No AI Generated Content
Introduction
Get free samples written by our Top-Notch subject experts for taking online assignment help
The study is aiming to investigate the several issues and structure of the existing network infrastructure of the Handmade Furniture limited company. The study has performed a network security analysis based on the case study of a handmade furniture company. The inspection performed on the network infrastructure of the company gives a basic understanding of the several issues and vulnerabilities of the network infrastructure. It has been observed that the company has experienced quite a lot of trouble regarding the management of the existing computer network of Handmade Furniture company and has also discussed the necessary support for the Company's IT support team. The computer network, including end devices, connection protocol etc. of the company, is functioning without following standards procedure and in an uncontrolled way. For this reason, there can be chances of hacking and data loss on the network of Handmade Furniture Ltd. Due to this uncontrolled way of transferring data and an unplanned network may lead to several losses in the future regarding the business operations, including production, Finance and many other business processes.
This report is focused on analyzing the existing network of Handmade Furniture Limited and also providing justification on the various network components in order to improve the network performance and network design. The study is therefore aiming to discuss the network management plan as well as network security plan. In this report, the main objective is to make the network management plan in such a way that it can mitigate the different possible issues and provision of data loss in the existing network architecture. The management plan for the computer network in this report will include the different key parameters such as security concerns, cost involvement and also the administrative control to the handmade furniture company's stakeholders. This suggested plan for the network management can be deployed in order to expand the network infrastructure and also improve the network security and features for the company's future growth. The study also aims to provide a proper network security plan and costing implications for better mobility and data security in the existing network.
Network management plan
The network management plan refers to the different steps or operations that need to be taken for improving the existing network parameters and also helps to make the security and connectivity for the network more structured (Allocca et al. 2020). Every organization needs to have a proper network management plan ensuring the security and connectivity within the network. In this report, there are several factors in the network of handmade Furniture Ltd. that need to be upgraded, and thus the network management plan has a crucial role in reducing the network-related risks. The plans in managing the existing network are used for managing the computers, internet connectivity, users, applications and the different network devices. Organizations with no proper network management plan may not be able to manage their resources regarding the network components and data effectively because of the lack of policies and effective procedures (Amin et al., 2018). As the Handmade Furniture company is willing to upgrade its network components (such as computers, applications) and also the internet connection, the company thus requires developing proper governance and proper network management plan. There can be several key elements of the proposed network management plan for the Handmade Furniture Company. This includes configuration management, fault management, security management, performance management and accounting management.
Figure 1: Network Management Plan
(Source: https://aaimagestore.s3.amazonaws.com/july2017/0015252.003.png)
Fault Management
Fault management is very much important in terms of managing network performance. The fault management framework is used for detecting, monitoring and notifying users about any fault in the existing network. In order to keep the following network of the handmade furniture company, the system provides an appropriate framework in correcting the faults in the network effectively (Arif et al. 2020). The fault management performs troubleshooting network infrastructure, managing network platforms, detecting faults and monitoring the cause of the faults and giving notification along with the detected faults. Therefore, fault management helps to manage the company's internal infrastructure. In fault management, the most common activities are network discovery, handling events, mapping topology of the network components, data collection regarding the network performance, and also managing the browser data. Hence, fault management performs crucial tasks in improving the network operations. The troubleshooting of the components according to the fault management, such as system log and the TFTP("Trivial File transfer protocol") used in troubleshooting the network performance and infrastructure and also provides notification to the management stations during identification of any fault in the network (Batcheler et al. 2020). In this case, in order to handle all the current requests regarding the IT network, there should be a centralized location for handling all the requests in order to track the network related issues centrally. Hence, In the Handmade Furniture company, a help desk can be formed, and this will receive issues faced by the stakeholders and forward those data to the concerned authorities.
Performance Management
Performance management incorporated with monitoring, measuring and reporting. This also involves tuning the system as well as analyzing the performance of the network. This management process has several levels, including interface matrix, protocols and device levels. This needs to be gathered on a regular basis by utilizing the network polling engine. The performance tuning and analysis involves measuring the existing network traffic and the optimization process for these resources. The different key elements of the network plan can be routers, Data servers, Web Servers, Firewall, Mail server, Printer servers etc. (Dargahi et al., 2017). In this case, the company either can purchase cloud servers or may implement its own email servers for the security of the emails. In order to avail centralized printing facilities in the Offices and Factories, the company can develop a printer server.
Configuration Management
This process involved in the network management planning process entails appropriate monitoring of the network configuration-related information, and this is very much important. This process ensures effective tracking of all the effects related to the network operations with different versions of software and hardware in the network of handmade furniture Company. This process involves configuration standards, inventory management, and configuration management of the files and also involves in managing the software. The configuration standards turn to be effective when the number of the devices increases, such as increasing Printers and computers in the handmade furniture Ltd. In order to identify the device's location, the element are used on the network and also makes it available with the dispatching resources in the network and making corrections regarding the problems (Kenchington et al., 2019). In a network, the configuration of the different network devices is very much important, and improper configuration may affect the network connectivity. According to configuration management, Inventory management is also crucial as it provides all the information regarding the software and hardware. The software management helps to ensure the installation of appropriate software tools on the handmade Furniture Company’s network.
Security Management
Security management is focused on making the network secure with proper security measures and following some standards of data collection. The network management plan is aiming to control the access to the organization's resources in accordance with establishing a set of guidelines in order to prevent data loss or data theft. This access to the resources needs to be within the internal stakeholders of the company, and the network should be managed in such a way that it should not compromise any possible threat to the network intentionally or unintentionally (Emanuel et al. 2020). The frameworks of security management monitors the login and credentials on the following network resources to the authorized users and also prevent unauthorized personals or devices from getting access to the organization's internal data with faulty access codes or wrong devices.
Figure 2: Cyber Security Market Size
(Source: https://www.statista.com/graphic/1/289157/uk-cyber-security-defence-and-intelligence-sub-segment-size.jpg)
The most common example of security management is authenticating the user with a proper password and user identity, and often it involves message support. Thus, to keep the network secured well, the company firstly requires developing a proper antivirus system and implementing different firewall policies for monitoring the operations by the intruders in the network. It also needs to be understood that implementing antivirus in a single device may not be that effective over the implementation of centralized antivirus (Eslami et al., 2017). This can be applied to the network of Handmade Furniture companies and allows all the PCs in the network to use the same centralized antivirus system or software. Hence, similar policies will be applied for all the devices within the network. This planning may also allow the network administrators to monitor devices' activity centrally and effectively. Not only it provides effective monitoring, but it also may allow the network administrator to generate centralized reports related to the network usage, including incoming and outgoing network traffic.
Accounting Management
Accounting management is also an important part of the network management plan. This process involves collecting and sending security-related information during the time of reporting and billing. The examples of the information can be started and stop time, user identities, executed commands etc. This information detail helps the network managers in identifying or tracking the network services and also allows the users to get access to the network. The accounting management is also aiming to make sure that all the authorized users can have access to the different network resources and utilization of these resources. According to this framework or network plan, it utilizes SNMP "Simple Network Management Protocol" for the management of faults in the network, analyzing network performance, monitoring the platform in order to manage the network for the long term (Ford et al., 2020). Additionally, the Accounting management plan consists of collecting system logs, software and hardware inventory management. Hence, in a handmade furniture company, it is very much needed to form a centralized backup plan of the network's data. This will allow the storage of the data automatically in the centralized data storage location. It may help to avail data from the centralized location in case of any PCs or device failure. For this reason, a data Server needs to be configured for the purposes of storing the organizational data in the centralized data centre. Therefore, the centralized data centers can be deployed by involving Servers in order to interlink the different users in the network.
Network security plan
In order to develop the plan in terms of security, an organization needs to take care of different sorts of consideration, and in this part of the research, those plans are going to be discussed about the network security in the following research area. Whether the taken organization is small or big does not matter in terms of security; providing security and planning for security are the two most important considerations that need to be taken care of (Gray et al., 2019). The organization which is discussing, in this case, deals with a variety and a huge number of details in terms of operational details as well as consumer details in order to deal with the performance and operation. So in order to avoid any sort of unwanted attacks from malicious activities, the organization needs to adopt few strategies that are going to showcase as follows:
Network Security Risks
Before going into the depth of security planning, the organization needs to understand the possible risks that can be faced by the organization and only after that planning for reducing those threats can be done. So in the below part, those threats or risk are going to be discussed as follows-
Lack of strong communication protocols and network infrastructure: The first and foremost thing the chosen organization needs to consider is that due to lack of network infrastructure and weak communication protocol, cybercriminals can get access to the system using different sort of malware functions. So this can be one of the biggest risks for the organization. The way of transmitting the information through the communication channel requires strong protocol so that any cyber attacker does not understand the message or information which will be transmitted using the communication protocol (Gupta et al. 2018). As an example, it can be said that when the organization is using internet communication network which utilized different sort of data packets in order to transmit data over the internet network, the network channel needs to be properly secured so that any malware activities do not get access into the system to get the details of the transmitted packets.
Figure 3: Cyber Security Breaches
(Source: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/image_data/file/97514/Figure6.3.jpg)
The risk associated with people:
According to different sorts of researchers, it can be said that most of the network breaches are caused by the fault of people, and this is one of the risks which can be found in network security. The fault can be of different types such as ignorance, errors and omissions (Haltigin et al. 2018). One of the common things that the organization can face is that an unauthorized person can get access to the company details by asking the userID and password of the system from the workers who are working with the organization, and that can be one of the biggest threats for the organization. Phishing can be another method where a cybercriminal will inject malware into the devices of the workers, and without knowing, the user can click on that, and that can help the attackers to get access to the system.
Risk related to internet access: Even if the internet is having different sorts of benefits, but still the organization can face security issues due to internet access, such as the organization is capable enough to receive and send data and can also access sensitive information with the help of internet access (Lim et al. 2019). Hacking using the internet system is the fundamental issue that the organization can face, such as cookie stealing, cross-site scripting, and click jacking are things that are associated with the internet. Using those things, cyber attackers use malicious methods to trick users browsing the internet, and that is how unwanted access can be given to cybercriminals.
Mitigation of the security Risks:
Now after understanding the risks that are associated in terms of security for the organization, now it is going to discuss the ways that can mitigate the security risks, and those mitigation actions are as follows-
Forensic Analysis: This can be one of the mitigation actions that need to be taken care of by the organization, where using forensic analysis can help the organization for containment and discovery of the security threats on the network system of the organization. When the network team of the organization has contained the attack, it can launch the forensic analysis to make interaction with the report that needs to be generated by the sensor at the time of attack or during the period of attack (Parlikad et al. 2020). This thing needs to be done, especially when the outcome of the network system is in the condition of attack. The data which will be generated by the sensors must be very well secured in the system for the process of forensic analysis.
Risk Assessment- Risk assessment refers to the continuous identification of the different possible risks and threats of the network. There can be security-related threats to the different network devices and the overall organization's data (Lakshmi et al., 2018). However, every threat in the network may require individual risk assessment depending upon the level of risk and type of threat. Therefore, depending upon the type of network threats, the mitigation action also varies. For example, in the case of malware or Trojans in the devices may require formatting the device or implementing antivirus (Upadhyay and Sampalli, 2020). Therefore, the teams and administrator are required to determine the level and type of the risk and make choices for the appropriate measures, and this can be performed by either periodic risk assessment or continuous risk assessment.
Enhance Physical SecurityThis is another sort of important consideration in terms of mitigating the security in the network system. Restricting the physical access to the components of the network can be another effective as it prevents unauthorized access from the unwanted person. The organization needs to make sure that those who are authorized to get access to the organization's system are only allowed to use the system (Valocchi et al., 2017). Any unwanted person needs to stay ahead from the network devices or from the network room so that any security threats cannot be increased.
Figure 4: Different types of Security needs
(Source: https://cdn.comparitech.com/wp-content/uploads/2019/04/24-iot-top-security-issues-priority-statistic-2019-e1556643748194.jpg)
Instigating Security Policy- The security policy aims at the security goals, authority levels and possible risks. This often involves team members and security coordinators who are authorized within the system. It is also the employees' responsibility to follow these security policies. This policy instating helps to provide the different measures and procedures for mitigating these security breaches. This policy addresses the software, hardware configuration, protocol and architecture of the network for enhancing network security.
Costing implications
The costing implications can refer to the amount of money, energy and time that needs to be required in producing or maintaining a service or product. In this case, this part of the report is aiming to discuss the required cost implication and several plans for this cost implication related to the network management planning process for the Handmade Furniture Company. The study thus focuses on analyzing and identifying the problem areas of the network that needs modifications regarding the up gradation of the network (Yazdinejad et al. 2020). The very first step of cost implication and modification of the network is to identify the different possible vulnerabilities of Handmade Furniture Company’s computer network. Therefore, organizations need expatriates to be hired from outside for identifying and testing the possible network vulnerabilities. This is because the external or third party team has desired equipment and technical staffs for effectively testing the network. Therefore, in order to develop a proper network management plan, the team needs to be developed. This involvement of the experienced working team can be effective after analyzing the complete network architecture of the handmade Furniture Company and also in identifying the possible vulnerabilities in the existing network (Yu, 2017). Along with that, the company requires to upgrade the existing system that is effective in reducing the scope of network threats and security issues.
|
Network Test Type |
Approximate cost |
|
Large Penetration testing |
£5,000-£20,000 |
|
Medium Penetration testing |
£3,000-£5,000 |
|
Small Penetration testing |
£1,000-£3,000 |
|
Network development Cost |
£15000-£20,000 |
|
Network maintenance cost |
£3500-£5000 |
|
Resources Cost (Switch, Routers, Network Cables, Access point etc.) |
£30000-£40000 |
|
Server Maintenance |
£500-£800 |
|
Secured Website |
£10,000 |
|
Cyber Security Service |
£100-£500per month(For small sized network) and £500-£2000 (Medium sized network) |
|
Cost in IoT device network |
£5000-£15,000 |
Table 1: Approximate cost analysis
(Source: Self-created)
The upgrade needs to be performed in both the hardware and software. It thus generates more requirements regarding the availability of the resources physically as well as financially in order to ensure the network to be secured enough and configured properly. The Handmade Furniture also may need more number of employees knowledgeable in IT service and network security. This may reduce the scope of further investment in outsourcing the testing team and maintaining the security of the organization's internal network. The network developer’s team also needs to be focused on educating the other staff on preventing possible potential attacks and maintaining the security of the network.
Recommendation
There are several possible measures that need to be followed by the Employees of handmade Furniture Company in maintaining the security of the network by effective planning of the network design and configuration. The study has discussed planning for the network configuration and modification of the computer network. Though there can be other types of vulnerabilities in the network that may exist after the configuration of the network, and these vulnerabilities can be developed in the future. Therefore, the employees and the administrator need to be focused on testing the network frequently. The company also needs to deploy the network as mentioned earlier security measures for securing the network properly. The company also needs to deploy a proper and effective network management plan in controlling the use of network resources. The study has also identified that a better approach to securing a network is to use a faster internet connection. The use of the WiFi network and IoT network can have more vulnerability regarding the connectivity protocols. The IoT network is more vulnerable related to data security. For this reason, the newly developed LiFi(light fidelity) technology can also be implemented, which offers more security and faster internet connectivity due to the large spectrum of the light, and it is around 3X faster than a normal WiFi connection. The employees of the handmade Furniture Company need to be limited to use personal laptops or other devices in the workplace as there are various possibilities of transferring malware or virus through these personal devices. This also may widen the possibilities of data leaking through these personal devices of the employees. The Administration of the company also requires developing authorization protocols for all the devices that are connected to the organization's internet connection.
Conclusion
The study has discussed the different network management and network security plans, including the identification of the possible sources of network threats. The study also provides some details regarding the network management plans, including fault management, configuration management, security management etc., and the study also identifies all the important purposes of the network. The study also identifies many different factors regarding the possible security risks on the internal network of the Handmade Furniture Company. This also analyses the weakness of the following computer network related to the communication protocol and network infrastructure. The study has identified that the organization should perform a risk assessment for enhancing the physical security of the network and developing some useful security policies to counter the security breaches.
References
Journal
Allocca, C.M., Snapes, E., Albert, M., Bledsoe, M.J., Castelhano, M.G., De Wilde, M., Furuta, K., Kozlakidis, Z., Martin, D., Martins, A. and McCall, S.J., 2020. Biobanking in the COVID-19 Era and Beyond: Part 2. A Set of Tool Implementation Case Studies. Biopreservation and Biobanking, 18(6), pp.547-560.
Amin, R., Reisslein, M. and Shah, N., 2018. Hybrid SDN networks: A survey of existing approaches. IEEE Communications Surveys & Tutorials, 20(4), pp.3259-3306.
Arif, M., Wang, G., Geman, O., Balas, V.E., Tao, P., Brezulianu, A. and Chen, J., 2020. Sdn-based vanets, security attacks, applications, and challenges. Applied Sciences, 10(9), p.3217.
Batcheler, R., Lwin, L.M., Ney, D., Owen, J. and Powers, J., 2020. Developing Myanmar's Local Data Ecosystem.
Dargahi, T., Caponi, A., Ambrosin, M., Bianchi, G. and Conti, M., 2017. A survey on the security of stateful SDN data planes. IEEE Communications Surveys & Tutorials, 19(3), pp.1701-1725.
Day, J.C., Kenchington, R.A., Tanzer, J.M. and Cameron, D.S., 2019. Marine zoning revisited: How decades of zoning the Great Barrier Reef has evolved as an effective spatial planning approach for marine ecosystem?based management. Aquatic Conservation: Marine and Freshwater Ecosystems, 29, pp.9-32.
Elk, R., Emanuel, L., Hauser, J., Bakitas, M. and Levkoff, S., 2020. Developing and testing the feasibility of a culturally based tele-palliative care consult based on the cultural values and preferences of southern, rural African American and White community members: a program by and for the community. Health equity, 4(1), pp.52-83.
Eslami, A., Ghafari, M., Sohbatloo, V. and Fanaei, F., 2017. Safety Assessment of Zanjan Drinking Water System Using Water Safety Plan. Journal of Human, Environment and Health Promotion, 2(3), pp.138-146.
Ford, E., Conroy, L., Dong, L., de Los Santos, L.F., Greener, A., Gwe?Ya Kim, G., Johnson, J., Johnson, P., Mechalakos, J.G., Napolitano, B. and Parker, S., 2020. Strategies for effective physics plan and chart review in radiation therapy: report of AAPM Task Group 275. Medical physics, 47(6), pp.e236-e272.
Gray, R., Nguyen, K., Lee, J.C., Deschamps-Braly, J., Bastidas, N., Tanna, N. and Bradley, J.P., 2019. Osseous transformation with facial feminization surgery: improved anatomical accuracy with virtual planning. Plastic and reconstructive surgery, 144(5), pp.1159-1168.
Gupta, A., Harrison, R., Canini, M., Feamster, N., Rexford, J. and Willinger, W., 2018, August. Sonata: Query-driven streaming network telemetry. In Proceedings of the 2018 conference of the ACM special interest group on data communication (pp. 357-371).
Haltigin, T., Lange, C., Mugnuolo, R., Smith, C. and iMARS Working Group, 2018. iMARS Phase 2: a draft mission architecture and science management plan for the return of samples from Mars Phase 2 Report of the International Mars Architecture for the Return of Samples (iMARS) Working Group. Astrobiology, 18(S1), pp.S-1.
Lim, D.S., Abercromby, A.F., Kobs Nawotniak, S.E., Lees, D.S., Miller, M.J., Brady, A.L., Miller, M.J., Mirmalek, Z., Sehlke, A., Payler, S.J. and Stevens, A.H., 2019. The BASALT research program: designing and developing mission elements in support of human scientific exploration of Mars. Astrobiology, 19(3), pp.245-259.
Lu, Q., Parlikad, A.K., Woodall, P., Don Ranasinghe, G., Xie, X., Liang, Z., Konstantinou, E., Heaton, J. and Schooling, J., 2020. Developing a digital twin at building and city levels: case study of West Cambridge campus. Journal of Management in Engineering, 36(3), p.05020004.
Spruce, J., Bolten, J., Srinivasan, R. and Lakshmi, V., 2018. Developing land use land cover maps for the Lower Mekong Basin to aid hydrologic modeling and basin planning. Remote Sensing, 10(12), p.1910.
Upadhyay, D. and Sampalli, S., 2020. SCADA (Supervisory Control and Data Acquisition) systems: Vulnerability assessment and security recommendations. Computers & Security, 89, p.101666.
Valocchi, D., Tuncer, D., Charalambides, M., Femminella, M., Reali, G. and Pavlou, G., 2017. SigMA: Signaling framework for decentralized network management applications. IEEE Transactions on Network and Service Management, 14(3), pp.616-630.
Yazdinejad, A., Parizi, R.M., Dehghantanha, A. and Choo, K.K.R., 2020. P4-to-blockchain: A secure blockchain-enabled packet parser for software defined networking. Computers & Security, 88, p.101629.
Yu, D., 2017. Access control for network management (No. UCAM-CL-TR-898). University of Cambridge, Computer Laboratory.
