Propuesta de seguridad en el firewall perimetral de la Universidad Nacional de Loja.
In recent years with the advancement of technology organizations are being increasingly overwhelmed by security alerts, cyber-attacks and data breaches. One method of defense is perimeter security through new generation firewalls (NGFW), IPS / IDS, antimalware, among others, that are placed between...
Saved in:
| Main Author: | |
|---|---|
| Format: | bachelorThesis |
| Language: | spa |
| Published: |
2017
|
| Subjects: | |
| Online Access: | http://dspace.unl.edu.ec/jspui/handle/123456789/18671 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Add Tag | Summary: | In recent years with the advancement of technology organizations are being increasingly overwhelmed by security alerts, cyber-attacks and data breaches. One method of defense is perimeter security through new generation firewalls (NGFW), IPS / IDS, antimalware, among others, that are placed between the internal and external network, providing security to network services and integrity, confidentiality, availability and authenticity of information. By not having this method of defense there is an insecurity that at any moment could be exploited by unauthorized people as hackers, generating consequences and very serious losses for an institution. It is thus that the objective of the present work of qualifications Is to develop a security proposal in the perimeter firewall that has implemented the National University of Loja as it only provides security at the network level, such as port filtering, IP addresses and protocols, but does not provide security in the application layer as URL filtering, anti-bot, anti-spam, anti-malware, denial of services, application control, antivirus, among others. For the analysis of the current situation of the network, the interview technique was used. A vulnerability scan was then performed on the servers and on the institution's firewall using the Nessus tool. Subsequently an investigation of the most used and complete tools in the topic of pen-testing was carried out to check with a comparison box and thus determine the most suitable tool to check if the network is exposed to the most common threats determining if the firewall has Vulnerabilities that allow a threat to invade their security and be carried out successfully. Once the vulnerability scan and the exploitation of the threats were performed, the security requirements were determined in the firewall. Then the security proposal for the ASA firewall and a comparative cost analysis were made. The proposal also analyzed the various firewall alternatives to be implemented or at least analyzed by the Telecommunications and Information Unit of the National University of Loja as an option of greater acceptance for the implementation of a different firewall for the institution. Finally, a test scenario was set up with a layer 7 Mikrotik router. |
|---|