In preparation for your network design project, discuss with your classmates ideas for addressing the security vulnerabilities in the network design. In your discussion, address the following:
- What challenges will need to be addressed with the U.S. Navy project described in your scenario?
- What types of vulnerabilities need to be addressed in the design?
- Where might there be points of failure in the design?
- What areas concern you about securing the network?
- What steps would you recommend to overcome those concerns?
Outline your ideas in a 3–5-paragraph posting. Study the postings of at least 2 other classmates and respond to them with comments and questions. Ask for clarifications of their ideas if necessary.
Be sure to document your references using APA format.
You are a newly hired civilian contractor for the U.S. Navy at a naval air station. Your position is a security engineer. This project has recently been consolidated to this location from several coastal areas. The team is a small department that focuses on unmanned naval surveillance vehicles.
You have been asked to perform the initial network design while you wait for your security clearance to get approved. You have to bear in mind the requirements that the Navy has for this project. There is a 2 terabyte UNIX DB2 database, which is used for craft designs, part lists, and experimental results; additionally, a smaller Oracle database running on Windows servers takes care of scheduling, administration, and personnel data.
The network will require 200 hosts in the design and development department, 20 in the personnel department, and 40 in the acquisition department. The acquisition department will need access to the secure internal network and external Department of Defense suppliers, whose networks are not considered secure. Both of these departments will need access to Windows laser printers and UNIX-based design plotters. The captain in charge of the project and his staff of 10 need a wireless virtual private network (VPN).
This work is considered top secret and outside of the requirements of the acquisition department; the network is considered a secure one that must meet the requirements of common criteria and evaluation assurance level 4 + (EAL 4 +). The internal, border, wireless, and default gateway duties are handled by a major equipment company. Data availability is important because the government has tens of millions of dollars already invested in this project.