Part 1 and 2

Network Security
Name
Institution
Part 1
A firewall refers to a network safety device that monitors outgoing and incoming network flow and resolves whether to block or allow specific traffic depending on a well-defined set of safety rules. For over 25 years, firewalls act as the first line of protection in network safety. They create an obstacle between controlled and secured internal networks that could be untrusted and trusted outside networks, like the internet. A firewall could be software, hardware, or both. There are various types of firewalls that include proxy, application, packet filter, and Stateful inspection (Schultz, 2010). The packet sifting is a practice used to limit network access. Packet filtering rule sets are defined by network layer firewalls, which provide very effective safety mechanisms. During network communiqué, a node transfers a packet that’s filtered and accorded with predefined policies and rules. When matched, a packet is denied or accepted. Packet filtering confirms destination and source IP addresses. Packet filter checks each packet’s destination and source addresses. A packet is the real data or traffic flowing out and into the network (Abie, 2008). To block a protocol or port, I would go to the “Access control lists,” then specify or set rules blocking a protocol or port’s access to the network. I would test the rules by empirically attempting several cases of links in a logical way. I would try each combination of ports, destination and sources addresses on all crossing points to confirm that my ruleset functions correctly.

To test stateful firewall’s rules, I would craft packets that would aid test firewall’s rules. I can utilize open source and LAN-guard network safety scanner as testing tools. Application firewall refers to a form of firewall that monitors, controls, and scans the network. It makes it possible to manage and control the operations of a service or an application that is outside the information technology environment.
Part 2
Intrusion recognition is the procedure of monitoring the actions occurring in the network and examining them for indications of possible violations, incidents, or imminent dangers to security policies. Intrusion deterrence is the procedure of performing invasion recognition and then preventing the detected occurrences (Scarfone, 2007). These safety measures are existing as intrusion recognition systems and invasion prevention schemes, which become a portion of the network to stop and detect potential incidents. To protect web server, I would choose Linux operating system and applications must all have the utmost recent safety patches installed. The operating system must be hardened as much as imaginable. Also, it should sit behindhand a firewall that solely permits those ports required for operation (Ashoor, 2013). Therefore, the web server must only allow the running of services that are unequivocally needed.
References
Abie, H. (2008). Network Security. Retrieved May 8, 2018, from http://www.uky.edu/~dsianita/390/firewall1.pdf
Ashoor, S. (2013). Web Servers. Retrieved May 8, 2018, from https://web.stanford.edu/class/cs142/cgi-bin/slides/WebServers.pdf
Scarfone, K. (2007). Guide to Invasion Detection and Deterrence Systems (IDPS). Retrieved May 8, 2018, from https://citadel-information.com/wp-content/uploads/2012/08/nist-sp800-94-guide-to-intrusion-detection-and-prevention-systems-2007.pdf
Schultz, E. (2010). Types of Firewalls. Retrieved May 8, 2018, from https://pdfs.semanticscholar.org/94f3/b35cc7a47241d8e7677478e01e6c9029fa7d.pdf