Student Name ___David M.

Fontanez_____________ Date __19-Fed 2015_______

SEC450 iLab7 Report

Note: RED text indicates the required questions to answer

Task 1Layout the New Network Design

#1. Paste below your new network design diagram.

Task 2IDS/IPS Recommendations

#2. Write an engineering specification document of at least 250 words (e.g. 1 page of full
text, double space & size 12) describing why your networks design meets each of the
companys requirements. Justify how each recommendation addresses the companys
needs.

1. Intrusion Detection System

2. Problem
The company is concerned firewalls are not enough to detect and prevent network attacks. They
are worried about malicious attacks on their network that will make the company vulnerable to
attacks from hackers and other forms of malicious activities.
3. Solution
The solution is to find a way to prevent malicious attacks from issues such as: hackers, Trojans,
viruses, and other things from entering the company network. What is proposed is to establish
an Intrusion Detection System (IDS) sensor within the network, as well as an Intrusion
Prevention (IPS) sensor. IDS are designed to monitor all inbound and outbound network activity
and identify any suspicious patterns that may indicate a network or system attack from someone
attempting to break into or compromise a system. IPS provides policies and rules for network
traffic along with an IDS for alerting system or network administrators to suspicious traffic, but
allows the administrator to provide the action upon being alerted. Where IDS informs of a
potential attack, an IPS makes attempts to stop it. What is proposed is to establish an Intrusion
Detection System sensor and an Intrusion Prevention System sensor before the switches that
goes to the Human Resources department, as well as, the MKT LAN. The firewalls are already
established on the company network to help prevent anything malicious activity from entering,
as well as leaving the network. With an Intrusion Detection System and an Intrusion Prevention
System, the company

Task 3Conclusions
#3. Describe in two paragraphs your learning experience in this lab.
The purpose of this lab is to introduce us, the students about IDS and IPS sensors. IDS only
detect intrusion, which means it does not have to capability to prevent intrusion. IPS relies on IDS in

order to prevent intrusion. This means that both work hand in hand in order to detect malicious activity on
the network.
In this lab, we were given a scenario of a company network and had to figure out where to
establish an IDS and IPS system. In my opinion, I thought putting the IDS and IPS system before the
switches and after the router would make a good point to sniff out any harmful activity before it hits the
switches taking it to the company computers. This lab helped further my career in the Information
Technology world because I now know about sensors that can be established on the network to further
provide security.