Design Of an Enterprise Network Terminal Security Solution
DOI:
https://doi.org/10.26740/vubeta.v2i3.39105Keywords:
Data protection, Enterprise Network, IoT Devices, Terminal Security, VPN EncryptionAbstract
This paper develops a secured enterprise network terminal security solution that seeks to safeguard the confidentiality, integrity, and availability of critical data and network resources, the paper presents a logical approach to designing an enterprise network security solution with a primary focus on optimizing and enhancing the performance of the network terminals (and datacenter critical end devices) security solution. The traditional network infrastructure has predominantly centered the security measured on core network components such as Firewalls, Intrusion Detection Systems/Intrusion Prevention Systems (IDS/SPS) but there are encountered security incidences, this is due to the exponential growth of the Internet of Things (IoT) devices, Bring Your Device (BYOD), and remote workforce trends, the network terminals have become the key points through which users access and utilize network resources for malicious attack and in most cases critical end devices such as servers/storage are the end target. This paper presents a comprehensive framework that places considerable emphasis on improving the terminal security performance by utilizing the existing encryption techniques (VPN) to provide double-step tunnels (VPN). However, in the event of an inevitable attack, the paper also presents a framework of how data center core end components, such as server and storage can be protected from the attack. The paper starts by studying the terminal ecosystem, the current terminal security solution, and the latest terminal security solution and designing the solution deemed fit to secure the terminal network.
Author Biographies
Muhammad Idris Abubakar, Department of Computer Engineering, Faculty of Engineering, Ahmadu Bello University, Zaria, Nigeria
Muhammad Idris Abubakar is a Regional Service Solution Sales Manager in the Southern Africa Service & Software Marketing and Solution Sales Department at Huawei Technologies. With extensive experience in service solution sales, service management, and solution design, he has played a pivotal role in so many projects across multiple countries in Southern Africa. He is an emerging Mobile Money Solution Architect and a network security research enthusiast, with a keen interest in digital financial services and cybersecurity advancement
Ajayi Ore-Ofe, Department of Computer Engineering, Faculty of Engineering, Ahmadu Bello University, Zaria, Nigeria
Ajayi Ore-Ofe is a lecturer at the Department of Computer Engineering, Ahmadu Bello University, Zaria, Nigeria. He received his MSc and Ph.D from Computer Engineering in Control Engineering, in 2017 and 2022 respectively. He received his MSc and Ph.D from the department of Computer Engineering in Ahmadu Bello University, Zaria, Nigeria. He is mainly research in control engineering. He can be contacted at email: ajayi.oreofe17@gmail.com.
Abubakar Umar, Department of Computer Engineering, Faculty of Engineering, Ahmadu Bello University, Zaria, Nigeria
Abubakar Umar is a lecturer in the Department of Computer Engineering at Ahmadu Bello University, Zaria, Nigeria. He earned his BEng Degree from Electrical Engineering Department Ahmadu Bello University, Zaria, Nigeria, in 2011, MSc, and Ph.D. degrees from Computer Engineering Department, Ahmadu Bello University, Zaria, Nigeria, in 2017 and 2024. He specializes in various aspects of computer engineering. His primary research focus is in Control Engineering, where he explores the development and optimization of control systems for different applications. He is dedicated to advancing his research and contributing to academic knowledge in this field.
Ibrahim Ibrahim , Department of Electrical Engineering, Faculty of Engineering, Ahmadu Bello University, Zaria-Nigeria
Ibrahim Ibrahim is a student of Computer Engineering at Ahmadu Bello University, Zaria, Nigeria. He has a keen interest in data science and has been actively pursuing knowledge in this field through various platforms. He has completed several courses on DataCamp and Coursera to strengthen his skills in this field. He is actively taking more courses to expand his knowledge in data analysis and machine learning, aiming to apply these skills in practical and research- based projects.
Lawal Abdulwahab Olugbenga, Department of Computer Engineering, Faculty of Engineering, Ahmadu Bello University, Zaria, Nigeria
Lawal Abdulwahab Olugbenga is a student of Computer Engineering at Ahmadu Bello University, Zaria, Nigeria. He has a strong interest in system architecture and cloud computing. He is focused on developing his expertise in these areas. His academic journey is centered on understanding the design and structure of computing systems, with a goal to apply this knowledge in both practical and research settings.
Ajikanle Abdulbasit Abiola, Department of Computer Engineering, Faculty of Engineering, Ahmadu Bello University, Zaria, Nigeria
Ajikanle Abdulbasit Abiola is a dedicated student of Computer Engineering at Ahmadu Bello University, Zaria, Nigeria. He has a strong passion for network solutions, with a focus on designing and optimizing systems to improve connectivity and communication. His academic journey is driven by a desire to find practical solutions to networking challenges, including network security, efficiency, and scalability. Through his studies, he aims to develop skills that can be applied to real-world problems in the field of computer networks.
References
[1] Dastres, R., & Soor, M., “A Review in Recent Development of Network Threats and Security Measures”, World Academy of Science, Engineering, and Technology International Journal of Computer and Information Engineering, vol.15, no.1, 2021.
[2] Hussein, M. A., & Hamza, E. K., “Secure Mechanism Applied to Big Data for IoT by Using Security Event and Information Management System (SIEM)”, International Journal of Intelligent Engineering & Systems, vol. 15, no. 6, 2022. https://doi.org/10.22266/ijies2022.1231.59
[3] Sarkar, S., Choudhary, G., Shandilya, S. K., Hussain, A., & Kim, H., “Security of Zero Trust Networks in Cloud Computing: A Comparative Review”, Sustainability, vol. 14, no. 18, 11213, 2022. https://doi.org/10.3390/su141811213.
[4] Alzoubi, Y. I., Al-Ahmad, A., Kahtan, H., & Jaradat, A., “Internet of Things and Blockchain Integration: Security, Privacy, Technical, and Design Challenges”, Future Internet, vol. 14, no. 7, 216, 2022. https://doi.org/10.3390/fi14070216.
[5] Rahman, M. M., Faraji, M. R., Islam, M. M., Khatun, M., Uddin, S., & Hasan, M. H, “Gravitating Towards Information Society for Information Security in Information Systems: A Systematic PRISMA Based Review”, Pakistan Journal of Life and Social Sciences (PJLSS), vol 22, no. 1, 2024. https://doi.org/10.57239/PJLSS-2024-22.1.0089.
[6] Lali, K., & Chakor, A., “Improving the Security and Reliability of a Quality Marketing Information System: A Priority Prerequisite for Good Strategic Management of a Successful Entrepreneurial Project”, Data and Metadata, vol. 2, pp. 40-40, 2023. https://doi.org/10.56294/dm202340.
[7] Farid, G., Warraich, N. F., & Iftikhar, S., “Digital Information Security Management Policy in Academic Libraries: A Systematic Review”, Journal of Information Science, 01655515231160026, 2023. https://doi.org/10.1177/01655515231160026.
[8] Alshurideh, M., Alquqa, E., Alzoubi, H., Kurdi, B., & Hamadneh, S., “The Effect of Information Security on e- Supply Chain in the UAE Logistics and Distribution Industry”, Uncertain Supply Chain Management, vol. 11, no. 1, pp. 145-152, 2023. https://doi.org/10.5267/j.uscm.2022.11.001
[9] Mou, J., Cohen, J. F., Bhattacherjee, A., & Kim, J., “A Test of Protection Motivation Theory in the Information Security Literature: A Meta-Analytic Structural Equation Modeling Approach”, Journal of the Association for Information Systems, vol. 23, no. 1, pp. 196-236, 2022. https://doi.org/10.17705/1jais.00723
[10] Edo, O. C., Tenebe, T., Etu, E. E., Ayuwu, A., Emakhu, J., & Adebiyi, S., “Zero Trust Architecture: Trend and Impacton Information Security”, International Journal of Emerging Technology and Advanced Engineering, vol. 12, no. 7, 140, 2022. https://doi.org/10.46338/ijetae0722_15.
[11] Sun, L., & Gao, D., “Security Attitude Prediction Model of Secret‐Related Computer Information System
Based on Distributed Parallel Computing Programming”, Mathematical Problems in Engineering, vol. 1, 3141568, 2022. https://doi.org/10.1155/2022/3141568.
[12] Rahman, M. R., Hezaveh, R. M., & Williams, L., “What are the Attackers doing now? Automating Cyberthreat Intelligence Extraction from Text on Pace with the Changing Threat Landscape: A survey”, ACM Computing Surveys, vol. 55, no. 12, pp. 1-36, 2023. https://doi.org/10.1145/3571726.
[13] Apruzzese, G., Anderson, H. S., Dambra, S., Freeman, D., Pierazzi, F., & Roundy, K., “Real Attackers don't Compute Gradients: Bridging the Gap Between Adversarial ml Research and Practice”, IEEE Conference on Secure and Trustworthy Machine Learning (SaTML), pp. 339-364, 2023. https://doi.org/10.1109/SaTML54575.2023.00031.
[14] Priya, V. D., & Chakkaravarthy, S. S., “Containerized Cloud-Based Honeypot Deception for Tracking Attackers. Scientific Reports, vol. 13, no. 1, 1437, 2023. https://doi.org/10.1038/s41598-023-28613-0.
[15] Saigushev, N. Y., Mikhailova, U. V., Vedeneeva, O. A., & Tsaran, A. A., “Information Systems at Enterprise. Design of Secure Network of Enterprise”, Journal of Physics: Conference Series, vol. 1015, no. 4, p. 042054, 2018. https://doi.org/10.1088/1742-6596/1015/4/042054.
[16] Saigushev, N. Y., Mikhailova, U. V., Vedeneeva, O. A., & Tsaran, A. A., “Information Systems at Enterprise. Design of Secure Network of Enterprise”, Journal of Physics: Conference Series, vol. 1015, no. 4, p. 042054, 2018. https://doi.org/10.1088/1742-6596/1015/4/042054
[17] Tarkaa, N. S., Iannah, P. I., & Iber, I. T., “Design and Simulation of Local Area Network Using Cisco Packet Tracer”, The International Journal of Engineering and Science, vol. 6, no. 10, 63-77, 2017.
[18] Michael E. Whitman, Herbert J. l., Principles of Information Security. Latest edition 2019
[19] Jingyao, S., Chandel, S., Yunnan, Y., Jingji, Z., & Zhipeng, Z.,” Securing a Network: How Effective Using Firewalls and VPNs are?”, Advances in Information and Communication: Proceedings of the 2019 Future of Information and Communication Conference (FICC), vol. 2, pp. 1050-1068, 2019. https://doi.org/10.1007/978-3-030-12385-7_71.
[20] Ahmadi, S., “Next Generation AI-Based Firewalls: A Comparative Study”, International Journal of Computer (IJC), vol. 49, no. 1, pp. 245-262, 2023.
[21] Mukkamala, P. P., & Rajendran, S., “A Survey on the Different Firewall Technologies”, International Journal of Engineering Applied Sciences and Technology, vol. 5, no. 1, pp. 363-365, 2020. https://doi.org/10.33564/IJEAST.2020.v05i01.059.
[22] Anwar, R. W., Abdullah, T., & Pastore, F., “Firewall Best Practices for Securing Smart Healthcare Environment: A Review”, Applied Sciences, vol.11, no. 19, 9183, 2021. https://doi.org/10.3390/app11199183.
[23] Ozkan-Okay, M., Samet, R., Aslan, Ö., & Gupta, D., “A Comprehensive Systematic Literature Review on Intrusion Detection Systems”, IEEE Access, vol. 9, 157727-157760, 2021. https://doi.org/10.1109/ACCESS.2021.3129336.
[24] Heidari, A., & Jabraeil Jamali, M. A., “Internet of Things Intrusion Detection Systems: a Comprehensive Review and Future Directions”, Cluster Computing, vol. 26, no. 6, 3753-3780, 2023. https://doi.org/10.1007/s10586-022-03776-z.
[25] Lansky, J., Ali, S., Mohammadi, M., Majeed, M. K., Karim, S. H. T., Rashidi, S., & Rahmani, A. M., “Deep Learning-Based Intrusion Detection Systems: A Systematic Review”, IEEE Access, vol. 9, 101574-101599, 2021. https://doi.org/10.1109/ACCESS.2021.3097247
[26] Khan, K., Mehmood, A., Khan, S., Khan, M. A., Iqbal, Z., & Mashwani, W. K., “A Survey on Intrusion Detection and Prevention in Wireless Ad-Hoc Networks”, Journal of Systems Architecture, vol.105, 101701, 2020. https://doi.org/10.1016/j.sysarc.2019.101701.
[27] Jayalaxmi, P. L. S., Saha, R., Kumar, G., Conti, M., & Kim, T. H., “Machine and Deep Learning Solutions for Intrusion Detection and Prevention in IoTs: A survey”, IEEE Access, vol. 10, 121173-121192. https://doi.org/10.1109/ACCESS.2022.3220622.
[28] Girdler, T., & Vassilakis, V. G., “Implementing an Intrusion Detection and Prevention System using Software- Defined Networking: Defending against ARP Spoofing Attacks and Blacklisted MAC Addresses”, Computers & Electrical Engineering, vol. 90, 106990. https://doi.org/10.1016/j.compeleceng.2021.106990.
[29] Goswami, A., Patel, R., Mavani, C., & Mistry, H. K., “Intrusion Detection and Prevention for Cloud Security”, International Journal on Recent and Innovation Trends in Computing and Communication, vol. 12, no. 2, pp. 556-63.
[30] Mebawondu, J. O., Alowolodu, O. D., Mebawondu, J. O., & Adetunmbi, A. O., “Network Intrusion Detection System Using Supervised Learning Paradigm”, Scientific African, vol. 9, e00497. https://doi.org/10.1016/j.sciaf.2020.e00497.
[31] Gentile, A. F., Fazio, P., & Miceli, G., “A Survey on the Implementation and Management of Secure Virtual Private Networks (VPNs) and Virtual LANs (VLANs) in Static and Mobile Scenarios.”, Telecom, vol. 2, no. 4, pp. 430-445, 2021. https://doi.org/10.3390/telecom2040025
[32] Nagy, Z., & Wali, M. K., “Virtual Private Network Impacts on the Computer Network Performance with Different Traffic Generators”, IOP Conference Series: Materials Science and Engineering, vol. 881, no. 1, p. 012126). IOP Publishing, 2020. https://doi.org/10.1088/1757-899X/881/1/012126.
[33] Singh, A., & Gupta, B. B., “Distributed denial-of-service (DDoS) Attacks and Defense Mechanisms in Various Web-Enabled Computing Platforms: Issues, Challenges, and Future Research Directions”, International Journal on Semantic Web and Information Systems (IJSWIS), vol. 18, no. 1, pp. 1-43, 2022. https://doi.org/10.4018/IJSWIS.297143.
[34] Virupakshar, K. B., Asundi, M., Channal, K., Shettar, P., Patil, S., & Narayan, D. G., “Distributed Denial of Service (Ddos) Attacks Detection System for Openstack-Based Private Cloud”, Procedia Computer Science, 167, 2297- 2307, 2020. https://doi.org/10.1016/j.procs.2020.03.282.
[35] Osanaiye, O., Choo, K. K. R., & Dlodlo, M., “Distributed Denial of Service (DDoS) Resilience in Cloud: Review and Conceptual Cloud DDoS Mitigation Framework”, Journal of Network and Computer Applications, vol. 67, pp. 147-165, 2016. https://doi.org/10.1016/j.jnca.2016.01.001.
[36] Tripathi, S., Gupta, B., Almomani, A., Mishra, A., & Veluru, S., “Hadoop Based Defense Solution to Handle Distributed Denial of Service (ddos) Attacks”, Journal of Information Security, vol. 4, no. 3, 2013. https://doi.org/10.4236/jis.2013.43018.
[37] Rose, K., Eldridge, S., and Chapin, L., “The internet of things: An overview”, The internet society (ISOC), vol. 80, no. 15, pp. 1-53, 2015.
[38] Li, S., Xu, L. D., & Zhao, S., “The internet of things: a survey”, Information systems frontiers, vol. 17, pp. 243-259. 2015. https://doi.org/10.1007/s10796-014-9492-7.
[39] Xia, F., Yang, L. T., Wang, L., & Vinel, “A. Internet of Things”, International journal of communication systems, vol. 25, no. 9, 1101, 2012. https://doi.org/10.1002/dac.2417
[40] O. Aouedi et al., "A Survey on Intelligent Internet of Things: Applications, Security, Privacy, and Future Directions," IEEE Communications Surveys & Tutorials, vol. 27, no. 2, pp. 1238-1292, 2025. https://doi.org/10.1109/COMST.2024.3430368.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Abubakar Umar
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Abstract views: 55
,
PDF Downloads: 51
