Ken 7 Windows Limited has added several new servers and wor…

Ken 7 Windows Limited has added several new servers and workstations to the Ken 7 domain to support the new enterprise resource planning (ERP) software. They have also added many internal users and plan to allow access from remote users to their internal network resources. Ken 7 Windows Limited needs additional network controls to protect their growing network. Consider the Windows servers and workstations in the domains of a typical IT infrastructure. Based on your understanding of network security controls, recommend possible new controls that will enhance the network’s security. Focus on ensuring that controls satisfy the defense in depth approach to security. Summarize your network security controls in a Word document and submit it to your instructor. You must provide rationale for your choices by explaining how each control makes the environment more secure.

Network security controls play a crucial role in ensuring the protection of a company’s IT infrastructure. In the case of Ken 7 Windows Limited, the recent expansion of servers and workstations, as well as the addition of new users and the need for remote access, demands the implementation of additional controls to enhance network security. This recommendation focuses on the defense in depth approach, which involves implementing multiple layers of security controls to mitigate risks.

Here are several possible new controls that can enhance the security of Ken 7 Windows Limited’s network:

1. Firewalls: Deploying firewalls at the network perimeter, as well as on individual servers and workstations, can help prevent unauthorized access and protect against network-based threats. Firewalls should enforce strict access control policies based on rules and allow only necessary network traffic, reducing the attack surface.

2. Intrusion Detection and Prevention Systems (IDPS): Implementing IDPS can provide real-time monitoring and detection of suspicious activities or attempts to exploit vulnerabilities. This will allow for timely responses to potential threats and help in preventing unauthorized access or data breaches.

3. Virtual Private Network (VPN): To secure remote access to internal network resources, implementing VPN technology can ensure encrypted communication between remote users and the internal network. This will protect sensitive data from interception and unauthorized access by outsiders.

4. Access Control: Applying strong access controls, such as user authentication policies, role-based access control (RBAC), and least privilege principles, is essential to limit unauthorized access to critical resources. Enforcing the use of strong passwords, implementing multi-factor authentication, and regularly reviewing and revoking unnecessary user access rights will bolster the network’s security.

5. Patch Management: Regularly updating servers, workstations, and network devices with the latest security patches and fixes is crucial to address known vulnerabilities. Establishing a comprehensive patch management program will help minimize the risk of exploitation through outdated software.

6. Data Encryption: Implementing encryption techniques, such as Transport Layer Security (TLS) and disk encryption, can protect sensitive data from unauthorized access and ensure data integrity during transit and at rest.

7. Network Segmentation: Dividing the network into separate zones or segments with different levels of trust can provide an additional layer of security. By implementing routers, VLANs, and access control lists, it becomes more difficult for an attacker to move laterally within the infrastructure and gain unauthorized access to critical systems.

8. Security Information and Event Management (SIEM): Implementing SIEM solutions can centralize the collection, analysis, and correlation of security logs and events from various network components. This enhances detection capabilities and enables proactive monitoring and response to security incidents.

Each of these controls strengthens the network’s security posture by addressing different aspects of potential vulnerabilities and threats. By adopting a defense in depth approach and implementing these controls, Ken 7 Windows Limited can enhance the protection of their growing network infrastructure and safeguard their valuable assets.