Design Activity: Designing A Secure Client Infrastructure

By Author: Jasmine
Total Articles: 286
Comment this article

Exercise 1: Create a Top-Level Design
1.Provide a top-level design 70-291 that details the possible equipment, software, and network configuration that can provide a security infrastructure for these new remote access requirements. Generalizations are necessary at this stage in the design, but what would you look for?
Answers may vary. There are two specific areas where the current design will change. First, Network Access Quarantine Control should be added to prevent current remote access clients from connecting with potentially dangerously configured systems. This can be done with current equipment, but the actual process must be designed to meet an agreed-upon policy and then new client access profiles must be developed. Second, providing remote access for mobile devices will depend on the type of device that is used and the type of communications protocols that they use. However, the use of a carrier will most likely be necessary, and connection specifications should not be left entirely to the carrier after the carrier is selected. The security of the connection between ...
... clients and the carrier and the carrier and Wide World Importers is critical. Also important is the design of authentication requirements.

Exercise 2: Analyze Authentication Requirements
1. What are the authentication requirements of the clients in this new design? Answers may vary. Three areas need to be considered:
Salespeople must be able to authenticate in a sure fashion to the devices Free CIW exam questions. Because of concerns about sensitive data, a third-party authentication application should be selected that offers secure authentication other than a password, and which destroys all data on the system after some limited number of false attempts. Sales people will need training in synchronizing data over the network or to their own computer so as not to lose data.
Authentication before accessing e-mail and the custom application should be separate from authentication to the device. This adds another layer of security. Should an unauthorized user be able to get around device authentication, she will have another hurdle before she can access or modify data over the network.
Authentication between carrier equipment and the Wide World Importers network should also be strong.
Exercise 3: Design Remote Access Policies
1. What remote access policy or policies will be necessary for these new remote access requirements?
Answers may vary. A remote access policy should be configured that will allow authorized user (by Windows group) access that is based also on the requirements of the equipment that becomes part of the design. Restrictions based on time and so on should be considered in the overall secu?rity policy for the new applications, and they should be added to the remote CCNA certification access policy profile.