We're Open
+44 7340 9595 39
+44 20 3239 6980

DESIGN PACKET FILTERING FIREWALL RULES AND IDENTIFY ADVANTAGES DISADVANTAGES

  100% Pass and No Plagiarism Guaranteed

DESIGN PACKET FILTERING FIREWALL RULES AND IDENTIFY ADVANTAGES DISADVANTAGES

In this paper, you are to 

Design packet filtering firewall rules and identify advantages disadvantages

An educational institute has a single router, referred to as the gateway router, connecting its internal network to the Internet. The institute has the public address range 138.77.0.0/16 and the gateway router has address 138.77.178.1 on its external interface (referred to as interface ifext). The internal network consists of four subnets:

 

      A DMZ, which is attached to interface ifdmz of the gateway router and uses address range 138.77.179.0/24.

      A small network, referred to as shared, with interface ifint of the gateway router connected to three other routers, referred to as staff_router, student_router, and research_router. This network has no hosts attached (only four routers) and uses network address 10.3.0.0/16.

    A staff subnet, which is for use by staff members only, that is attached to the

staff_router router and uses network address 10.3.1.0/24.

    A  student subnet,  which  is  for  use  by  students  only,  that  is  attached  to  the

student_router router and uses network address 10.3.2.0/24.

    A  research subnet,  which  is  for  use  by  research  staff,  that  is  attached  to  the

research_router router and uses network address 10.3.3.0/24.

 

In summary, there are four routers in the network: the gateway router, and routers for each of the staff, student and research subnets. There are five subnets: DMZ, shared, staff, student, and research.

 

There are two servers in the DMZ that all can accept requests from the Internet: a web server supporting HTTP and HTTPS, and a SMTP email server. Members of the staff, student and research subnets can access the web server; members of the staff subnet only can access the email server but using IMAP.

 

The gateway router also runs a stateful packet filtering firewall and performs port address translation. In addition to the DMZ setup as described above, security requirements for the educational institute are:

 

      External Internet users cannot access any internal computers (except in DMZ and as stated in other requirements).

    Staff, students and researchers can access websites in the Internet.

      The researchers (on the research subnet) run a server for sharing data with selected research partners external to the educational institute. That server provides SSH access and a specialised file transfer protocol using TCP and port 1234 to the partners. The server has internal address 10.3.3.31 and NAT is setup on the gateway router to map the public address 138.77.179.44 to the internal address. Currently there are two partner organisations   that   can   access   the  server,   and   they  have  network   addresses:

31.13.75.0/24 and 23.63.9.0/24.

      The professor that leads the research staff also wants access to the data sharing server while they are at home. At home that professor uses a commercial ISP that dynamically allocates IP addresses in the range 104.55.0.0/16.

 

Considering the above information, answer the following questions:

 

(a) Draw a diagram illustrating the network. Although there may be many computers in the staff, student and research subnets, for simplicity you only have to draw three computers in the staff subnet, three computers in the student subnet and three computers in the research subnet (one of those in the research subnet should be the data sharing server). Label all computers and router interfaces with IP addresses. [3 marks]

 

(b) Specify the firewall rules using the format as in the table below. You may add/remove rows as needed. After the table, add an explanation of the rules (why you design the firewall rules the way you did). [5 marks]

 

Rule

No.

Transport

Source

IP

Source

Port

Dest.

IP

Dest.

Port

Action

1

 

 

 

 

 

 

2

 

 

 

 

 

 

3

 

 

 

 

 

 

4

 

 

 

 

 

 

 

 

 

 

 

 

 

(c) Consider the rule(s) that  allows  the professor  to  access  from  home. Discuss  the limitations, and suggest possible solutions. [1 mark]

 

Marking Scheme

 

(a) 3 marks if correct network is drawn and labelled. 2 marks if some mistakes in location of nodes or links, or allocation of addresses. 0 or 1 mark if multiple mistakes.

(b) If all necessary rules are included, and no unnecessary rules are included, you will receive 5 marks. 0.5 mark will be deducted for an incorrect rule or incorrect explanation of the rule. 0.5 mark will be deducted for a missing rule. 0.5 mark will be deducted for a rule that is included but not needed. The explanation will only be considered if the rules appear wrong or inappropriate.

(c) 1 mark if a relevant limitation is described, and a potential solution is relevant. 0.5 mark of limitation or solution is wrong or irrelevant.

 


100% Plagiarism Free & Custom Written,
Tailored to your instructions


International House, 12 Constance Street, London, United Kingdom,
E16 2DQ

UK Registered Company # 11483120


100% Pass Guarantee

STILL NOT CONVINCED?

View our samples written by our professional writers to let you comprehend how your work is going to look like. We have categorised this into 3 categories with a few different subject domains

View Our Samples

We offer a £ 2999

If your assignment is plagiarised, we will give you £ 2999 in compensation

Recent Updates

Details

  • Title: DESIGN PACKET FILTERING FIREWALL RULES AND IDENTIFY ADVANTAGES DISADVANTAGES
  • Price: £ 109
  • Post Date: 2020-04-17T13:46:17+00:00
  • Category: Assignment Queries
  • No Plagiarism Guarantee
  • 100% Custom Written

Customer Reviews

DESIGN PACKET FILTERING FIREWALL RULES AND IDENTIFY ADVANTAGES DISADVANTAGES DESIGN PACKET FILTERING FIREWALL RULES AND IDENTIFY ADVANTAGES DISADVANTAGES
Reviews: 5

A masterpiece of assignment by , written on 2020-03-12

I received my order last night and now I’m writing my reviews. My assignment has all the points I needed along with a good style. The citations used are relatable and professional. The best thing is the discount I got because I recommended my friend too to use their service. I am so pleased to use this effective service. The features are also amazing, everything is good. Will come again soon!
Reviews: 5

A masterpiece of assignment by , written on 2020-03-12

My writer did a small error in my work but it was fixed by him shortly. The work is admirable and I have submitted it. Now hoping for the best results. I would inform you soon.