Introduction
An initial penetration test on the network interface of Sifers-Grayson revealed that the facility’s security system is vulnerable to security threats. Therefore, the company made plans to improve its network interface to prevent the occurrence of any threat. The current report provides a detailed oversight into the most reliable security strategies that would be effective for Sifers-Grayson’s case and suggestions on why the company needs to adopt these recommendations. A detailed analysis of the facility’s security system provides a detailed overview of systems that need immediate improvement by purchasing and applying available hardware.
Security Strategies
Read Team’s incident report revealed a flaw in Sifers-Grayson’s network system, leading to a deep inquiry into practical recommendations for improvement. The best security recommendation for the facility is the use of a layered security interface. Layered security provides an organization with an adequate security interface since multiple security components are installed across multiple layers (Bagula et al., 2019). This makes it difficult for unauthorized users to gain access. Moreover, this security feature will allow Sifers-Grayson to delay identified threats until the security team can react to them effectively (Bagula et al., 2019). However, for this to happen, the proposed security framework should be impenetrable. Therefore, Sifers-Grayson needs to implement two defensive strategies.
The first strategy is for creating a layered security interface is configuring a DMZ. DMZ ensures that the network is protected from external attacks by exposing only limited information and data (Hibshi & Breaux, 2017). For an effective DMZ, Sifers-Grayson needs to purchase business-class routers, a business class firewall, and an intrusion detection and prevention systems for all targeted departments. Together, these hardware ensures that the DMZ works as a multi-layered network defense strategy. Another critical strategy is implementing enterprise-wide protective and detective measures. These measures ensure effective integration of a supplementary defense strategy by allowing Sifers-Grayson to control different aspects of the network interface, such as software documentation and source codes.
The penetration testing phase saw some personnel assuming engineer roles, granting them access to sensitive areas in the organization without meeting security requirements. Sifers-Grayson needs to have an identity system to prevent security incidences due to such events. The company also needs a network management tool with a Unified Threat Management Tool (UMT) being the best equipped to handle such situations. A UMT creates a unified point for threat protection, preventing unauthorized individuals from gaining access to the network.
Product Evaluation
Implementing a DMZ requires investing in business-class routers with WAP and VPN capabilities, a business-class firewall, and an intrusion detection and prevention system. The best router, in this case, is the Cisco router which is equipped with advanced security features. Cisco routers have a secure authentication feature equipped with an impenetrable encryption system. Moreover, they have WAP and VPN capabilities that localize the network and mask the identity of users (Rahman et al., 2020). According to Lee et al. (2018), advanced encryption and authentication are features of a reliable router as they prevent breaches from intruders.
After settling on the router, the following hardware is a business class firewall system. Firewalls are practical tools as they mitigate the amount of damage the system gets in the presence of an unidentified threat (Zarca et al., 2018). To eliminate incompatibility and familiarized approaches, the facility needs to procure a Cisco firewall. Cisco firewalls are popular due to their highly customizable feature, allowing experts to determine sectors that need advanced protection (Faizan et al., 2019). Sifers-Grayson will also require a Cisco framework to complement the routers and firewall for an intrusion detection and prevention system. Since all these hardware is from the same manufacturer, compatibility is high, promoting high functionality, ease of usage, and reliable customer support.
For the second defense strategy, an Application Lifecycle Management (ALM) tool will be the first resource. The ALM tool will allow easy product lifecycle management from design, development, testing, and deployment. Jira is the best ALM tool for Sifers-Grayson’s case as it comes equipped with advanced features and easy customization. With unauthorized access being a common concern for Sifers-Grayson, the next consideration is implementing an identity and access management system. SolarWinds’ Access Rights Manager (ARM) is an ideal option as its main functions include provisioning, de-provisioning, and auditing access rights (Access Rights Manager, n.d.). This allows Sifers-Grayson’s technicians to easily identify users accessing the network interface.
Another essential product for this defense strategy is the UMT to protect the network using several features such as antivirus and content filtering. With FortiGate UMT, Sifers-Grayson will have a secure network since this tool allows for deployment on all physical systems and provides protection for different hardware. Additionally, it is equipped with firewall features and intrusion and detention prevention, providing added layered security. For image capturing, FTK Imager will provide the best results for Sifers-Grayson. FTK Imager is equipped with various features that allow for effective network management, including its advanced decryption features.
Summary, Implementation, and Conclusion
Based on the previous penetration test conducted by the Read Team, it is evident that Sifers-Grayson requires immediate intervention to secure its network from any form of attack. A reliable recommendation is the application of the two defensive strategies as discussed in this report and implementing a layered security interface. Although different tools are available in the market, Cisco tools are recommended as they create a compatible defense strategy.
Network security through a combination of Jira and ARM provides a seamless project and identity management and keeps the facility on the right track. Implementing these recommendations requires an immense financial investment that will require training personnel about the new features and the new policies. Although the current management can handle these changes, a specialized change management team overseeing change processes will be effective as it will concentrate on familiarizing the personnel about the new changes to meet organizational goals.
References
Access Rights Manager: Manage and audit access rights across your IT infrastructure. (n.d.). Web.
Bagula, A., Ngaqwazai, L., Kakoko, C. L., & Ajayi, O. (2019). On the relevance of using multi-layered security in the opportunistic internet-of-things. International Conference on e-Infrastructure and e-Services for Developing Countries (pp. 15-29). Springer, Cham. Web.
Faizan, M., Hegde, S. S., & Yaligar, N. V. (2019). Comparison between Cisco ASA and Fortinet FortiGate. IOSR Journal of Computer Engineering (IOSR-JCE), 21(3), 34-36. Web.
Hibshi, H., & Breaux, T. D. (2017). Reinforcing security requirements with multifactor quality measurement. In 2017 IEEE 25th International Requirements Engineering Conference (RE) (pp. 144-153). IEEE. Web.
Lee, Y. J., Baik, N. K., Kim, C., & Yang, C. N. (2018). Study of detection method for spoofed IP against DDoS attacks. Personal and Ubiquitous Computing, 22(1), 35-44. Web.
Rahman, M. T., Rahman, M. S., Wang, H., Tajik, S., Khalil, W., Farahmandi, F., Forte, D., Asadizanjani, N., & Tehranipoor, M. (2020). Defense-in-depth: A recipe for logic locking to prevail. Integration, 72, 39-57. Web.
Zarca, A. M., Bernabe, J. B., Farris, I., Khettab, Y., Taleb, T., & Skarmeta, A. (2018). Enhancing IoT security through network softwarization and virtual security appliances. International Journal of Network Management, 28(5), e2038. Web.