Old example
INTRODUCTION
Longstaff Marketing Solutions is a fast-growing marketing agency which has recently
moved from its original home office to a new city centre office within business centre.
They have recently been major growth in the organization, with staff increasing to 25
employees in the past year. Most of the equipment from the older home office has
been moved to the newer office which forms the basis of the network. Currently, the
organization has a single virtual private network server, however it uses features
from its small office and home office network (SOHO) router provided by the internet
service providers (IPS). The same router is used to protect the network through its
implemented firewall. At the moment there are many key issues that affect the
organizations connectivity and compatibility issues. Many of these include:
- SOHO router: They can pose several security concerns, including security
vulnerabilities, limited features compared to higher-grade equipment, and
difficulties in managing and maintaining a large network of SOHO routers.
Most SOHO routers tend to be set with insecure default configuration and
credentials, as stated in the controlled document. Currently uses default
administrator username and password such as “admin”/ “admin”.
Furthermore, it’s built-in firewall currently uses encryption protocols such as
WPA which can be considered outdated which leaves vulnerabilities to new
threats and attacks.
- Network Attached Storage: Currently accessed using a shared administrative
account. This approach removes all accountability for file access and
changes, as activities cannot be traced back to specific users. Without audit
trails or individual permissions, it is impossible to enforce the principle of least
privilege, detect malicious behaviour, or respond effectively to accidental data
deletions or alterations. Shared credentials are especially dangerous in a
growing company where staff turnover is rising, as it becomes harder to
ensure former employees no longer have access. Equally concerning is the
fact that all users in the organization currently operate via the local
administrator privileges on their devices. This permits the users to install any
software- authorized or not- onto their systems. Such a setup has already
resulted in unauthorized applications, including games and potential harmful
software which could lead to high risk of malware infections and software
conflicts. Additionally, placing the company in legal jeopardy, particularly if
there is any harm to costumer and company data, absence of application
control will also increase the likelihood of data leakage and insider threat.
- Staff Induction: Staff training is crucial to keep staff members informed of new
threats and vulnerabilities on a regular basis as it is proven that human error
is approximately 90% of the cause to successful data breaches.
Consequences of data breaches can be crucial in different aspects of the
business, it can affect the company financially, legally, and socially. Longstaff
Marketing Solutions tend to provide short presentations, which provides them
Singh_H_107557087_Task3
Page 3 of 18
with a broad understanding on password security and working safely with
equipment. It is important to carry out regular training sessions to encourage
the users to learn and understand the importance on how to remain safe
online. Implementing theses can make sure that employee understand what
actions to take in times of threats.
- Firewall Configurations: Longstaff Marketing Solutions is currently facing a
range of cybersecurity and network configuration issues that threaten both
operational efficiency and information security. One of the most critical
problems lies in the misconfiguration of the company's firewall rules.
Specifically, the firewall currently denies internal SMB (Server Message
Block) traffic for IP ranges outside of a narrow scope (192.168.1.251–253),
which involuntarily blocks access for most office-based users trying to reach
the NAS device. This issue has already resulted in users, being unable to
access essential shared resources while working from the office. The
misconfiguration not only disrupts workflows and collaboration but also leaves
the network open to external threats due to the overly permissive "allow by
default" firewall policy. If exploited, such weaknesses could lead to data
breaches or unauthorized access to critical systems.
Negligible Minor Moderate Significant Severe
Very likely Low Med Medium Med High High High
NAS
Likely Low Low Med Medium Med High
SOHO routers
High
Firewall
Possible Low Low Med Medium Med High Med High
Unlikely Low Low Med Low Med
Staff Induction
Medium Med High
Very Unlikely Low Low Low Med Medium Medium
KEY:
X-AXIS= SEVERITY
Y-AXIS= LIKELIHOOD
Singh_H_107557087_Task3
Page 4 of 18
REQUIRMENTS
The requirements are:
• A centralised system to manage user identities and access is required, by simply
implementing user access levels such as RBAC.
• Replacement of the SOHO router with a more suitable solution, in order to suit the
organization growth and keep up-to-date with new threats and vulnerabilities.
• Securing access to customer data from both inside and outside of the network, by
configuring firewall rules and making sure the highest level of encryption is currently
in use (WPA2/WPA3).
• Removal of VPN and replacement with a more user-friendly solution, in order to
accommodate hybrid workers and allowing them to access to resources in a stronger
and easier way.
• Replacement of the network attached storage (NAS) solution and implement cloud
environment in order to allow users to access resources from anywhere as well as
maximizing security.
• Improved auditing of network access and activity in order to log any suspicious
traffic.
• Remote management of devices outside of the network to keep track of user’s
progress and access.
• Systems that hold sensitive data should be adequately protected from network
threats, to do so implementation of separate server should be issued.
Singh_H_107557087_Task3
Page 5 of 18
• Users should not be able to install unapproved software on their work computers,
removal of shared administrator access will reinforce these rules.
• Any training or upskilling for staff to use the new systems should be considered and
provided regularly with new content addressing new threats and vulnerabilities.
OVERVIEW OF THE PLAN
It will be ensured that all users have access to resources with data protection and
secured network connectivity in place. In order to do so, it will require the
organization to implement few new hardware and software to optimize and increase
the security levels of the organization. By considering requirements and solutions
stated as follows:
- A centralised system to manage user identities and access. This can be
compromised by simply implementing user access levels and group policy
which will allow control access and user behaviour to be monitored.
- A more suitable routing and security solution. This can be fixed by replacing
the current SOHO router with a more suitable and security solution such as
business-grade router which would include features such as; VLAN support,
DPI (Deep packet Inspection), IDS/IPS, and redundant WAN connections.
- Protect costumer data from any access point, this is important as they require
to comply to legislation and regulations. They could store sensitive data on
secure file servers or cloud platforms such as OneDrive which are secured by
third parties. They could also use MFA to authenticate the user and enforce
RBAC and least privilege policies.
- Replace VPN with a simpler, secure solution was one of the requirements
which could be achieved by simply shift to a cloud environment such as
OneDrive which will allow file and data access for hybrid users over the
internet as well making sure that all data is kept secure.
- Replace NAS with secure storage could also considered. This would mean
that the business fully migrated to cloud storage for scalability, access control,
Singh_H_107557087_Task3
Page 6 of 18
and backups. However, I would also recommend a sort of file server where all
confidential data would be stored and backed up safely.
- Improved auditing of network access and activity would enhance visibility and
logging. By centralizing logs for firewalls, NAS, servers, and endpoints.
- It is required to have strong endpoint and network protection; therefore, I
suggest the company to segment the network using VLANs, install endpoint
detection and response (EDR), and enable full-disk encryption to enhance
overall security over the sensitive data.
- At the moment users are able to download unapproved software at will. This
can be seen as a threat to the network as it may contain malicious malware,
therefore use of group policy will lockdown local admin rights and enforce
application allow listing.
- By scheduling regular IT onboarding and security awareness training it will
smoothen transition and user adaptation for new users and help grasp
awareness on content such as new threats and security management
techniques so that they can be aware of new threats as AI is evolving.
The following implementation suggestions will provide data protection and security
network connectivity as well giving opportunity to further expand and suit their high
rate of growth.
There will be a set of equipment that will be needed in order to meet the suggestions
made above, these include:
1. DHCP server: a network server that automatically assigns IP addresses,
default gateways, and other network configuration settings to devices on a
network.
2. Domain Controller: a server that manages security authentication requests
within a computer network domain, essentially acting as a “gatekeeper” for
accessing domain resources.
3. Wireless Access point: connects wireless devices to a wired network, acting
like the central hub for wireless communication. It allows devices like laptops,
smartphones, and tablets to access the network or internet without needing to
be plugged in.
4. Router: primary role is to forward data packets between networks. It
determines the best path for data to travel between different LANs and/or the
internet.
5. Backup File Server: it creates and stores copies of data from a main file
server to protect against data loss. It can be used to restore data if the
primary server fails or if data becomes corrupted or deleted.
6. Managed Switch: provides network administrators with control and monitoring
capabilities for the network infrastructure. They also offer features like traffic
prioritization, VLANs, security settings, and remote management.
7. Intrusion Detection System: a security technology that monitors network traffic
and system activity for malicious activity or policy violations. It detects
potential intrusions by comparing traffic against know attack or by analysing
anomalies in network behaviour.
Singh_H_107557087_Task3
Page 7 of 18
8. Firewall: protect the network by allowing only authorized and safe
communication while blocking potentially harmful or unauthorized access. It
examines and filters the network traffic, ensuring that only safe and legitimate
traffic passes through.
9. Encryption: protects data from unauthorized access by converting it into
cyphertext that can only be decrypted with a specific key. It ensures
confidentiality, authentication, and integrity of data.
There are different ways that a company can implement changes, with different
techniques that organizations utilize, such as; parallel, phased, pilot, and direct.
DIRECT:
This involves a complete and immediate switch from the old system to the new one
on a specific date. This can be fast and relatively inexpensive but comes with the
high risk of disruption if the new system fails or has issues.
PILOT:
This approach involves rolling out the new system to a small, representative group of
users or a specific department to test out the system before it is implemented. This
allows for testing and refinement of the new system with minimal impact on the
overall organization. However, it can be time consuming and may not fully represent
the entire user base.
PARELLEL:
This method involves running both systems concurrently for a period of time,
allowing data comparison and user training before fully switching over. This has the
least risks, as users can continue using the old system while transitioning. However,
this is also the most expensive and resource-intensive, as it requires maintaining 2
systems simultaneously.
PHASED:
This approach involves introducing the new system in stages, with different modules
or functionality gradually being rolled out. This allows more controlled and less
disruptive transition, with the ability to address issues as they arise.
The company should consider the best method to implement the system by
evaluating the benefits and drawbacks. Personally, they should implement a pilot
implementation technique as it will test out all the components and modules of the
system without interfering with the current system. They should pick out a day where
no staff is working when transitioning to the new system to reduce the likelihood of
any risks and prevent disruption between users.
Singh_H_107557087_Task3
Page 8 of 18
Singh_H_107557087_Task3
Page 9 of 18
UPDATED NETWORK TOPOLOGY
Singh_H_107557087_Task3
Page 10 of 18
JUSTIFICATIONS OF EQUIPMENT
There has been a number of changes made to the network topology to provide the
required security and foundations to the network in order to support the fast growth
of the company. There are several hardware and software required to meet the
organization requirements, due to several reasons as follows:
DHCP server: a network server that automatically assigns IP addresses, default
gateways, and other network configuration settings to devices on a network. DHCP
offers significant advantages in network management and configuration, making it a
crucial component of modern networks. A single DHCP server manages IP
addresses for the entire network, making it easier to control and change network
configurations. New devices can be added to the network without requiring manual
IP address configuration, simplifying the onboarding process. These will support the
high demand of configurations to meet the growth of the organization.
Domain Controller: a server that manages security authentication requests within a
computer network domain, essentially acting as a "gatekeeper" for accessing domain
resources. A domain controller offers significant advantages for managing and
securing networks, including centralized user management, streamlined resource
sharing, enhanced security, and improved scalability. They simplify administration by
allowing centralized control over user accounts, network resources, and security
policies. This centralized approach also improves consistency and reduces errors
compared to managing each device individually.
Wireless Access Point: connects wireless devices to a wired network, acting as a
central hub for wireless communication. It allows devices like laptops, smartphones,
and tablets to access the network or internet without needing to be plugged in.
It offers several advantages, primarily related to network flexibility, scalability, and
ease of use. They allow you to extend your Wi-Fi coverage to areas where the router
signal is weak or non-existent, eliminating the need for expensive and unsightly
wired connections. Allowing expansion of the office over multiple floors and rooms.
Intrusion Detection System: a security technology that monitors network traffic and
system activity for malicious activity or policy violations. It detects potential intrusions
by comparing traffic against known attack signatures or by analysing anomalies in
network behaviour. Early threat detection, improved incident response time,
enhanced network visibility, and support for compliance with regulatory
requirements. They monitor network traffic for malicious activity, alert administrators
to potential threats, and provide detailed information for investigating security
incidents. These will help in scenarios such as zero-day exploitation, which will
provide the company more time to protect the network and leave less room for
external attacks.
Backup File Server: it creates and stores copies of data from a main file server to
protect against data loss. It can be used to restore data if the primary server fails or if
data becomes corrupted or deleted. It allows for automated backups, minimizing
downtime in case of disasters, and help prevent data loss from various causes like
hardware failures or accidental deletions. It also helps with data management as it
will make it easier or retrieve and find the data when needed.
Singh_H_107557087_Task3
Page 11 of 18
Managed Switch: provides network administrators with control and monitoring
capabilities for the network infrastructure. They also offer features like traffic
prioritization, VLANs, security settings, and remote management. It offers several
advantages, primarily in terms of control, flexibility, security, and performance. While
initially more expensive than unmanaged switches, managed switches can lower
long-term operational costs by reducing downtime, enabling remote management,
and improve overall network efficiency.
Router: primary role is to forward data packets between networks. It determines the
best path for data to travel between different LANs and/or the internet. Businessgrade routers offer several advantages over SOHO routers, primarily in terms of
reliability, security, and network management capabilities. They are built to handle
heavier workloads and more complex network configurations, making the ideal for
upcoming organizations.
Firewall: protect the network by allowing only authorized and safe communication
while blocking potentially harmful or unauthorized access. It examines and filters the
network traffic, ensuring that only safe and legitimate traffic passes through. They
allow protecting against viruses, malware, and hackers, as well as enhancing privacy
and compliance with regulations such as GDPR.
Encryption: protects data from unauthorized access by converting it into cyphertext
that can only be decrypted with a specific key. It ensures confidentiality,
authentication, and integrity of data. Safeguarding information during transfer and
storage, preventing data breaches and helping organizations meet compliance
requirements.
Furthermore, I would like to recommend the organization to implement a cloud
environment and dispose the idea of Network Attached Storage (NAS). It offers
multiple benefits, of which include cost savings, flexibility, improved collaborations,
and enhanced security. By allowing accessibility from anywhere with any device, it
enables efficient resource utilization and allows the organization and employee to
expand and work from different locations. This can create opportunity to target a
wider range of costumers and clients and leads to the opportunity to move to
different countries. By using cloud computing it can reduce the cost by removing the
need of physical hardware and software, it will allow them to scale their resources up
or down as needed, providing flexibility and efficiency in response to changing
business needs. To expand storage, its much easier and cheaper compared to
buying physical memory as you can buy plans to increase the storage required
depending on the organization needs.
Singh_H_107557087_Task3
Page 12 of 18
EXPENSES
Quantity Device Name Device/
Component
Vendor Current
specification
Proposed
specification
One-off
cost
Annual cost Link
1 TP-LINK Archer
VR2100
Router Curry’s SOHO router
with built on
firewall
AC 2100, dual
band
£79.99 Buy TPL: TP-LINK Archer VR2100 WiFi Modem Router - AC 2100, Dualband | Curry’s
25 Dell Inspiron 16 plus Laptops Dell Not stated Intel Core I7,
Windows 11,
2X8GB RAM,
512GB
memory
£478.99
each.
£11974.75
All.
Dell Inspiron 16 Plus | Dell UK
4 T360 Tower Dell Servers (For
various
reasons)
Dell Not in use 3X 2TB HD,
5600MHz,
Intel Xeon
2.6G
£3351.31
each.
£13405.24
PowerEdge T360 Tower Server | Dell
UK
1 TP-Link EAP225 Wireless
Access
Point
Amazon Not in use 5GHz
frequency,
Dual-Band
Wi-Fi
£69.99 TP-Link EAP225 Access Point, AC1350
Wi-Fi Dual Band Wireless Access
Points, Gigabit Ethernet Port Support
802.3af/Passive PoE, Omada Mesh,
Easily Mount to Wall or Ceiling, Free
Controller Software: Amazon.co.uk:
Computers & Accessories
1 Dell Networking
S3148P
Managed
Switch
Curry’s Not Stated 48 ports, L3,
front to back
airflow
£750.00 Dell Networking S3148P - switch - 48
ports - Managed - rack-mountable -
Dell Smart Value - 210-AIMP - Curry’s
Business
Vendors such as Curry, Dell, AWS, and Microsoft were prioritized. However, some items were suitable from other vendors
with consideration of cost, efficiency, and overall product value for money.
Singh_H_107557087_Task3
Page 13 of 18
Singh_H_107557087_Task3
Page 14 of 18
Category Current
Solution
Proposed
Solution
Vendor One-Off Cost Annual Cost Purchase/Info Link
BitLocker Encryption None BitLocker
(Windows
native)
Microsoft $0 Included in OS https://www.microsoft.com/bitlocker
CrowdStrike
Falcon
Endpoint
Protection
Windows
Defender
CrowdStrike
Falcon Pro
CrowdStrike $0 $85/user/year https://www.crowdstrike.com
Azure Firewall Basic ISP
Router
Firewall
Azure Firewall
with secured
virtual hub
Microsoft £0 £1.307 per
deployment
hour
£0.0012 per
GB processed.
https://www.netgate.com
Snort3 Intrusion
Prevention
None Snort IPS Cisco/Talos Free Free Snort Rules and IDS Software
Download
ITEMS ONE-OFF COST ANNUAL COST TOTAL COST
Router £79.99 / £79.99
25 Laptops £11,974.75 / £12,054.74
4 Servers £13,405.24 / £25,459.98
Wireless Access Point £69.99 / £25,529.97
Managed Switch £750.00 / £26,279.97
Encryption / / £26,279.97
Endpoint Protection (per year) / $2125 ~ £1586.58 £27,866.55
Firewall (per year) / £7842 per deployment in an
organizational year (250 days)
1TB of processed data= £1.20
£35,709.75
Intrusion Prevention System / / £35,709.75 FINAL COST
Singh_H_107557087_Task3
Page 15 of 18
POTENTIAL NETWORK AMD SYSTEM SECURITY ISSUES
One of the major security risks currently faced Longstaff Marketing Solutions is the
use of shared administrator logins. As outlined in Control Document D, all users
have access to shared administrative accounts, which allows them to access and
modify any data on the network. This poses significant security concerns. For
instance, it eliminates accountability since it is impossible to trace actions back to
individual users. Furthermore, malicious employees could exploit these privileges to
access or manipulate sensitive data, potentially leading to data breaches. Such
breaches would violate data protection laws including the General Data Protection
Regulation (GDPR) and the Data Protection Act (DPA), which emphasize the
principles of integrity, confidentiality, and accountability. Failure to comply with these
regulations could lead to heavy fines, legal action, reputational damage, loss of
clients, and diminished stakeholder trust. To mitigate this risk, it is essential to
introduce user access levels by implementing role-based access control (RBAC).
This approach restricts users to only the data and systems necessary for their job
roles, ensuring that administrator accounts are secured with strong, regularly
updated passwords and multi-factor authentication. Implementing Role-Based
Access Control, however, presents its own challenges.
As the company grows and new job roles emerge, the number of roles may increase
dramatically, potentially leading to role explosion. Poorly designed roles can result in
excessive permissions being granted, increasing the risk of unauthorized actions
such as the installation of unapproved software or malware infections that could
compromise the network. To address these challenges, it is critical to carefully define
roles based on a thorough analysis of job functions and business needs.
Permissions should be assigned following the principle of least privilege, granting
users only the access necessary to perform their tasks. Assigning users to roles or
groups simplifies management and enhances security. Regular audits of access
rights are necessary to ensure permissions remain appropriate and to detect any
unauthorized access promptly. When transitioning from the current system to the
proposed RBAC framework, the company should carefully consider the
implementation method. A direct cutover, while fast and inexpensive, carries high
risk if issues arise, potentially disrupting business operations.
Insider threats pose a significant risk to Longstaff Marketing Solutions due to the
high level of access currently granted to employees through shared administrative
accounts and weak access controls. An insider, whether intentionally malicious or
unintentionally negligent, can exploit these privileges to steal, manipulate, or leak
sensitive company and customer data. Such breaches not only compromise the
integrity and confidentiality of information but also put the company at risk of severe
legal and financial penalties under regulations like GDPR and the Data Protection
Act. Additionally, insider threats can result in reputational damage and loss of
customer trust, which may have long-term impacts on business viability. To mitigate
these risks, Longstaff Marketing should implement strict access controls using rolebased access control (RBAC), ensuring users have only the permissions necessary
to perform their job functions, which limits the potential damage caused by insiders.
Continuous monitoring and auditing of user activity through security information and
Singh_H_107557087_Task3
Page 16 of 18
event management (SIEM) tools will help detect unusual or unauthorized behaviour
promptly. Furthermore, enforcing multi-factor authentication (MFA) and unique user
accounts increases accountability and reduces the risk of compromised credentials
being used. Regular staff training on security awareness, data protection policies,
and the consequences of insider threats will cultivate a culture of security
mindfulness. Lastly, implementing clear disciplinary procedures for policy violations
will deter intentional misuse of access.
As Longstaff Marketing Solutions transitions its infrastructure to cloud services such
as Microsoft 365 or AWS, the risk of misconfigured access controls and permissions
increases significantly. Incorrectly configured Identity and Access Management
(IAM) settings can lead to unauthorized users gaining access to sensitive corporate
or customer data. This may result from overly permissive roles, failure to enforce the
principle of least privilege, or lack of proper monitoring, all of which increase the
likelihood of data breaches. Such vulnerabilities can expose the company to
compliance violations under GDPR and other data protection regulations, which
mandate strict control over personal and sensitive information. To mitigate this risk,
Longstaff should implement a robust IAM framework that enforces role-based access
control (RBAC) combined with the principle of least privilege, ensuring users only
have access necessary for their roles. Enabling multi-factor authentication (MFA)
across all cloud accounts will add an extra layer of security against credential
compromise. Additionally, the company should regularly audit cloud access logs and
permissions to detect and remediate any anomalies promptly. Leveraging cloudnative security tools such as Microsoft Secure Score or AWS IAM Access Analyzer
can assist in identifying and correcting misconfigurations, ensuring continuous
compliance and minimizing exposure.
As for the Firewall currently in use at Longstaff Marketing, its rules allow inbound and
outbound access for all HTTP, HTTPS, IMAP, SMTP traffic from a broad IP range to
any destination. This could expose internal systems to external threats if not properly
filtered at another layer like the application layer. Allowing inbound/outbound IMAP
and SMTP traffic can be risky without strong authentication and spam/malware
protection. Port 25 is commonly known for being exploited for spam distribution
which increases the risk of human error. SMB is seen to be inconsistent as it has
been allowed between specific IPs and denied for a broader range. If this is not
ordered or prioritized correctly in the firewall, the deny rule might override the allow
rule unintentionally or vice versa, leading to unintended access or blocking. Most
rules list the destination address as "ANY", which is risky. Traffic should ideally be
limited to known, trusted endpoints or services. In order to prevent these issues, it is
important to configure these rules. For example, Port 80 should be restricted to
known web servers only, therefore it is important to change the destination address
for inbound traffic to specific web server address (192.168.1.100). Similarly, HTTPS
secures all inbound traffic, whereas only the web server requires to be secured.
Lastly, the SMB protocol should keep limited access for specific systems only and
deny all other SMB access to protect shared files.
Singh_H_107557087_Task3
Page 17 of 18
SUMMARY
Longstaff Marketing Solutions asked to assess the specification of requirements and
prepare a proposal that addresses their needs. We were provided with concerns and
used our understanding to outline the possible issues that could have affected the
organization and created suggestions based off the issues. Not only did we suggest
hardware and software for the company to use on-site, but also to use as a
standardisation for each individual employee. We also included a justification for
each suggestion, and provided a cost table to show the business expenses for the
initial year and outlined specification such as the quantity, vendor, and product
specification. Issues with unnecessary high-level access and shared credentials,
which should have been eliminated, have all been taken care of as acceptable
suggestions are made on how they could mitigate those issues. Additionally, the
misconfigured firewall rules have been addressed removing any unauthorized traffic
entering the network. It is also made possible for hybrid workers to easily access
resources online as they there have been a suggestion of a virtual server which
allows the users to access, store, and share data from anywhere at any times
making it more efficient as well as meeting on of their requirements. Furthermore,
there has been changes to the network as classroom and office network have been
standardized which makes sure that there is no IP address errors and that rightful
data is accessible for each employee and student. All changes implemented into the
new proposal tend to meet all guidelines of different legislations such as DPA and
GDPR. This will help them maintain a safe network and make sure that all
client/costumer data is kept safe, this will increase the trust of the client and Swift
FinTech which will help them build a good relationship and maintaining a loyal client
for a long period of time. In term of long term, we can ensure the proposal to remain
the same for about 3-4 years, the reason for that is because technology is evolving
at a rapid rate and it is important for a company to exploit the technology available to
them to compete with their competitors. If they don’t implement changes, it will
restrict the company from accessing new services and features which would give
their competitors an advantage. Therefore, it is vital for an organization to keep
changing their operating system to keep track of new services which could improve
their deliverables. As for software licensing they tend to update in terms of payment
lengths and services which means they also need to be changed after a while to
have the full access to software’s.
Singh_H_107557087_Task3
Page 18 of 18
REFERENCES
Router:
Buy TPL: TP-LINK Archer VR2100 Wi-Fi Modem Router - AC 2100, Dual-band |
Curry’s
Laptops:
Dell Inspiron 16 Plus | Dell UK
Servers:
PowerEdge T360 Tower Server | Dell UK
Wireless access point:
TP-Link EAP225 Access Point, AC1350 Wi-Fi Dual Band Wireless Access Points,
Gigabit Ethernet Port Support 802.3af/Passive PoE, Omada Mesh, Easily Mount to
Wall or Ceiling, Free Controller Software: Amazon.co.uk: Computers & Accessories
Managed Switch:
Dell Networking S3148P - switch - 48 ports - Managed - rack-mountable - Dell Smart
Value - 210-AIMP - Curry’s Business
Encryption:
Install BitLocker on Windows Server | Microsoft Learn
Endpoint Protection:
CrowdStrike: We Stop Breaches with AI-native Cybersecurity
Firewall:
Netgate
Intrusion Prevention software:
Snort Rules and IDS Software Download
Comments
Post a Comment