Assignment Help - homework help

All servers that are accessible from the internet


Part 1
You are tasked with writing rule sets for two firewalls that protect your network and form a DMZ. All traffic from your internal network to the Internet passes through the DMZ. All servers that are accessible from the Internet reside inside the DMZ. All computers inside the network (internal network and DMZ) have private IP addresses. All traffic to and from the Internet passes through a NAT device which is located just inside the perimeter firewall. All computers on this network are Windows computers

Servers in the DMZ
ServicePublic IP AddressPrivate IP AddressComments
HTTP/HTTPS200.100.100.10192.168.20.10
FTP200.100.100.11192.168.20.11
DNS200.100.100.12192.168.20.12Uses TCP for zone transfers, services DNS lookup requests from all computers in the internal network and DMZ
Email200.100.100.13192.168.20.13SMTP
Proxy200.100.100.14192.168.20.14Not accessible from the Internet. Client computers connect to the proxy service on port 8080

Clients on the internal network: All user workstations access web sites via the Proxy server. There are three different internal subnets: 10.10.10.0/24, 10.20.20.0/24 and 10.30.30.0/24. Computers on the 10.10.10.0/24 subnet may access FTP servers on the Internet. Computers on the 10.20.20.0/24 network may access an SSH server on the Internet with the IP address 220.20.30.110. All computers on the internal network may access the companys Email, DNS, FTP and web servers that reside in the DMZ.

Computers on the three internal subnets use dynamic NAT pools as follows when making connections to the internet.
Private IP address rangeNAT Pool
10.10.10.0/24200.200.200.50 through 200.200.200.100
10.20.20.0/24200.200.200.101 through 200.200.200.150
10.30.30.0/24200.200.200.151 through 200.200.200.200

Answer the following:
(1)Write the two rule sets for the two firewalls that will allow only the traffic described to flow.


Part 3

You are tasked with implementing a rule set for a firewall. Internal computers are running Windows operating systems. 

(3) In the following table create a rule set to implement the following requirements. 
Internal users are allowed to access web servers on the Internet (both HTTP and HTTPS) but do so via a proxy server that has an IP address of 192.168.20.5.
Access to the following servers is not allowed:
a.www.riaa.com
b.www.mpaa.org
Users are allowed to directly access an SSH server running at andromeda.cs.odu.edu
Computers on the Internet should be allowed to connect to your email server (SMTP only) in order for your company to receive emails from other organizations. The IP address of the email server is 192.168.20.10.
Your email server must be able to connect to other email servers on the Internet to forward outgoing email (SMTP only).
All other traffic is not allowed

Rule
NumberProtocolSource AddressSource
PortDestination AddressDestination
PortDirectionAction


Part #4

You are tasked with implementing a rule set for two firewalls protecting your network in a DMZ configuration. Internal computers are running Windows operating systems. 

(4)In the following table create a rule set to implement the following requirements. 

Note:
NAT occurs just inside the perimeter firewall.

DMZ Servers
PurposePrivate IP Public IP
Web proxy192.168.10.10150.150.150.10
FTP Proxy192.168.10.11150.150.150.11
DNS192.168.10.20150.150.150.20
Web server - public192.168.10.30150.150.150.30
Web server corporate only192.168.10.40150.150.150.40
Email192.168.10.50150.150.150.50

Internal network servers
PurposePrivate IP 
Microsoft SQL Server Database10.50.50.100

Requirements
Workstations
User workstations are on the two subnets 10.10.10.0/24 and 10.20.20.0/24
User workstations can access web servers on the Internet (http and https) but only via a proxy server which resides in the DMZ 
User workstations can access ftp servers on the Internet but only via an FTP proxy server which resides in the DMZ 
User workstations can access the DNS server which resides in the DMZ

DMZ Servers
Web proxy may access web servers on the internet
FTP proxy may access FTP servers on the internet
DNS server will accept incoming requests from both internal workstations and from the Internet. 
DNS server will accept zone transfer requests from other name servers on the internet
The public web server will accept requests from the internet only via HTTP
The corporate web server will accept requests from the internet only via HTTPS
The corporate web server will make connections to the internal Microsoft SQL Server database on its default port.
The email server will accept SMTP requests from the internal network and the Internet. It will also make SMTP requests to other email servers on the Internet.

Internal Server
The internal Microsoft SQL Server database server will accept incoming connections from the corporate web server in the DMZ

Rule
NumberProtocolSource AddressSource
PortDestination AddressDestination
PortDirectionAction 

Request for Solution File

Ask an Expert for Answer!!
Computer Networking: All servers that are accessible from the internet
Reference No:- TGS095516

Expected delivery within 24 Hours