Architecture Review Lab 7
.docx
keyboard_arrow_up
School
University Of Arizona *
*We aren’t endorsed by this school
Course
245
Subject
Information Systems
Date
May 16, 2024
Type
docx
Pages
1
Uploaded by MinisterPowerFish20 on coursehero.com
Architecture Review
After reviewing security architecture, the design shows a good starting point to improve security. Implementing an external firewall, and authentication server are geta starting points. Improvements can be added to this scheme for better functionality and reliability of system. These are some recommendations for improving security.
1)
Add Redundant Server in the Cloud (AWS)
The first main component that I will add is the need for a redundant server. Since availability and reliability will be extremely important in the emergency services field, redundancy will be a vital part of keeping reliability of this system. This server will appear such a backup or a fail-safe server. Moreover, critical data will be duplicated in a second location that
can be quickly deployed in case the main server experiences failures. This will be part of a disaster recovery strategy aimed at having resources available in case of a disaster(hardware, application, or network). This will be a cost-effective strategy for accessing critical data.
2)
Add RAID server Adding a RAID server will help ensure another drive will be available in case of a failure of main disk drive. This will ensure a server can continue to function properly for the purposes of improving performance and data redundancy.
3)
Add internal Segmentation Firewalls. (Fortinet)
This is a security solution that will minimize damage if the perimeter has been breached.
This will help understand internal traffic and minimize the attack surface by establishing different policies and segmenting zones that can be monitored separately. This can greatly help
automation of security policies and block lateral suspicious behavior. Internal firewalls can provide IPS, antivirus, antispam, and help with integration of cloud-based applications as well.
4)
Add VPN connections for remote access. (Palo Alto)
This will help remote workers access data in a secured tunnel while business retains strong control over accessing data and applications. This will increase security, better visibility, better control, different deployment options (hardware or software), and can be fully integrated with cloud applications. 5)
Open-source tools Another great add on for a small business and IT department is to use open-source tools
such Nessus (vulnerability scanner) and Shodan that provides insights and information about exposed services and devices to internet. Another open-source tools to deploy Wazuh and Snort (IPS). However, it is greatly suggested to deploy fully licensed software for enterprises that allow better visibility and security into the network.
Discover more documents: Sign up today!
Unlock a world of knowledge! Explore tailored content for a richer learning experience. Here's what you'll get:
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help