Individual: SOHO Network Security Requirements

Individual: SOHO Network Security
Name
Institution Affiliation
Individual: SOHO Network Security
The primary security requirements should focus on the hybrid network and its components including the external hard drive for backups (Grossman, 2015). Since the hardware and network specifications depict that the organization focuses on the conveyance of information between different points; they should begin by establishing a perimeter network (DMZ) between the organization’s data center and Azure (Microsoft, 2016). The approach will ensure consistent security with the Azure virtual network (VNet) acting as the foundation. As indicated in the figure below, the DMZ will include Network Virtual Appliance (NVAs) that will instigate the functionality of the implemented security techniques, mostly through firewalls and protocols such as packet inspection (Microsoft, 2016). However, the effective execution of the network perimeter will require all the information to channel, forcefully, through the internet, which will be a key component of the network established in the organization.

Figure SEQ Figure * ARABIC 1: Reference Architecture for the Security Requirements of the Hybrid Network. Retrieved from https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/dmz/secure-vnet-hybrid
Key components of the architecture will include:
On-premises network (private local-area network)
Azure Virtual Network (VNet)
Network Virtual Appliance
Web, business, and data tier subnets
User-defined routers
Additionally, the organization will have to define a VPN gateway connection to the hybrid network (Grossman, 2015).

Given such a concrete security system, the organization will have the chance to engage in activities such hybrid applications where information in the different workstations will be accessible in the offices and also through Azure (Microsoft, 2016). Moreover, the DMZ will have infrastructure that requests for granular control over the information stored in the server.
The secondary security requirements will focus on other hardware and network components specified by the organization. The ten workstations will require the integration of smart cards and biometric readers to ensure that only the authorized personnel will have access to the organization’s information (Mohammed, 2010). Moreover, this will supplement the security precautions utilized for the hybrid network. On the other hand, since the three tablets will most likely contain sensitive information, the organization will have to use full disk encryption, biometric readers, and software that alert the necessary persons in case of any threats. The shared printer will facilitate multifunctional printing from the ten workstations. Therefore, the first precaution should be changing the default password and presenting the new one to the representatives in the workstations (Mohammed, 2010; Grossman, 2015)). Secondly, the organization will have to use updated firmware and remote management software such as HP Web JetAdmin. Additionally, these security precautions will apply to the personal printer in the manager’s office.
In conclusion, despite being connected to the network, the organization will have to make additional security precautions for the external drives used for backup. The first step will entail purchasing self-encrypting drives to improve data storage, block unwanted reads/writes of information, instant secure erase, and secure downloads and diagnostics. On the other hand, all the computers including the tablets will have additional protection precautions that will also assist in the removal of malware (Mohammed, 2010). The steps will including installing a firewall, antivirus software, and anti-spy software. The best software for these include Norton Security, Bitdefender, Kaspersky, ESET, Trend Micro, F-Secure, and Secure Anywhere. Moreover, in addition to the biometric readers and smart cards, the organization should encourage the workers in the different workstations to utilize complex and secure passwords (Mohammed, 2010). Assertively, it will be necessary for the representatives using the workstations and tablets to check the Security settings of the installed browsers.
References
Grossman, J. (2015). Pragmatic Security for Cloud and Hybrid Networks: Securosis. Retrieved from https://securosis.com/assets/library/reports/PragmaticNetSec.v.1.final.pdfMohammed, L. A. (2010). On the Design of SOHO Networks. Technological Developments in Networking, Education and Automation, 555-560.
Microsoft (2016). DMZ between Azure and On-Premises Data Center: Microsoft Azure. Retrieved from https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/dmz/secure-vnet-hybrid