Prepared by: Dr Ghassan Kbar XXXXXXXXXXModerated by: Dr Noor-U-Zaman Laghari March, 2020 Assessment Details and Submission Guidelines Unit Code BN305 – T1 2020 Unit Title Virtual Private Networks...

1 answer below »
Bn305


Prepared by: Dr Ghassan Kbar Moderated by: Dr Noor-U-Zaman Laghari March, 2020 Assessment Details and Submission Guidelines Unit Code BN305 – T1 2020 Unit Title Virtual Private Networks Assessment Type Individual Assignment Assessment Title Assignment 1 – SSL/TLS VPN Technologies Purpose of the assessment (with ULO Mapping) The purpose of this assignment is to review existing literatures on important VPN technologies and issues and write a report. The report must be specific to the given topics, use appropriate examples and detail of the topic given to develop a review paper. In addition, students expected to investigate the use of VPN technology by installing a demo on virtual box or laptop to demonstrate the concept. In preparing the assignment, students should acquire not only the knowledge of current technical aspects of VPN but also research, data collection, analysis and writing skills. Students should be able to demonstrate their achievements in the following unit learning outcomes: a. Explain the significance of VPN for contemporary organisations b. Discuss the role of VPN to support the security of businesses c. Demonstrate the use of VN client Weight Assignment1-a 4.5% Assignments1-b 10.5% Total Marks 100 Word limit 1800 words max Due Date Assignment 1a- Week 3, Sunday 6 pm, 12th April 2020 Assignment 1b- Week 7, Sunday 6 pm, 10th May 2020 Submission Guidelines  Submit Assignment 1a in a word document in week 3  All work must be submitted on Moodle by the due date along with a completed Assignment Cover Page.  The assignment must be in MS Word format, 1.5 spacing, 11-pt Calibri (Body) font and 2 cm margins on all four sides of your page with appropriate section headings. Make sure that all the screen shots submitted on Moodle must carry your unique id such as MITID, names etc.  Reference sources must be cited in the text of the report and listed appropriately at the end in a reference list using IEEE referencing style. Extension If an extension of time to submit work is required, a Special Consideration Application must be submitted directly through AMS. You must submit this application within three working days of the assessment due date. Further information is available at: BN305 Virtual Private Networks Page 2 of 5 2 http://www.mit.edu.au/about-mit/institute-publications/policies- procedures-and-guidelines/specialconsiderationdeferment Academic Misconduct Academic Misconduct is a serious offence. Depending on the seriousness of the case, penalties can vary from a written warning or zero marks to exclusion from the course or rescinding the degree. Students should make themselves familiar with the full policy and procedure available at: http://www.mit.edu.au/about-mit/institute-publications/policies- procedures-and-guidelines/Plagiarism-Academic-Misconduct-Policy- Procedure. For further information, please refer to the Academic Integrity Section in your Unit Description. Assignment Topics: Objective: Your tasks are to analyse and to write a report about the processes and the security technologies being used when you access any website (which uses HTTPS) online via a web browser, as well as having the ability to remotely accessing your company network online securely. It is a well- known fact that the Internet is a public network and every single message you exchange with the server can potentially be intercepted by attackers. You need to analyse in detail to address the technologies and techniques that can be used to prevent attackers from modifying the communication between you and web server in addition to keeping your passwords and other details safe. A. Assignment1-a (Literature Review): Research about the different methods for securing the transfer of information across internet service provider. This should include the following: 1. You need to explain the significance of VPN for contemporary organisations. This should cover the different encryption protocols for VPN implementation, including a comparison of SSL/VPN and IPSEC/VPN. 2. IPsec uses the Internet Key Exchange (IKE) protocol to negotiate and establish secured site- to-site or remote-access VPN tunnels. Investigate how Cisco Adaptive Security Appliances (ASA 5500 Series) would support IPsec and IKE. 3. Discuss the role of VPN in supporting the security of businesses, and describe the advantages of SSL/VPN over IPSEC/VPN 4. The rapid proliferation of mobile devices increases on a daily basis, investigate how Cisco AnyConnect is designed to secure the connections from these mobile devices. 5. Search for free VPN client solution and explain the process of setup by comparing at least three different solutions You are also required to address the following topics and task in details: Assignment1-b: http://www.mit.edu.au/about http://www.mit.edu.au/about http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/Plagiarism-Academic-Misconduct-Policy-Procedure http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/Plagiarism-Academic-Misconduct-Policy-Procedure http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/Plagiarism-Academic-Misconduct-Policy-Procedure BN305 Virtual Private Networks Page 3 of 5 3 B. VPN, Authentication and Access Control You need to visit a particular web site and discuss the following points: 1. Analyse and write report on how the browser ensures that it is communicating to the right server. Please visit a website and add screenshots also highlighting the related part. Explain how SSL and TLS provide authentication? 2. Describe how digital signatures work and what role pays in the authentication process, add the relevant screenshot from your web browser showing the details of signature. What happens during certificate verification? 3. Analyse and comment on how the server make sure that it is communicating to the right client, discuss several methods; e.g. if you are using MIT Moodle, how the server verifies that it’s actually YOU? C. Confidentiality and Integrity 1. Analyse and write a report on how the confidentiality and integrity is achieved in SSL communication, and how server & client agree on one cipher suit? 2. Explain what is the role of symmetric encryption and hash algorithms in SSL communication. Add/take screenshots from your browser showing symmetric encryption and hash details. 3. Describe the VPN client software options D. Anti-Replay 1. Analyse and write a report on how the anti-replay attacks are mitigated in SSL communication. 2. How to protect your organization against SSL attacks? E. VPN client installation 1. Download a free VPN (eg. Hide me) and install in on virtual box or on your Laptop. 2. Check and note down your terminal IP address before enabling the VPN. Use traceroute yahoo.com and note down the result including the gateways. (take snapshot of the result) 3. Enable the VPN, check and note down the terminal IP address. Use traceroute yahoo.com and note down the result including the gateways. (take snapshot of the result) 4. Compare the result of steps 2 and 3 and explain the impact of using VPN Instructions for Assignment1-b 1. To enhance your understanding of the technology in this report you are required to describe how the technology works theoretically, as well as you need to perform some small practical activities and include the screenshots and the descriptions of them. 2. Include cover page with the subject name, the assignment name, the student name and ID, submission date. 3. Include table of contents. BN305 Virtual Private Networks Page 4 of 5 4 4. Include tables and figures. 5. Ensure that all the figures are numbered and names based on figure’s caption. You have to refer to the figures you add in the contexts. 6. Strictly follow the IEEE reference format for in-body citations and the references section. 7. You can use trustable online resources and documentations from well-known technology companies such as Microsoft, Cisco, Juniper and etc. 8. No plagiarism is allowed. 9. It is expected that your report must use the correct format in clear way, hence you should write to the point and using the right technical terminologies. Also, a good report would include around 1800 words. 10. Important: You need to include a revision of the literature review done at assignment1-a based on feedback from tutor. Marking Criteria: Marking of assignment1 would be done by tutors and might be verified according to individual demonstration by students. The final mark might be reduced to half based on students’ presentation. Questions Description Marks Assignment1-a Covering steps 1-5 of Section A (each step 5 marks) 30 Assignment1-b Authentication & Access Control (part B): 20 marks Confidentiality and Integrity Processes (part C): 10 Marks Protection against Replay Attacks (Part D): 10 Marks VPN Implementation (Part E): 20 Marks 60 Formatting Cover page, fonts, sizes, spacing, captions, headings. 4 Table of Contents, Tables and Figures Table of Contents and Table of Figures. 3 Conclusion & References Follow IEEE reference style and use references from trustworthy sources. 3 Total 100 BN305 Virtual Private Networks Page 5 of 5 5 Marking Rubric Sections Excellent Good Fair Poor Formatting Completely follows the formatting instructions Mostly follows formatting Acceptably following the instructions Clearly lacks formatting instructions Table of contents Highly appropriate names for chapters and figures Appropriate names for chapters and figures. Acceptably appropriate names for chapters and figures. Misses names of chapters and figures Introduction & Literature Review Highly appropriate and clear Appropriate and clear Appropriate but contains ambiguities Not valid and not appropriate Authentication All elements are present and highly valid All elements are present and valid Either some of the elements are missed or a few of the elements are invalid. Lacks elements and generally invalid Confidentiality and Integrity All elements are present and highly valid All elements are present and valid Either some of the elements are missed or a few of the elements are invalid. Lacks elements and generally invalid Anti-replay
Answered Same DayApr 08, 2021

Answer To: Prepared by: Dr Ghassan Kbar XXXXXXXXXXModerated by: Dr Noor-U-Zaman Laghari March, 2020 Assessment...

Prasanta answered on Apr 10 2021
149 Votes
A.Assignment1-a
1. You need to explain the significance of VPN for contemporary organisations. This should cover the different encryption protocols for VPN implementation, including a comparison of SSL/VPN and IPSEC/VPN.
A Virtual Private Network is defined as the loose network in which the user can connect with multiple sites and it is deployed on the shared infrastructure using the same access and security polici
es as the private network. It is a network without any physical location. They allow the users to connect with the private network and use the system without being directly connected with it. VPN is used to make the network more secure and private. The tunnels of VPN encrypt the traffic sent to and from the user. The VPN makes it impossible for the attackers to use any type of data intercepted by them[1].
IPsec VPN
It can be defined as the set of standards which is used to establish the VPN. The IPsec is installed on the IP layer and it also helps to make a secure and remote access to an entire network instead of a single device. It can be of two types: tunnel mode and transport mode. The inability to stop the users to network segments is the major issue with IPsec VPN. The transport mode uses the encryption for the IP payload and the ESP trailer sent between the two sites [2].
SSL VPN
It stands for secure sockets layer. SSL is the second most common protocol of VPN. The plus point of the SSL VPN is the allowance of segmented access for the users. It can be of two types: SSL portal VPN and SSL tunnel VPN. The tunnel allows the users to access the web securely and also use the applications and the network services which are not related with the web. They have very sophisticated capabilities which makes it difficult and needs more skills for the implementation.
2. IPsec uses the Internet Key Exchange (IKE) protocol to negotiate and establish secured siteto-site or remote-access VPN tunnels. Investigate how Cisco Adaptive Security Appliances (ASA 5500 Series) would support IPsec and IKE.
Cisco ASA 5500 Series Adaptive Security Appliances are purposely built to provide world class firewall. They are known for the unified communications security, VPN, content security services and intrusion prevention in a common platform[3]. The series builds upon proven technologies from Cisco PIX® 500 Series Security Appliances, Cisco IPS 4200 Series Sensors, and Cisco VPN 3000 Series Concentrators. They provide intelligent threat defence which helps to stop the attacks before they can enter the network perimeter. It controls the network, maintain the application activity and delivers the secure remote access and also manages the site-to-site connectivity. It integrates full-featured, higher performance security services which also includes the firewall, SSL, IPsec VPN, antispam, web filtering services and many more.
3. Discuss the role of VPN in supporting the security of businesses, and describe the advantages of SSL/VPN over IPSEC/VPN
It has been developed mainly to allow remote users and branch offices to access local data centre, use applications, webapps, and other resources[4]. It ensures security bridge and established private network using an encrypted layered tunnelling protocol. VPN users uses an authentication method which includes passwords or certificates, so that it will gain access VPN tunnel. Microsoft company has been included PPTP clients in all version of Windows OS and Windows servers. VPN can expose an organization to potential security risk. It is incumbent upon network administrators to apply the same security standards to computers connecting to the network via VPN as computers directly connected to the LAN.
4. The rapid proliferation of mobile devices increases on a daily basis, investigate how Cisco AnyConnect is designed to secure the connections from these mobile devices.
The employee of the companies wants to work on the laptops and on their mobile phones. AnyConnect is a well-known and leading software product. It provides access of the VPN via SSL and IPsec IKEv2 and it also offers the better and enhanced security through multiple modules [5]. These modules are used to provide the services...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here