Design of an Enterprise Network Terminal Security Solution
DOI:
https://doi.org/10.26740/vubeta.v2i3.39105Keywords:
Data protection, Enterprise Network, IoT Devices, Terminal Security, VPN EncryptionAbstract
This paper presents a secure enterprise network terminal security solution designed to protect the confidentiality, integrity, and availability of critical data and network resources. It presents a logical approach to creating an enterprise network security architecture with a primary focus on optimizing and enhancing the performance of as data center servers and storage. Traditionally, network infrastructure has primarily focused security measures on core components, such as firewalls and intrusion detection/prevention systems (IDS/IPS). However, the exponential growth of Internet of Things (IoT) devices, Bring Your Device (BYOD) policies, and remote workforce trends has shifted the threat landscape, making network terminals key vectors for malicious access, with critical end devices often being the ultimate targets. This study presents a comprehensive framework that prioritizes terminal-level security by integrating existing encryption techniques, specifically a double layer VPN tunnel architecture, to enhance data transmission confidentiality. A significant contribution of the paper lies in its structured classification of network terminals into thoughtful, intelligent, and dumb categories based on capability and memory—an approach that supports tailored security
implementations. The framework also outlines contingency measures for securing data center endpoints in the event of a breach scenario. The novelty of this work lies in its focused protection strategy for terminals within enterprise environments, bridging the security gap between endpoints and core infrastructure. The proposed solution demonstrates the potential to reduce exposure to ransomware and targeted attacks through layered defenses and a proactive disaster recovery and business continuity (DR&B) strategy, despite limitations in real-world simulation due to resource constraints.
Author Biographies
Muhammad Idris Abubakar, Department of Computer Engineering, Faculty of Engineering, Ahmadu Bello University, Zaria, Nigeria
Muhammad Idris Abubakar is a Regional Service Solution Sales Manager in the Southern Africa Service & Software Marketing and Solution Sales Department at Huawei Technologies. With extensive experience in service solution sales, service management, and solution design, he has played a pivotal role in so many projects across multiple countries in Southern Africa. He is an emerging Mobile Money Solution Architect and a network security research enthusiast, with a keen interest in digital financial services and cybersecurity advancement
Ajayi Ore-Ofe, Department of Computer Engineering, Faculty of Engineering, Ahmadu Bello University, Zaria, Nigeria
Ajayi Ore-Ofe is a lecturer at the Department of Computer Engineering, Ahmadu Bello University, Zaria, Nigeria. He received his MSc and Ph.D from Computer Engineering in Control Engineering, in 2017 and 2022 respectively. He received his MSc and Ph.D from the department of Computer Engineering in Ahmadu Bello University, Zaria, Nigeria. He is mainly research in control engineering. He can be contacted at email: ajayi.oreofe17@gmail.com.
Abubakar Umar, Department of Computer Engineering, Faculty of Engineering, Ahmadu Bello University, Zaria, Nigeria
Abubakar Umar is a lecturer in the Department of Computer Engineering at Ahmadu Bello University, Zaria, Nigeria. He earned his BEng Degree from Electrical Engineering Department Ahmadu Bello University, Zaria, Nigeria, in 2011, MSc, and Ph.D. degrees from Computer Engineering Department, Ahmadu Bello University, Zaria, Nigeria, in 2017 and 2024. He specializes in various aspects of computer engineering. His primary research focus is in Control Engineering, where he explores the development and optimization of control systems for different applications. He is dedicated to advancing his research and contributing to academic knowledge in this field.
Ibrahim Ibrahim , Department of Electrical Engineering, Faculty of Engineering, Ahmadu Bello University, Zaria-Nigeria
Ibrahim Ibrahim is a student of Computer Engineering at Ahmadu Bello University, Zaria, Nigeria. He has a keen interest in data science and has been actively pursuing knowledge in this field through various platforms. He has completed several courses on DataCamp and Coursera to strengthen his skills in this field. He is actively taking more courses to expand his knowledge in data analysis and machine learning, aiming to apply these skills in practical and research- based projects.
Lawal Abdulwahab Olugbenga, Department of Computer Engineering, Faculty of Engineering, Ahmadu Bello University, Zaria, Nigeria
Lawal Abdulwahab Olugbenga is a student of Computer Engineering at Ahmadu Bello University, Zaria, Nigeria. He has a strong interest in system architecture and cloud computing. He is focused on developing his expertise in these areas. His academic journey is centered on understanding the design and structure of computing systems, with a goal to apply this knowledge in both practical and research settings.
Ajikanle Abdulbasit Abiola, Department of Computer Engineering, Faculty of Engineering, Ahmadu Bello University, Zaria, Nigeria
Ajikanle Abdulbasit Abiola is a dedicated student of Computer Engineering at Ahmadu Bello University, Zaria, Nigeria. He has a strong passion for network solutions, with a focus on designing and optimizing systems to improve connectivity and communication. His academic journey is driven by a desire to find practical solutions to networking challenges, including network security, efficiency, and scalability. Through his studies, he aims to develop skills that can be applied to real-world problems in the field of computer networks.
References
[1] Dastres, R., & Soor, M., “A Review in Recent Development of Network Threats and Security Measures”, World Academy of Science, Engineering, and Technology International Journal of Computer and Information Engineering, vol.15, no.1, 2021.
[2] Hussein, M. A., & Hamza, E. K., “Secure Mechanism Applied to Big Data for IoT by Using Security Event and Information Management System (SIEM)”, International Journal of Intelligent Engineering & Systems, vol. 15, no. 6, 2022. https://doi.org/10.22266/ijies2022.1231.59
[3] Sarkar, S., Choudhary, G., Shandilya, S. K., Hussain, A., & Kim, H., “Security of Zero Trust Networks in Cloud Computing: A Comparative Review”, Sustainability, vol. 14, no. 18, 11213, 2022. https://doi.org/10.3390/su141811213.
[4] Alzoubi, Y. I., Al-Ahmad, A., Kahtan, H., & Jaradat, A., “Internet of Things and Blockchain Integration: Security, Privacy, Technical, and Design Challenges”, Future Internet, vol. 14, no. 7, 216, 2022. https://doi.org/10.3390/fi14070216.
[5] Rahman, M. M., Faraji, M. R., Islam, M. M., Khatun, M., Uddin, S., & Hasan, M. H, “Gravitating Towards Information Society for Information Security in Information Systems: A Systematic PRISMA Based Review”, Pakistan Journal of Life and Social Sciences (PJLSS), vol 22, no. 1, 2024. https://doi.org/10.57239/PJLSS-2024-22.1.0089.
[6] Lali, K., & Chakor, A., “Improving the Security and Reliability of a Quality Marketing Information System: A Priority Prerequisite for Good Strategic Management of a Successful Entrepreneurial Project”, Data and Metadata, vol. 2, pp. 40-40, 2023. https://doi.org/10.56294/dm202340.
[7] Farid, G., Warraich, N. F., & Iftikhar, S., “Digital Information Security Management Policy in Academic Libraries: A Systematic Review”, Journal of Information Science, 01655515231160026, 2023. https://doi.org/10.1177/01655515231160026.
[8] Alshurideh, M., Alquqa, E., Alzoubi, H., Kurdi, B., & Hamadneh, S., “The Effect of Information Security on e- Supply Chain in the UAE Logistics and Distribution Industry”, Uncertain Supply Chain Management, vol. 11, no. 1, pp. 145-152, 2023. https://doi.org/10.5267/j.uscm.2022.11.001
[9] Mou, J., Cohen, J. F., Bhattacherjee, A., & Kim, J., “A Test of Protection Motivation Theory in the Information Security Literature: A Meta-Analytic Structural Equation Modeling Approach”, Journal of the Association for Information Systems, vol. 23, no. 1, pp. 196-236, 2022. https://doi.org/10.17705/1jais.00723
[10] Edo, O. C., Tenebe, T., Etu, E. E., Ayuwu, A., Emakhu, J., & Adebiyi, S., “Zero Trust Architecture: Trend and Impacton Information Security”, International Journal of Emerging Technology and Advanced Engineering, vol. 12, no. 7, 140, 2022. https://doi.org/10.46338/ijetae0722_15.
[11] Sun, L., & Gao, D., “Security Attitude Prediction Model of Secret‐Related Computer Information System
Based on Distributed Parallel Computing Programming”, Mathematical Problems in Engineering, vol. 1, 3141568, 2022. https://doi.org/10.1155/2022/3141568.
[12] Rahman, M. R., Hezaveh, R. M., & Williams, L., “What are the Attackers doing now? Automating Cyberthreat Intelligence Extraction from Text on Pace with the Changing Threat Landscape: A survey”, ACM Computing Surveys, vol. 55, no. 12, pp. 1-36, 2023. https://doi.org/10.1145/3571726.
[13] Apruzzese, G., Anderson, H. S., Dambra, S., Freeman, D., Pierazzi, F., & Roundy, K., “Real Attackers don't Compute Gradients: Bridging the Gap Between Adversarial ml Research and Practice”, IEEE Conference on Secure and Trustworthy Machine Learning (SaTML), pp. 339-364, 2023. https://doi.org/10.1109/SaTML54575.2023.00031.
[14] Priya, V. D., & Chakkaravarthy, S. S., “Containerized Cloud-Based Honeypot Deception for Tracking Attackers. Scientific Reports, vol. 13, no. 1, 1437, 2023. https://doi.org/10.1038/s41598-023-28613-0.
[15] Saigushev, N. Y., Mikhailova, U. V., Vedeneeva, O. A., & Tsaran, A. A., “Information Systems at Enterprise. Design of Secure Network of Enterprise”, Journal of Physics: Conference Series, vol. 1015, no. 4, p. 042054, 2018. https://doi.org/10.1088/1742-6596/1015/4/042054.
[16] Saigushev, N. Y., Mikhailova, U. V., Vedeneeva, O. A., & Tsaran, A. A., “Information Systems at Enterprise. Design of Secure Network of Enterprise”, Journal of Physics: Conference Series, vol. 1015, no. 4, p. 042054, 2018. https://doi.org/10.1088/1742-6596/1015/4/042054
[17] Tarkaa, N. S., Iannah, P. I., & Iber, I. T., “Design and Simulation of Local Area Network Using Cisco Packet Tracer”, The International Journal of Engineering and Science, vol. 6, no. 10, 63-77, 2017.
[18] Michael E. Whitman, Herbert J. l., Principles of Information Security. Latest edition 2019
[19] Jingyao, S., Chandel, S., Yunnan, Y., Jingji, Z., & Zhipeng, Z.,” Securing a Network: How Effective Using Firewalls and VPNs are?”, Advances in Information and Communication: Proceedings of the 2019 Future of Information and Communication Conference (FICC), vol. 2, pp. 1050-1068, 2019. https://doi.org/10.1007/978-3-030-12385-7_71.
[20] Ahmadi, S., “Next Generation AI-Based Firewalls: A Comparative Study”, International Journal of Computer (IJC), vol. 49, no. 1, pp. 245-262, 2023.
[21] Mukkamala, P. P., & Rajendran, S., “A Survey on the Different Firewall Technologies”, International Journal of Engineering Applied Sciences and Technology, vol. 5, no. 1, pp. 363-365, 2020. https://doi.org/10.33564/IJEAST.2020.v05i01.059.
[22] Anwar, R. W., Abdullah, T., & Pastore, F., “Firewall Best Practices for Securing Smart Healthcare Environment: A Review”, Applied Sciences, vol.11, no. 19, 9183, 2021. https://doi.org/10.3390/app11199183.
[23] Ozkan-Okay, M., Samet, R., Aslan, Ö., & Gupta, D., “A Comprehensive Systematic Literature Review on Intrusion Detection Systems”, IEEE Access, vol. 9, 157727-157760, 2021. https://doi.org/10.1109/ACCESS.2021.3129336.
[24] Heidari, A., & Jabraeil Jamali, M. A., “Internet of Things Intrusion Detection Systems: a Comprehensive Review and Future Directions”, Cluster Computing, vol. 26, no. 6, 3753-3780, 2023. https://doi.org/10.1007/s10586-022-03776-z.
[25] Lansky, J., Ali, S., Mohammadi, M., Majeed, M. K., Karim, S. H. T., Rashidi, S., & Rahmani, A. M., “Deep Learning-Based Intrusion Detection Systems: A Systematic Review”, IEEE Access, vol. 9, 101574-101599, 2021. https://doi.org/10.1109/ACCESS.2021.3097247
[26] Khan, K., Mehmood, A., Khan, S., Khan, M. A., Iqbal, Z., & Mashwani, W. K., “A Survey on Intrusion Detection and Prevention in Wireless Ad-Hoc Networks”, Journal of Systems Architecture, vol.105, 101701, 2020. https://doi.org/10.1016/j.sysarc.2019.101701.
[27] Jayalaxmi, P. L. S., Saha, R., Kumar, G., Conti, M., & Kim, T. H., “Machine and Deep Learning Solutions for Intrusion Detection and Prevention in IoTs: A survey”, IEEE Access, vol. 10, 121173-121192. https://doi.org/10.1109/ACCESS.2022.3220622.
[28] Girdler, T., & Vassilakis, V. G., “Implementing an Intrusion Detection and Prevention System using Software- Defined Networking: Defending against ARP Spoofing Attacks and Blacklisted MAC Addresses”, Computers & Electrical Engineering, vol. 90, 106990. https://doi.org/10.1016/j.compeleceng.2021.106990.
[29] Goswami, A., Patel, R., Mavani, C., & Mistry, H. K., “Intrusion Detection and Prevention for Cloud Security”, International Journal on Recent and Innovation Trends in Computing and Communication, vol. 12, no. 2, pp. 556-63.
[30] Mebawondu, J. O., Alowolodu, O. D., Mebawondu, J. O., & Adetunmbi, A. O., “Network Intrusion Detection System Using Supervised Learning Paradigm”, Scientific African, vol. 9, e00497. https://doi.org/10.1016/j.sciaf.2020.e00497.
[31] Gentile, A. F., Fazio, P., & Miceli, G., “A Survey on the Implementation and Management of Secure Virtual Private Networks (VPNs) and Virtual LANs (VLANs) in Static and Mobile Scenarios.”, Telecom, vol. 2, no. 4, pp. 430-445, 2021. https://doi.org/10.3390/telecom2040025
[32] Nagy, Z., & Wali, M. K., “Virtual Private Network Impacts on the Computer Network Performance with Different Traffic Generators”, IOP Conference Series: Materials Science and Engineering, vol. 881, no. 1, p. 012126). IOP Publishing, 2020. https://doi.org/10.1088/1757-899X/881/1/012126.
[33] Singh, A., & Gupta, B. B., “Distributed denial-of-service (DDoS) Attacks and Defense Mechanisms in Various Web-Enabled Computing Platforms: Issues, Challenges, and Future Research Directions”, International Journal on Semantic Web and Information Systems (IJSWIS), vol. 18, no. 1, pp. 1-43, 2022. https://doi.org/10.4018/IJSWIS.297143.
[34] Virupakshar, K. B., Asundi, M., Channal, K., Shettar, P., Patil, S., & Narayan, D. G., “Distributed Denial of Service (Ddos) Attacks Detection System for Openstack-Based Private Cloud”, Procedia Computer Science, 167, 2297- 2307, 2020. https://doi.org/10.1016/j.procs.2020.03.282.
[35] Osanaiye, O., Choo, K. K. R., & Dlodlo, M., “Distributed Denial of Service (DDoS) Resilience in Cloud: Review and Conceptual Cloud DDoS Mitigation Framework”, Journal of Network and Computer Applications, vol. 67, pp. 147-165, 2016. https://doi.org/10.1016/j.jnca.2016.01.001.
[36] Tripathi, S., Gupta, B., Almomani, A., Mishra, A., & Veluru, S., “Hadoop Based Defense Solution to Handle Distributed Denial of Service (ddos) Attacks”, Journal of Information Security, vol. 4, no. 3, 2013. https://doi.org/10.4236/jis.2013.43018.
[37] Rose, K., Eldridge, S., and Chapin, L., “The internet of things: An overview”, The internet society (ISOC), vol. 80, no. 15, pp. 1-53, 2015.
[38] Li, S., Xu, L. D., & Zhao, S., “The internet of things: a survey”, Information systems frontiers, vol. 17, pp. 243-259. 2015. https://doi.org/10.1007/s10796-014-9492-7.
[39] Xia, F., Yang, L. T., Wang, L., & Vinel, “A. Internet of Things”, International journal of communication systems, vol. 25, no. 9, 1101, 2012. https://doi.org/10.1002/dac.2417
[40] O. Aouedi et al., "A Survey on Intelligent Internet of Things: Applications, Security, Privacy, and Future Directions," IEEE Communications Surveys & Tutorials, vol. 27, no. 2, pp. 1238-1292, 2025. https://doi.org/10.1109/COMST.2024.3430368.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Abubakar Umar
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Abstract views: 325
,
PDF Downloads: 318
