Just copy from file( Just change into own words) to new one in own words. Instructions are also given in file (project02) as wel

For your final step, synthesize the previous steps and labs to summarize the major findings and from this project.

Specifically, prepare a technical report that summarizes your findings. Include all of the following elements:

1. The strengths and limitations associated with limiting access of web pages through the use of firewalls.

2. A detailed description of how tunneling through firewall via SSH worked and how the process could be used protect a private subnet. Describe the implications of using a jump box for access to the private subnet. Cover concerns such as key storage, creation, and rotation at scale for a large organization.

3. TLS communication challenges and results from your TLS 1.3 Java client-server implementation. Describe how this functionality could be used to support an IoT application with hundreds of thousands of remote sensor devices connecting across a distributed network.

4. A discussion of major threats to WLANs and how each can be mitigated. Provide security monitoring best practices and describe suitable approaches to protecting a WLAN.

Delve further into these topics by conducting research beyond the classroom readings and lab exercises to gain further insight and enhance your report.

Naturally, I expect your report will include a title page, table of contents, list of tables and figures (if applicable), and a list of references. Organize the content into sections, with clear, meaningful headings.

References

Joint Task Force Transformation Initiative. (2015, January 22). "SC-7 Boundary Protection," from Security and Privacy Controls for Federal Information Systems and Organizations. Retrieved from https://nvd.nist.gov/800-53/Rev4/control/SC-7

,

Network and Firewall Protection Final Report  

Firewall Strengths and Limitations  

Firewalls are devices placed within a network to protect data systems from unwanted communication.  They “monitor incoming and outgoing network traffic and decide whether to allow or block specific  traffic based on a defined set of security rules” (Cisco, n.d.). Firewalls, at its most basic form, filter  stateless packets but also provide advanced operability to be used as stateful multi-layer inspection  firewalls, circuit level gateways, application level gateways, next-generation firewalls (NGFW), threat focused NGFW, cloud firewalls and unified threat management (UTM) firewalls.  

Firewalls overall do a great job of limiting access to webpages by opening/closing ports,  restricting/permitting IPs, providing trust/untrusted boundaries and even providing proxy/web caching  services. Limitations arise when ports are misconfigured or rerouted by unauthorized personnel. For  example, an administrator may close port 194 to restrict communication using Internet Relay Chat (IRC),  however users may configure IRC to use port 80 which bypasses established security parameters.  

SSH Firewall Tunneling  

Port 22 has been designated by Internet Assigned Numbers Authority (IANA) to be the default defacto  port for using SSH to access remote systems securely. A SSH server and client runs over this port,  providing an encrypted back hall connection that can be used to transfer data securely. Port forwarding  can also be used by the SSH protocol to bypass closed firewall ports to reroute to another port with an  encrypted tunnel for data transfer to occur.  

In the project with the firewall lab, two EC2 instances were used to simulate a private subnet that  should only be accessible internally. Firewall rules were configured to open ports, and to explicitly allow  access from another internal instance, jump box, that was on a different subnet by specifying the IP  address and ports to be used. Access into the private subnet from the jump box provided a secure  remote connection as long as the credentials for access were properly configured between the  authenticating systems. Tunneling or port forwarding was performed with this process to gain access  over the TCP/IP connection by rerouting to an open port in the firewall. In a small organization,  managing keys properly, to include creation/rotation, would suffice. However, in a large corporation,  manually managing keys is not scalable and could provide challenges which could lead to possible  system compromises.  

IoT vs. TLS  

IoT devices are rapidly increasing, and are integrating within our basic, daily way of living. It is gaining  popularity with home appliances, factories, tools, cars and personal electronic devices. The consumer’s  demand for convenience adds pressure to the release of devices that are developed inherently  unsecure. “IoT devices are vulnerable mostly because they lack the necessary built-in security controls  to defend against threats”, according to Arampatzis (2021). IoT devices can also have security controls  built on to them after production, and because it uses TCP/IP, some devices may be able to incorporate  TLS for providing secure communications when remote sensors are connected and dispersed across a  distributed network. 

TLS1.3, at its latest version, provides a handshake mechanism between the server and client to  negotiate security parameters. The hello message contains the supported ciphers suites, key  agreements and key shares, which are calculated and sent to the servers from the client. The server  responds with a hello message containing the chosen cipher suite and key shares, which is used to  generate the symmetric key. A signed certificate and finished message is also sent from the server which  allows a secure session to be obtained between the two servers. In regards to the sensors within the  network, it is basically performing the steps that the client would perform to negotiate the handshake  between the servers.  

WLAN Threats  

The major security concerns for WLANs are confidentiality, integrity, availability and access control. Both  wireless and wired LANs share the same major threats, however attackers may have an advantage with  compromising WLANs because it is much easier to intercept wireless data transmission than to gain  physical access to the device. Across both transmission platforms, WLANs and LANs are susceptible to  denial of service (DoS), eavesdropping, man-in-the middle (MiTM), masquerading, message  modification, message replay and traffic analysis.  

DoS attacks occur when the availability of information systems become compromise due to nefarious  activities from threat actors. Proper firewall configuration can help mitigate this attack by  allowing/denying specific IPs to access the system and by limiting the traffic to the network interface  card (NIC).  

Eavesdropping takes on a passive approach of monitoring network traffic. This may be one of the most  difficult threats to detect because it is hard to identify if someone is collecting data. However simple  mitigation techniques requires the use of cryptography to encrypt and secure data.  

MiTM attacks are when data transmission are intercepted by a threat actor, and injected with false data  to be passed along to the intended recipient. This form of attack can be mitigated with the use of  TLSv1.3 when web browsing the World Wide Web. Most modern browsers will display a lock icon in the  web address field to indicate that the server is using encryption and that the certifications have been  verified.  

 Masquerading is when an attacker gains access to a system by pretending to be a legitimate user. This  can be mitigated by employing the Zero Trust Architect to a network and by implementing access  controls.  

Message modification compromises the integrity of a message, but can be mitigated with use of  encryption. Replay attacks passively monitors and replay transmitted messages. This attack may be used  to steal sessions and can be prevented by using random session keys and sequencing numbers.  

Traffic Analysis uses another passive approach to collect metadata to analyze patterns. Padding the  traffic with extra noise and combining it with encryption are excellent mitigation methods.  

Security monitoring best practices for protecting WLAN includes performing attack and vulnerability  monitoring. Attack monitoring have two types, passive and active. However, because passive attacks are  almost impossible to detect, active attacks are the primary focus on WLAN threats. Vulnerability 

monitoring pertains to basic upkeep of software maintenance such as applying patches and verifying  security configurations. WIDPS monitoring tools are used within the network to identify malicious  behavior and to prevent further access to a system. Continuous monitoring is also recommended for  situational awareness of unauthorized WLAN devices, misconfigured devices, unusual WLAN traffic  patterns and for actively scanning the network.

References  

Cisco. (n.d.). What Is a Firewall. https://www.cisco.com/c/en/us/products/security/firewalls/what-is-a firewall.html

Arampatzis , A. (2021, March 15). Top 10 Vulnerabilities that Make IoT Devices Insecure. Venafi.  www.venafi.com/blog/top-10-vulnerabilities-make-iot-devices-insecure

Collepals.com Plagiarism Free Papers

Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS

Why Hire Collepals.com writers to do your paper?

Quality- We are experienced and have access to ample research materials.

We write plagiarism Free Content

Confidential- We never share or sell your personal information to third parties.

Support-Chat with us today! We are always waiting to answer all your questions.