Question

a company has 50 users, 2 file servers, 1 ftp server, 1 web server, 1 backup server and 2 printers. they have 3 departments. production, finance and hr. 10 users belong to finance, 5 belong to hr and the rest belong to production. they have hired you to implement a secure network design that protects their employees from external and internal attacks. company approves you to purchase a utm, a siem solution, endpoint security for workstations. create a network design with the purchased products. you should segment the network as well. provide an explanation of how your design is going to protect the network and users. if you need additional security products, you can mention it in the word document.

Answer 1

The proposed network design includes segmentation by department, a UTM for gateway protection, a SIEM solution for real-time monitoring, and endpoint security for individual devices. Additionally, the suggestion of a NAC solution and an email security gateway could bolster defenses.

Step-by-step explanation:

To design a secure network for a company with 50 users, 2 file servers, 1 FTP server, 1 web server, 1 backup server, and 2 printers spread across 3 departments, it's vital to implement network segmentation, apply a Unified Threat Management (UTM) solution, and integrate a Security Information and Event Management (SIEM) system, alongside deploying endpoint security.

For segmentation, the network should be divided into subnetworks based on department functions: one for Finance, one for HR, and one for Production. Each of these subnets should have its own set of strict access controls to limit traffic between them, reducing the risk of internal threats and lateral movement in the case of a breach. The production department, being the largest, will also be segmented into separate logical subnetworks for each critical asset, such as file servers and the FTP server.

The UTM device will serve as the primary gateway for the entire network, offering firewall capabilities, intrusion detection and prevention, antivirus, and anti-spam services. It acts as a first line of defense against external threats. Integration of a SIEM solution enables real-time monitoring of network events and potential security incidents, providing insights for rapid response. Endpoint security must be installed on all workstations, ensuring comprehensive protection against malware, phishing attacks, and other threats targeting individual devices.

If additional security measures are warranted, consider implementing a Network Access Control (NAC) solution for enforcing security policies on devices seeking access to the network, and an advanced email security gateway to protect against sophisticated phishing campaigns and email-based attacks.