Answered step by step
Verified Expert Solution
Question
1 Approved Answer
For parts (c) to (f) below, consider the following network diagram and packet filtering ruleset where 192.168.1.0 refers to the subnet 192.168.1/24 which consists
For parts (c) to (f) below, consider the following network diagram and packet filtering ruleset where 192.168.1.0 refers to the subnet 192.168.1/24 which consists of some hosts that perform services in a demilitarized zone (DMZ) and the rest of the devices are computer hosts or servers in a small/ medium sized organization which has domain name smallorg.co.uk. 192.168.1/24 192.168.1.1 ISP Network Access DMZ Router with firewall Source Destination Source Dest Rule Action Protocol address address port port 1 Allow Any 192.168.1.0 TCP 2 Deny 192.168.1.1 Any 3 Deny Any 192.168.1.1 Any || | > 1023 Any Any Any Any Any 4 Allow 192.168.1.0 Any Any Any Any 5 Allow Any 192.168.1.2 TCP Any SMTP 6 Allow Any 192.168.1.3 TCP > 1023 HTTP 7 Deny Any Any Any Any Any (c) Describe the purpose and effect of rulesets 1, 4, and 5 [3 marks] (d) Consider rulesets 2 and 3. Explain why these are important. [3 marks] (e) Discuss how VLANs could be used to effectively segment the internal network of smallorg.co.uk. Show this in a diagram and explain how you would subnet the IP addresses and how traffic would be routed between hosts on different VLANs. [6 marks] (f) What is the importance of IP ingress and egress filtering in the Internet? In your answer particularly identify what the ISP would be filtering with respect to IP packets from smallorg.co.uk and from the network providers attached to the ISP. [5 marks]
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started