Network Security Planning Assignment Example | Topics and Well Written Essays - 750 words

cyberspace Security Planning - Assignment ExampleWhite (2001) defines cisco SAFE as architecture in security that offers guidelines for modular profits design approach (Cisco, 2010). This approach makes its ease for network designers to understand relationships thus go away to execute security based on one module subsequently the other unlike the conventional approach of implementing one broad approach for the entire enterprise. Despite its advantage of maximizing control and visibility, Cisco SAFE has limitations and this paper explores these limitations in detail and their impacts on network security.With Cisco SAFE, denial of service efforts is a widespread threat especially for organizations that do not implement protocol analysis in network security design. With poor protocol analysis, the network lacks significant pattern matching with IDS guaranteeing that the rules of each protocol argon followed and this results to sending of both protocol related and unrelated data st reams. Consequently, traffic is not valid and is an attack that bypasses security systems or an attack crashing the system due to invalid data presence in the think system. DoS is overcome by ensuring that IDS in Cisco SAFE has the right knowledge of ordinary system protocols like UDP, TCP, FTP, and HTTP.A second limitation is distributed denial-of-service (DDoS). Without proper configuration of Ciscos firewall Intrusion perception System (IDS), organizational networks are subject to DDoS attacks preventing networks from bandwidth access (World, 2002). DDoS attacks consume entire business network bandwidth by attackers while Cisco IDS offers distinctive protection against DDoS by detecting attacks proactively and mitigate them. However, Cisco IDS requires configuration after router configuration to enable it to identify and block attacks prior to the occurrence of intrusion or unauthorized proceeding and this calls for effective configuration of Cisco IDS.For any