Date of Award

Summer 7-2012

Document Type

Thesis

Degree Name

Bachelor Degree

Department

Computer Science

First Advisor

Petrit Shala

Language

English

Abstract

This thesis investigated the features of security devices that would be suitable for implementations in medium to large enterprise networks at the global scale. In the thesis are covered open standard and proprietary security features. The open standard security features that are discussed in the report are the one that are developed by Internet Engineering Task Force – IETF and described in their Request For Comments – RFC. The proprietary features discussed in this report are from Cisco Systems and these features are always implemented in the Cisco Systems equipment. The author at the beginning describes common vulnerabilities, threats and attacks and then used comparative and quantities methodology to analyze the security features and its mitigation. Then in details were analyzed features of Cisco security devices, which operate at layer two and three of the OSI model, as the most commonly used equipment worldwide for securing entire computer networks. Based on their features and technical specifications it is shown that Cisco IOS Firewall feature set and Cisco Adaptive Security Appliance features are suitable for medium to big networks and with a staff that has advanced knowledge of risk security at computer networks. Network security is the process by which digital information assets are protected. The goals of security are to protect confidentiality, maintain integrity, and assure availability. With this in mind, it is imperative that all networks be protected from threats and vulnerabilities in order for a business to achieve its fullest potential. Typically, these threats are persistent due to vulnerabilities, which can arise from misconfigured hardware or software, poor network design, inherent technology weaknesses, or end-user carelessness. With the help of the Packet Tracer simulation software, different features and implementations of security features are tested. Using Packet Tracer software the author has created configuration script for every case used in a designed topology. At the end of the thesis under the Appendixes section is introduced operation of the Packet Tracer and configuration topology that is used throughout this report for the testing purposes.

DOI

10.33107/ubt-etd.2012.1633

Download

Share

COinS