Network Security Planning Assignment Example | Topics and Well Written Essays - 750 words

Network Security Planning - Assignment Example White (2001) defines Cisco SAFE as architecture in security that offers guidelines for modular networks design approach (Cisco, 2010). This approach makes its ease for network designers to understand relationships thus proceed to execute security based on one module after the other unlike the traditional approach of implementing one broad approach for the entire enterprise. Despite its advantage of maximizing control and visibility, Cisco SAFE has limitations and this paper explores these limitations in detail and their impacts on network security. With Cisco SAFE, denial of service attacks is a widespread threat especially for organizations that do not implement protocol analysis in network security design. With poor protocol analysis, the network lacks significant pattern matching with IDS guaranteeing that the rules of each protocol are followed and this results to sending of both protocol related and unrelated data streams. Consequently, traffic is not valid and is an attack that bypasses security systems or an attack crashing the system due to invalid data presence in the intended system. DoS is overcome by ensuring that IDS in Cisco SAFE has the right knowledge of ordinary system protocols like UDP, TCP, FTP, and HTTP. A second limitation is distributed denial-of-service (DDoS). Without proper configuration of Cisco’s firewall Intrusion Detection System (IDS), organizational networks are subject to DDoS attacks preventing networks from bandwidth access (World, 2002). DDoS attacks consume entire business network bandwidth by attackers while Cisco IDS offers distinctive protection against DDoS by detecting attacks proactively and mitigate them. However, Cisco IDS requires configuration after router configuration to enable it to identify and block attacks prior to the occurrence of intrusion or unauthorized transactions and this calls for effective configuration of Cisco IDS. For any