preview

NT1330 Unit 1 Essay

Powerful Essays
1. Goal The primary purpose of this lab was to get familiar with RLES and establish a base infrastructure. This infrastructure includes a router/firewall and Linux server for network monitoring and documentation. Network monitoring is crucial in any infrastructure, no matter how small or how large. Without it, there is no way to know a system has gone down until users start complaining. With it, the system/network administrator can be aware of the issue the instant it happens. Documentation is also extremely important in any environment. Documentation is an Administrator’s lifeline if a system breaks and they either need to recreate it or repair it. 2. Procedural and Informational Documentation All information relating to the creation and…show more content…
One of the biggest issues is that all services use HTTP rather than HTTPS. HTTP is used to access the firewall, Opsview monitoring, and the documentation wiki. All three of these should have their traffic encrypted, especially the firewall because if that is compromised than an attacker has much more direct access to all other systems that are behind it. It would also be recommended to use an authentication database such as Active Directory to authenticate and authorize all users for these systems. This would make it much harder to compromise accounts if the local account is not being used. It also allows for more granular control. For example, users can be given a range of granular control from read only to full Administrator on the documentation wiki. Some users in an enterprise do not need to and/or should not know about the inner workings of other systems on the network. There’s also the important question of where to store network passwords. It would probably not be recommended to store passwords on a wiki unless granular permissions are setup and Administrators are using strong passwords. This infrastructure is also not ideal in that every system uses the same username and password. In a production infrastructure each system should have unique and secure
Get Access