Network Topology

Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with Group Encrypted Transport VPN, Dynamic Multipoint VPN, or Enhanced Easy VPN Integrated threat control using Cisco IOS Firewall Cisco IOS Zone-Based Firewall, Cisco IOS IPS, and Cisco IOS Content Filtering Identity management: Intelligently protecting endpoints using authentication, authorization, and accounting (AAA), and public key infrastructure

Beyond Our Network With Private IP Enhanced Traffic Management, our Private IP Layer 3 MPLS-based VPN puts all your traffic on a reliable, private network with Quality of Service (QoS) routing. And with Private IP Layer 3, you can build a hybrid solution between your public and private networks while enabling automated business processes, including e- commerce, VoIP, converged solutions, shared intranets, and extranets. Advanced Technology Whether you outsource service to us or manage it yourself, our Cisco-powered, private, MPLS network meets your enterprise's rigorous demands, including: Global availability - over 121 countries/territories QoS routing Enhanced Visibility & Network Management Solutions Multicasting for improved bandwidth conservation Seamless Frame Relay/ATM integration Stringent SLAs Remote access (via Secure Gateway) Multiple access options including DSL, satellite, and Ethernet Any-to-any connectivity Streamlines network management, planning, and expansion. Six IP Classes of Service (CoS) Six Classes of Service (CoS) let you prioritize traffic (voice, video, data) while consolidating your traffic on a single network. This offers you additional flexibility that lets you dictate how traffic is handled across the network, giving priority to mission critical traffic.

Hardening the Windows host

Windows Firewall Microsoft Windows operating systems and related applications such as Internet Explorer contain thousands of security-related software flaws that can be exploited by malicious programs. A fraction of those errors have been discovered, fewer have been repaired by Microsoft (in the form of “patches”). Average loss to Fortune 500 companies is $2M per worm

Windows Firewall Windows Firewall is installed and enabled by default for all dial-up, network, IEEE 1394 (FireWire), and wireless connections on a computer Windows Firewall does not control outgoing connections unless Advanced Security controls are used. Because of this, Windows Firewall allows any program running on your computer to connect to the network.

Windows Firewall General Configures general firewall settings, including whether the firewall is turned on and whether all programs are blocked when connected to public networks in less. Advanced Configures protected connections, security logging, and allowed types of control messages. Configuring Security Logging When logging is enabled, the security log is created as a standard text file and stored in the %System-Root%\ folder as pfirewall.log.

What is it and why is a DMZ used? Benefits vs Drawbacks How is it implemented?

Internal User Accessing Web Server in DMZExternal User Accessing Web Server in DMZ Internal client requests web page Packet is routed out firewall to ISP DNS Packet enters back through firewall to DMZ External user requests web page Firewall checks packet for source and destination Packet is sent to the Web Server in the DMZ Accessing the DMZ Servers

Intrusion Prevention System