0 evaluări0% au considerat acest document util (0 voturi)
120 vizualizări1 pagină
This document provides a work scope and budget for redesigning network security. It involves reconfiguring firewalls, access controls, and routing across enterprise area networks and demilitarized zones. Specifically, it will redesign security with Mikrotik and Fortinet firewalls, reconfigure layer 2 and 3 switching, modify DHCP settings, install additional firewalls, and implement policies for access between internal, DMZ, and external networks. Testing will ensure connectivity, redundancy, high availability, and business continuity. The total budget for this security redesign project is $2,550.
Descriere originală:
Detail Scope of Work for Network Redesign Security for Internal and External Access Work
Titlu original
Detail Scope of Work for Network Redesign Security for Internal and External Access Work
This document provides a work scope and budget for redesigning network security. It involves reconfiguring firewalls, access controls, and routing across enterprise area networks and demilitarized zones. Specifically, it will redesign security with Mikrotik and Fortinet firewalls, reconfigure layer 2 and 3 switching, modify DHCP settings, install additional firewalls, and implement policies for access between internal, DMZ, and external networks. Testing will ensure connectivity, redundancy, high availability, and business continuity. The total budget for this security redesign project is $2,550.
This document provides a work scope and budget for redesigning network security. It involves reconfiguring firewalls, access controls, and routing across enterprise area networks and demilitarized zones. Specifically, it will redesign security with Mikrotik and Fortinet firewalls, reconfigure layer 2 and 3 switching, modify DHCP settings, install additional firewalls, and implement policies for access between internal, DMZ, and external networks. Testing will ensure connectivity, redundancy, high availability, and business continuity. The total budget for this security redesign project is $2,550.
on Enterprise Area Networks : Firewall (specifically Mikrotik and Fortinet) : Documentations and Operational Tansfer to Local IT Teams Redesigning, installing, and configuring Enterprise Area Networks
-Resetup and configure L2 and L3 swtich for relocation server to DMZ
-Modify DHCP setting for DMZ
-Create addtion DMZ vlan and make connectivity for all internal and external access -Install two firewall to exiting network -Create firewall policy for DMZ to internet and DMZ to external access .
-Firewall conectivity and Redunant for routing (OSPF and SLA)
-For internal traffic filttering on (Fortinet) -Remodify and reconfigure for Access-list on Internal L2 and L3 Switch
-Configure for secure firewall access on fortinet.
-Remodify for VPN conectivity on Fortinet.
-Implement policy base routing on Fortinet
Firewall Fortinet (2X) -Migtrate Firewall on Exiting Network -Create DMZ Vlan for internal access
-Implement dynamics routing for redunacy to internal access
-Configure traffic policy for Internal access and external access
-Setup Statics default route for monitoring traffic for Redunancy
-Prohibit with Firewall filter rule for intenal user ( Facebook , Youtube ) -Create NAT for internet access . -Implement Portforwarding for ouside to internal access . ( Hawei monitoring system) -Construct firewall policies to control traffic passing through the Firewall unit. -Implement threat management filtering including URL, App filtering, web filtering
Core Switch ( cisco 3850 x2)
-Remodify and make connectivity with two Fortinet firewall .
-Remodify vlan setting .
-Remodify Failover setting . -Remodify ACL(access control list ) for security
-Setup Dynamics Host Configuration Protocol to
-Implement for prevent internal security feacture (DHCP snooping , IP source Guard , DAI ) Mikrotik Firewall (CCR 1016 x 2) -Check and modify VPN access and VPN client access -Configure connectivity for Forinet firewall and Mikrotik firewall
-Reassign IP address and Dynamics routing
Layer 2 (cisco and Mikrotik)
-Check and implement vlan ( if require ) -Implement cisco switch for prevent internal security feacture (DHCP snooping , IP source Guard , DAI ) -Check connetivity for access .