Assessment Details and Submission Guidelines
Mar 13,23Question:
Background:
Assessment Details and Submission Guidelines
Unit Code: BN305 – T2 2020
Unit Title: Virtual Private Network
Assessment Type: Individual Assignment
Assessment Title: Assignment 1 – SSL/TLS VPN Technologies
Purpose of the assessment (with ULO Mapping): Students should be able to demonstrate their achievements in the following unit learning outcomes:
- Explain the significance of VPN for contemporary organisations
- Discuss the role of VPN to support the security of businesses and corporations
- Describe architectural VPN design for small, medium and large businesses and corporations.
Weight: Assignment 1A – 5% of the total assessments Assignment 1B – 10% of the total assessments
Total Marks: 100
Word limit: Assignment 1A- 600 words max) Assignment 1B- 1200 words (max)
Assignment 1A- Week 3, Thursday 6 pm, 6th August 2020
Assignment 1B- Week 7, Thursday 6 pm, 3rd September 2020
| Submission Guidelines | · Submit Assignment 1a in a word document in week 3
· All work must be submitted on Moodle by the due date along with a completed Assignment Cover Page. · The assignment must be in MS Word format, 1.5 spacing, 11-pt Calibri (Body) font and 2 cm margins on all four sides of your page with appropriate section headings. Make sure that all the screen shots submitted on Moodle must carry your unique id such as MITID, names etc. · Reference sources must be cited in the text of the report and listed appropriately at the end in a reference list using IEEE referencing style. |
| Extension | If an extension of time to submit work is required, a Special Consideration Application must be submitted directly through AMS. You must submit this application within three working days of the assessment due date. Further information is available at:
http://www.mit.edu.au/about-mit/institute-publications/policies- procedures-and-guidelines/specialconsiderationdeferment |
| Academic Misconduct | Academic Misconduct is a serious offence. Depending on the seriousness of the case, penalties can vary from a written warning or zero marks to exclusion from the course or rescinding the degree. Students should make themselves familiar with the full policy and procedure available at: http://www.mit.edu.au/about-mit/institute-publications/policies-
procedures-and-guidelines/Plagiarism-Academic-Misconduct-Policy- Procedure. For further information, please refer to the Academic Integrity Section in your Unit Description. |
Assignment Description:
Objective: The purpose of this assignment is to review existing literatures on important VPN technologies and issues and write a report. The report must be specific to the given topics, use appropriate examples and detail of the topic given to develop a review paper. In addition, students expected to investigate the use of VPN technology by installing a demo on virtual box or laptop to demonstrate the concept. In preparing the assignment, students should acquire not only the knowledge of current technical aspects of VPN but also research, data collection, analysis and writing skills.
Task: Your tasks are to analyse and to write a report about the processes and the security technologies being used when you access any website (which uses HTTPS) online via a web browser, as well as having the ability to remotely accessing your company network online securely. It is a well- known fact that the Internet is a public network and every single message you exchange with the server can potentially be intercepted by attackers. You need to analyse in detail to address the technologies and techniques that can be used to prevent attackers from modifying the communication between you and web server in addition to keeping your passwords and other details safe.
The Assignment 1 is divided into two parts.
Assignment 1A (Literature Review):
Research about the different methods for securing the transfer of information across internet service provider. This should include the following:
- You need to explain the significance of VPN for a Health care provider in Australia. This should cover the different encryption protocols for VPN implementation, including a comparison of SSL/VPN and IPSEC/VPN.
- IPsec uses the Internet Key Exchange (IKE) protocol to negotiate and establish secured site- to-site or remote-access VPN tunnels. Investigate how Cisco Adaptive Security Appliances (ASA 5500 Series) would support IPsec and
- Discuss the role of VPN in supporting the security of businesses, and describe the advantages of SSL/VPN over IPSEC/VPN
- The rapid proliferation of mobile devices increases on a daily basis, investigate how Cisco
AnyConnect is designed to secure the connections from these mobile devices.
- Search for free VPN client solution and explain the process of setup by comparing at least three different solutions
Assignment 1B:
In this part of the assignment the student will reflect on the feedback for Part A and discuss how did it help him/her to accomplish the tasks for the assignment Part B. In this part student will write report discussing following sections in details.
B. VPN, Authentication and Access Control
You need to visit any e-commerce web site and discuss the following points:
- Analyse and write report on how the browser ensures that it is communicating to the right server. Please visit a website and add screenshots also highlighting the related How SSL and TLS provide authentication?
- Describe how digital signatures work and what role pays in the authentication process, add the relevant screenshot from your web browser showing the details of signature. What happens during certificate verification?
- Analyse and comment on how the server make sure that it is communicating to the right client, discuss several methods; g. if you are using MIT Moodle, how the server verifies that it’s actually YOU?
C. Confidentiality and Integrity
- Analyse and write a report on how the confidentiality and integrity is achieved in SSL communication, and how server & client agree on one cipher suit?
- Explain what is the role of symmetric encryption and hash algorithms in SSL communication. Add/take screenshots from your browser showing symmetric encryption and hash
- Describe the VPN client software options
D. Anti-Replay
- Analyse and write a report on how the anti-replay attacks are mitigated in SSL communication.
- How to protect your organization against SSL attacks?
E. VPN client installation
- Download a free VPN (eg. Hide me) and install in on virtual box or on your
- Check and note down your terminal IP address before enabling the VPN. Use traceroute youtube.com and note down the result including the (take snapshot of the result)
- Enable the VPN, check and note down the terminal IP address. Use traceroute com and note down the result including the gateways. (take snapshot of the result)
- Compare the result of steps 2 and 3 and explain the impact of using
Instructions for Assignment 1B
- To enhance your understanding of the technology in this report you are required to describe how the technology works theoretically, as well as you need to perform some small practical
activities and include the screenshots and the descriptions of them. The questions are organized in the logical order, however to make them easy to distinguish, the analytical questions are to be presented in blue and the practical questions are to be presented in green.
- Include cover page with the subject name, the assignment name, the student name and ID, submission
- Include table of contents.
- Include tables and figures.
- Ensure that all the figures are numbered and names based on figure’s caption. You have to refer to the figures you add in the
- Strictly follow the IEEE reference format for in-body citations and the references
- You can use trustable online resources and documentations from well-known technology companies such as Microsoft, Cisco, Juniper and
- No plagiarism is allowed.
- It is expected that your report must use the correct format in clear way, hence you should write to the point and using the right technical terminologies. Also, a good report would include around 1800
Marking Criteria:
Marking of assignment1 would be done by tutors and then verified according to individual demonstration by students. The final mark might be reduced to half based on students’ presentation.
| Questions | Description | Marks |
| Assignment1A | Covering steps 1-5 of Section A (each step 5 marks) | 30 |
| Assignment1B | Authentication & Access Control (part B): 20 marks Confidentiality and Integrity Processes (part C): 10 Marks Protection against Replay Attacks (Part D): 10 Marks VPN Implementation (Part E): 20 Marks | 60 |
| Formatting | Cover page, fonts, sizes, spacing, captions, headings. | 4 |
| Table of
Contents, Tables and Figures |
Table of Contents and Table of Figures. | 3 |
| Conclusion & References | Follow IEEE reference style and use references from trustworthy sources. | 3 |
| Total | 100 |
Marking Rubric
| Sections | Excellent | Good | Fair | Poor |
| Formatting | Completely follows the formatting instructions | Mostly follows formatting | Acceptably following the instructions | Clearly lacks formatting instructions |
| Table of contents | Highly appropriate names for chapters and figures | Appropriate names for chapters and figures. | Acceptably appropriate names for chapters and figures. | Misses names of chapters and figures |
| Introduction & Literature Review | Highly appropriate and clear | Appropriate and clear | Appropriate but contains ambiguities | Not valid and not appropriate |
| Authentication | All elements are present and highly valid | All elements are present and valid | Either some of the elements are missed or a few of the elements are invalid. | Lacks elements and generally invalid |
| Confidentiality and Integrity | All elements are present and highly valid | All elements are present and valid | Either some of the elements are missed or a few of the elements are invalid. | Lacks elements and generally invalid |
| Anti-replay Attacks | All elements are present and highly valid | All elements are present and valid | Either some of the elements are missed or a few of the elements
are invalid. |
Lacks elements and generally invalid |
| Conclusion | Highly appropriate and clear | Appropriate and clear | Appropriate but contains ambiguities | Not valid and not appropriate |
| References | Clear styles with excellent source of references. | Clear referencing/ style | Outdated referencing / minor styling errors | Lacks consistency with many errors |
5518118_1_bn305-assignment-1-t2-2020-v1.1
Answer:
Introduction
Significance of VPN for Balmain Hospital Health Care Provider in Australia
The healthcare provider has a website which needs the application of a VPN to prevent web browsers from collecting and analyzing data that the organization deem private. While there are options for the organization to choose from, a VPN is preferred based on the suitability to its intended use. Considering SSL and IPsec, the former is important based on the ability to guarantee more specific access. This is achieved by ensuring different levels of access priorities to users (Upadhyaya, 2015). Moreover, SSL serves as the right choice especially in the case of remote users; they are enabled to achieve a quick connection to applications that they need to use without any form of confusion with the other they do not need. Since full access should be discouraged to ensure data security, SSL is therefore preferred to IPSEC.
How Cisco Adaptive Security Appliances (ASA 5500 Series) would support IPsec and IKE
ASA 5500 Series promotes market-proven security capabilities for the IPsec and IKE. It has the potential of integrating security services with guaranteed high performance, including the incorporation of the applications like SSL and IPsec, antivirus and IPs. The technologies are important for delivering a strong and reliable network while ensuring that the security of an organization is guaranteed as well. It also supports IPsec and IKE bu guaranteeing extensible integrated services architectures. This is possible as it offers strong and adaptive protection from various threats the combination of the various software and hardware capabilities. Consequently, an organization has the opportunity of expanding security capabilities informed by significant policies.
Discuss the role of VPN in supporting the security of businesses, and describe the advantages of SSL/VPN over IPSEC/VPN
VPN is important in securing businesses and the socket layer (SSL) has emerged to be better than IPSEC/VPN. An advantage of SSL is its potential of enabling a secure connection through the use of remote access tunnels. Moreover, SSL is also advantageous because of its level of versatility relative to the ability of IPsec. Even with some additional risks that come with the preferred, it guarantees the required level of efficiency around the security which is a priority (Wu et al 2008).
How Cisco AnyConnect is Designed to Secure the Connections from Mobile Devices
AnyConnect is associated with the potential of supporting multiple connection entries considering the security of mobile devices. It addresses different secure VPN tunnel groups and gateways. When users embrace the configuration of multiple entries of connections, AnyConnec supports the need to help them differentiate choice for the initiation of the connection of VPN. The configuration of entries can be accomplished through any one of the many possible approaches (Upadhyaya, 2015). For one, with AnyConnect, it is possible to achieve a manual configuration by the user. On the same note, the client is defined by the Anyconnect VPN. This is applied when users are prompted in cases which require specification of client behaviour. It further defines the entries of VPN connection.
Free VPN Client Solution
A free VPN client solution is Tinc
First, download the installer from the website. You don’t have to save it, run it from its current location.
The first step in the installation of Tinc is downloading the installer from the website. The installer does not need to be saved, run directly to install.
Open the explorer and head to the directory of installation of tinc. This could be C:Program Filestinc.
Create a new folder and name it according to your VPN
In the folder, create a file and name it tinc.conf.
To confirm the effectiveness of Free VPN Client Solutions, it is important to compare them with each other.
Openswan
It is an implementation for Linux and supporting most extensions related to IPsec. It is installed in Linux OS, which presents a more secure environment.
Tcpcrypt
It is a unique free solution since it does not need any configuration. It supports encryption which also makes it secure.
References
Upadhyaya, S., 2015. Secure Communication Using DNA Cryptography with Secure Socket Layer (SSL) Protocol in Wireless Sensor Networks. Procedia Computer Science, [online] 70, pp.808-813. Available at: <https://www.sciencedirect.com/science/article/pii/S1877050915032858>.
Wu, J., Savoie, M., Campbell, S. and Zhang, H., 2008. A network management tool for resource-partition based layer 1 virtual private networks. International Journal of Network Management, [online] 19(2), pp.139-152. Available at: <https://onlinelibrary.wiley.com/doi/abs/10.1002/nem.696>.
0 responses on "Assessment Details and Submission Guidelines"