Please see attached some of the recommended textbooks for the assignment, you can make reference to them. Please use the network security plan templates for the assignment

Introduction
In this paper, we will study and analysis the FNU university network security problem. In the present scenario FNU network hackers can easily access the network. They could try to steal, manipulate and destroy the information over the network.
The main problem is in FNU university having an open wireless network so that easy access by any users.. The main challenges is FNU required a solution to existing infrastructure and that will be cost effective and terminate the evil wishes of any potential hackers. The FNU university more than 45000 students are using the existing network. The present system main drawback is students can do unauthorized enter into the existing system.
In the present network FNU network system having no control or tools that collected the information regarding the login or access detail is in exist network.
The university will need a system that will store the information about login in and logging out time and they need network will provide the information about time zone and download time. The FNU main goal IT team will provide the cost effective, secure network with present resource. Our proposal is to implement 802.1 x authentications for FNU’s wireless network. In this paper our first step we study and analysis the given FNU University and find out the solution. Our next step will be designed and implement the solution. In this paper, we will design the Victorian law and data security issue in private and public section. As for the purpose of data privacy an act came in 2000 Information Privacy Act 2000 for the purpose data privacy and for the purpose of data security an act came Commissioner for Law Enforcement Security Act 2005. The Privacy and Data Protection Act 2014 for data security with a single Act that is intended to strengthen the protection of personal information and other data held by the Victorian public sector
Scope
We discuss about the scope network security planning. These standards and procedures apply to all information systems and resources under the control of, including all computers connecting to the FNU network and all FNU System employees, faculty, students, contractors, and any other individuals who use and administer those systems and computers, particularly those involved with information system management.
Objective
The network security in FNU is secure the information and systems the network infrastructure by adapting to the given below principles:
1 - University main objective will protect the information regarding network infrastructure against external or internal threats.
2 - University objective will provide a minimum level of access between information systems and the users on a “Need to- know” basis.
3 - We will classify the information according to rule and protect it against unauthorized modifications or disclosure.
4 - We follow two rules according to law standards, guidelines and procedures to ensure the security of information, the information systems and the network infrastructure.
5 - University will conduct a security awareness program me within the UNF about the security policy to educate the users about the best security practices when working with information and information systems
. 6 - We will analysis the risk assessment, risk analysis and risk management process for network security purpose.
7 - We will monitor the logs and audit trails to protect the information systems are against unauthorized access.
8 - We will ensure that users comply with all FNU federal, local and cyber laws, ethical responsibilities & regulations and information security policy
Identify the problem
In this case study, we find out the problem
1.    Resource Stealing
2.    Traffic Redirection:
3.    Denial of Service
Identify the problem
In this case study, we find out the problem
1.    Resource Stealing
2.    Traffic Redirection:
3.    Denial of Service
Analysis Identify Issues:
In this project we analysis the problem, unauthorized access on server and workstation by the student /anyone as FNU campus having the problem authentication, authorization and accounting. The FNU campus network traffic easily redirects by the modification of MAC. Due to traffic redirection student/anyone can be steal the information.
Evaluation
In this paper, after study and analysis the problem and we have found out solution as is given below:
1.    Cisco Leap Control Protocol,
2.    Virtual network
3.    SSL network
CISCO LEAP (LIGHT WEIGHT AUTHENTICATION PROTOCOL)
1.    The CISCO LEAP is an authentication protocol Knows as EAP CISCO wireless that is strongly supported to Wireless LAN for the authentication key issues. The functionality of CISCO LEAP is mutual authentication between the client and the RADIUS server. The Cisco Wireless Security suite provides the authentication security with the help of CISCO LEAP. The CISCO LEAP solves the wireless LAN authentication security issue using EAP.
2.    In this proposed solution, implement for more security, we use SSL (SECURE SOCKET LAYER) protocol that is more secure transmitting the data. The SSL working is at the time of transmitting the data relies upon the public/private key and digital certificate.
3.     We can define VIRTUAL PRIVATE NETWORK VPN that helps to securely transmit data onto two network devices over an insecure data transport channel
4.    VPN in Wireless Networks provides us authentication, encryption and Data authentication is very secure manner. We should follow at the time of implementation see and follow all the ethical values. We need to use the original version of the software.
Plan of implementation
The main requirement for AAA implementation
The AAA requires 802.1X Authentication Server.
The EUD success full authentication AAA must send the policy and QoS configuration to the RADIUS client (AC or BNG).
Upon receiving the RADIUS Access Request message with the MAC address of the EUD from BNG.
AAA MUST send the corresponding EUD information to BNG in the RADIUS Access Accept message.
The EUD information storage must support by AAA.
The 802.1 Authenticators must support by AC
The RADIUS client must support by AC
The support 4-way 802.11i handshake with EUD must support to RAC
Design:
In this paper after the study and analysis the network proposes and design architecture for solving the unauthorized access.
In this architecture the purpose of authentication supports Authenticator for Access point management. As we are implementing 802.1X standards this is best suited. In this architecture, RADIUS proxy is a BNG broadcasting network generator. In this proposed network BNG working as service gateway .BNG functionality is as follows: BNG can be aware of the EUD’s information
BNG responsible for IP address assignment and traffic management on a per subscriber basis.
The successful EAP session two procedures are imitated
Key exchanged
IP address assignment method
In this architecture AC is not responsible for IP assignment. BNG working is traffic on a per subscriber basis. AC can be deployed close to the APs if there is a dense APs environment. AC can be co-located with BNG.AC can communicate with AAA directly AP needs to support multiple SSIDs.
Design and part of solution:
As FNU university requirement is AAA implementation so we implement the AAA using 802.1X standard.
1. The 802.1x standard provides a means of client or port authentication and is found in the 802.11 wireless environments (WPA & WPA2 for example) as well as the 802.3 switched environments. The NetVanta 150 Access Point as well as the NetVanta switches supports 802.1 x authentications.
2. Our FNU campus requirement is Authentication, Authorization and Accounting for the solving of these issues we use platform AAA. As we implement for the present scenario 802.1X and for the solution we implement AAA.
As we are implementing the port based authentication protocol IEEE 802.1x 802.1 are three types of entities in a802. 1x network as follows:
1) Supplicant
2) An authenticator
3) An authentication server.
As we implement 802.11b LANs, The specification of 802.1X having two main features
Supplicant Authenticator Authentication Server
In IEEE 802.1Xtwo ports as follows:
The first uncontrolled port allows only authentication messages to be exchanged.
The second controller port allows the exchange of frames only for the port is authorized.
Dynamic Session Key encryption Management
Open Standards EAP and RADIUS
Centralized User Administration with the help of RADIUS, authentication, authorization and accounting are centralized.
Low Overhead;.
User Based Identification
Current security risks and concerns considered by the VIC government.
Threats    exploit    Vulnerabilities
    protect against
    
    Increase
    
    increase
    
    expose
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
Security Controls
    
    educe
    
    Security Risks
    
    
    
    
    
    Asset(Data)
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    met by
    
    
    Indicate
    
    increase
    
    
    have
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    Security
    
    
    
    
    Data(Asset) Values &
    
    
    
    
    
    Requirements
    
    
    Potential Impacts
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
SECURITY RISK
The security risk is the potential that a given threat will exploit vulnerabilities to cause loss or damage to a Data privacy and protection , and directly or indirectly affect the organisation. The security risk level is determined from the combination of the Data privacy and protection values and assessed levels of related threats and associated vulnerabilities.
SECURITY REQUIREMENTS
The sources of information security requirements are:
1. A unique security risks which could result in significant losses if they occur;
2. Legal, statutory and contractual requirements that the organisation, its trading partners, service providers have to comply;
3. Agency-wide policies, principles, objectives and requirements to support its business operations
4. This requirement is regarding confidentiality, integrity and availability of the information
it is social and economic wellbeing depends on its infrastructure. Each day, it rely upon the continuity of important services provided by critical infrastructure. Critical infrastructure supports the global communications networks to connect us socially and in business.
The types of cyber security incidents:
1.    Suspicious or seemingly targeted emails with attachments or links
2.    Any compromise or corruption of information
3.    Unauthorized access or intrusion into an ICT system
4.    Theft or loss of electronic devices that have processed or stored Australian government information
5.    Intentional or accidental introduction of viruses to a network
6.    Denial of service attacks
7.    Suspicious or unauthorized network activity.
SECURITY CONTROLS
Security controls are the practices, procedures or mechanisms that may protect Data privacy and protections against threats, reduce vulnerabilities or reduce the impact of an undesirable event.
SECURITY POLICY
INTERNET AND E-MAIL
As per law access to computers is...