Article Preview
TopNetwork Design Security Requirements And Control
The evolution of the computer industry and consequent development of the Internet has brought about revolution, but what has remained consistent are the threats, vulnerabilities, and risks to information and information systems. According to Kovacich (2016), “What has changed is the level of sophistication of the threats—the attacks and the threat agents—as well as the exponentially growing number of them all over the world and from various sources” (p. 4).
Schoenfield (2015) states, “System architecture is the descriptive representation of the system’s component functions and the communication flows between those components” (p. 58). In order to make informed network architecture decisions, one must immediately pose some important questions. What components make up the network architecture? Which network functions are relevant? What is a communication flow?
Network Purpose
The purpose of a physician's network is to safely and securely facilitate the duties and responsibilities of Confidentiality, Integrity, and Availability (CIA). According to Schoenfield (2015), network security architecture practices includes the following:
- 1.
Sensitive data will be safeguarded in storage, transmission, and processing (consisting of patient medical data records, scheduling, and billing information).
- 2.
Network access will be controlled (need-to-know, authentication, and authorization).
- 3.
Protecting and safeguarding network equipment (systems are maintained in such a way that they remain available for use) (p.14).
Network Equipment
The physician’s network (Figure 1) is based on a wireless architecture, consisting of two wireless access points in support of workstations (running Windows 10), printers, and IP phones for ten patient rooms, two doctor’s offices, and Wi-Fi capable laptops and cell phones. The following six servers have been implemented with a switching component:
- 1.
Domain Controller/Active Directory Server – Microsoft Windows
- 2.
Scheduling Server – Running Snap Software
- 3.
Billing Server – Running QuickBooks Software
- 4.
Email Sever – Running Microsoft Exchange Software
- 5.
Patient Database Server – Utilizing Oracle 12
- 6.
Web Server – Internet (TCP/IP)
- 7.
DMZ Server – Security added component
The network also consists of three Next Generation firewalls that add an additional level of security to the network architecture.