LD7007 Develop an in-depth understanding of fundamental concepts and challenges in data and network security.

LD7007 - Network Security - Northumbria University

Learning Outcomes

The following learning outcomes will be assessed by this assignment:

Develop an in-depth understanding of fundamental concepts and challenges in data and network security.

Demonstrate concepts related to basic cryptography.

Critically evaluate threats to data and network security; design and implement security solutions using networking IOS.

Introduction

You are an independent consultant, part of the consultancy firm responsible for designing and implementing secure VoIP systems. Your main task is to implement a dedicated open source VoIP system with direct links to the mailbox of users using Asterisk IP-PBX in a series of Block Tasks. You should be able to design and implement secure VoIP calls in a local area network with appropriate dial plans in a fully virtualised environment. Your VoIP system should allow seamless integration with a unified communication (UC) system that allow unified email and desktop services.

Assignment Tasks:

Your work must be presented in the form of a Project Report and be no longer than 3000words (excl. references, figures, tables and appendices) plus a facing page that includes the executive summary. This should be typed on A4 paper and use a font size Arial 11 single spacing. For completeness, you may if you wish include additional material in an appendix but this will not contribute to the marks.

Portfolio Task(s):

Block A: Architecture and Communication

1. Configure a Linux server with Asterisk IP-PBX fully installed and configured with an appropriate logical addressing scheme. Your Linux server must be an authoritative DNS server for a domain of your choice.

2. Create a dial plan to serve up to 150 different extensions with at least two (2) soft phones attached and configured into your environment.

3. Design and implement a Postfix MTA in such a way that all voicemail from extensions it is forwarded to users` mailboxes.

4. Configuring appropriate IAX trunks to demonstrate connectivity between two different Asterisk servers.

Block B: Secure Operations and Service Delivery

5. Fully demonstrate at least three (3) attacks against your VoIP system with evidence on their sophistication and impact. At least one of these attacks should demonstrate pivoting against users` mailboxes.

6. Design and implement a comprehensive security policy for your VoIP system and clearly articulate adequate security controls against the attacks demonstrated in the previous step. Evidence must be provided on how the controls implemented can mitigate the attacks demonstrated.

7. Implement a comprehensive Network-based Intrusion Detection and Prevention system (NIDS) and test its efficiency in your VoIP deployment.