pad using XOR. What is the resulting ciphe ...

Assignment wireless applications advances advantages and

Assignment : Wireless Applications, Advances, Advantages, and Disadvantages The adoption of wireless technologies varies from one industry to another, and is often based on the benefits provided versus the challenges, im ...

Question do some research and find a case of cyber

Question : Do some research and find a case of cyber harassment or cyberbullying. Explain the case, and discuss the relevant theories of criminal justice associated with the perpetrator(s). Your response should be a mini ...

Suppose there is no inflation and an insurance company

Suppose there is no inflation and an insurance company offers a contract that would pay $500,000 with certainty 50 years from now. What is the most that this contract would be worth today if: 1. The rate of interest is 7 ...

  • 4,153,160 Questions Asked
  • 13,132 Experts
  • 2,558,936 Questions Answered

Ask Experts for help!!

Looking for Assignment Help?

Start excelling in your Courses, Get help with Assignment

Write us your full requirement for evaluation and you will receive response within 20 minutes turnaround time.

Ask Now Help with Problems, Get a Best Answer

Why might a bank avoid the use of interest rate swaps even

Why might a bank avoid the use of interest rate swaps, even when the institution is exposed to significant interest rate

Describe the difference between zero coupon bonds and

Describe the difference between zero coupon bonds and coupon bonds. Under what conditions will a coupon bond sell at a p

Compute the present value of an annuity of 880 per year

Compute the present value of an annuity of $ 880 per year for 16 years, given a discount rate of 6 percent per annum. As

Compute the present value of an 1150 payment made in ten

Compute the present value of an $1,150 payment made in ten years when the discount rate is 12 percent. (Do not round int

Compute the present value of an annuity of 699 per year

Compute the present value of an annuity of $ 699 per year for 19 years, given a discount rate of 6 percent per annum. As

Follow Us

© Copyright 2013-14 mywordsolution.com All rights reserved