Customer database server and Mail server

  Address a business problem related to intranet security. For your initial post, you will assess 10 business-critical servers that need to send and accept traffic from the Internet and determine where on the network they should be put. Your organization has a network segmented into two subnets, both of which have a firewall. Subnet One is the Intranet and it connects to Subnet Two using a router. Subnet Two connects to the Internet via a border router. Consider the risks associated with a presence on the Internet, and examine the firewall architecture in order to determine the best placement for each critical server. Explain where you would place each of the critical servers listed below on the network, providing a rationale for your choices. Be sure to include information on how the chosen locations will secure the essential business services provided by each critical server. Critical Servers Web server with home portal Customer database server Mail server Chat server Intrusion detection system Customer registration server Server with marketing campaign material for the organization Intranet website VPN server Mail archive server

Sample Solution

   

Critical Servers and Network Placement

Introduction

Intranet security is a critical component of any organization's overall security posture. An intranet is a private network that is used by employees within an organization to access shared resources and collaborate. Intranets are often connected to the Internet, which can pose a security risk.

One way to mitigate the risks associated with an intranet connection to the Internet is to segment the network into multiple subnets. This allows the organization to isolate critical servers from the Internet and other subnets.

In the scenario you have described, the organization has two subnets: Subnet One (Intranet) and Subnet Two (Internet). Subnet Two is connected to the Internet via a border router. This architecture provides a basic level of security, but it is not sufficient to protect all critical servers.

Full Answer Section

     

To further protect critical servers, the organization should place them in a DMZ (demilitarized zone). A DMZ is a subnet that is isolated from the internal network and the Internet. This isolation is achieved using firewalls.

Critical Server Placement

The following table shows where I would place each of the critical servers you listed on the network:

Critical Server Placement Rationale
Web server with home portal DMZ The web server is exposed to the Internet, so it is important to isolate it from the internal network. Placing the web server in the DMZ will help to protect the internal network from attack.
Customer database server Internal network The customer database server contains sensitive data, so it is important to protect it from unauthorized access. Placing the customer database server on the internal network will help to keep the data safe.
Mail server DMZ The mail server is exposed to the Internet, but it is also used by internal employees. Placing the mail server in the DMZ will help to protect the internal network from attack, while still allowing internal employees to access their email.
Chat server DMZ The chat server is exposed to the Internet and is used by external users. Placing the chat server in the DMZ will help to protect the internal network from attack, while still allowing external users to access the chat server.
Intrusion detection system Internal network The intrusion detection system is used to monitor the internal network for suspicious activity. Placing the intrusion detection system on the internal network will allow it to monitor all traffic on the network.
Customer registration server DMZ The customer registration server is exposed to the Internet and is used by external users to register for accounts. Placing the customer registration server in the DMZ will help to protect the internal network from attack, while still allowing external users to register for accounts.
Server with marketing campaign material for the organization DMZ The server with marketing campaign material is exposed to the Internet, but it does not contain sensitive data. Placing the server with marketing campaign material in the DMZ will help to protect the internal network from attack, while still allowing external users to access the marketing campaign material.
Intranet website Internal network The intranet website is only used by internal employees, so it is important to protect it from unauthorized access. Placing the intranet website on the internal network will help to keep the website safe.
VPN server DMZ The VPN server is used to allow external users to access the internal network. Placing the VPN server in the DMZ will help to protect the internal network from attack, while still allowing authorized external users to access the internal network.
Mail archive server Internal network The mail archive server contains sensitive data, so it is important to protect it from unauthorized access. Placing the mail archive server on the internal network will help to keep the data safe.

Conclusion

By placing the critical servers in the appropriate locations, the organization can help to mitigate the risks associated with an intranet connection to the Internet. The DMZ provides an additional layer of security for servers that are exposed to the Internet. The internal network provides a secure environment for servers that contain sensitive data or are only used by internal employees.

We are here to help
We have crazy offers
It’s quick and easy to place an order. We have an efficient customer service that works 24/7 to assist you.It’s quick and easy to place an order. We have an efficient customer service that works 24/7 to assist you.

We are here and ready to help

Order Now

IS IT YOUR FIRST TIME HERE? WELCOME

USE COUPON "11OFF" AND GET 11% OFF YOUR ORDERS

PLACE AN ORDER NOW REGISTER NOW