QUES.24 – What is Intranet?

Discuss the features and architecture

of intranet with the help of a diagram.
ANS.24 - An intranet is a private network contained within an enterprise that is
used to securely share company information and computing resources among
employees. An intranet can also be used to facilitate working in groups
and teleconferences.

Intranets increase communication within an organization by allowing employees to

easily access important information, links, applications and forms as well
as databases that can provide company records. Security can also be increased
within the intranet by establishing a database that maintains all of the usernames of
people who are allowed access to the network.

 Uses of the intranet

Potential uses of an intranet include:

 Streamlining everyday activities by making repeated tasks more feasible.

 Centralizing and managing important information and company data in a

single database.

 Making collaboration easier since information can be shared across the

entire network.

90
  Providing personalized content to employees based on their role within the
company.

 Improving internal communication by making employee directories,

company news and organization charts readily available.

 Providing fast and easy access to information about company policies,

benefits and updates.

 How the intranet works

A secure and reliable intranet requires a web server that is responsible for
managing all requests for files hosted on the server, finding the requested file and
delivering it to the appropriate computer. A content management system (CMS)
should also be set up to control the creation, publication and management of
content on the intranet.

An intranet may also consist of many interlinked local area networks (LANs) as
well as leased lines in the wide area network (WAN). It uses TCP/IP, HTTP, and
other Internet protocols (IP). Typically, an intranet includes connections through
one or more gateway computers to the outside Internet.

An employee who wants to access the intranet must have a special network
password and be connected to the LAN. However, an employee working remotely
can gain access to the intranet through a virtual private network (VPN). The VPN
allows users who are not actually connected to the required LAN to sign into the
intranet and access all the same information and functions that would be available
had they been connected to the LAN.

Firewall software is essential to the security of an organization's intranet; it stands

between the outside Internet and the private intranet. The firewall will monitor all
incoming and outgoing data packets to confirm they do not contain unauthorized or
suspicious requests, ensuring malware and other malicious attacks do not leak into
the intranet. When a segment of an intranet is made accessible to customers,
partners, suppliers, or others outside the company, that segment becomes part of

91
an extranet. The firewall is especially important for intranet networks that include
extranet extensions.

The intranet generally looks like a private version of the Internet. With tunneling,
companies can send private messages through the public network while using
special encryption/decryption and other security safeguards to connect one part of
their intranet to another.

 Benefits and challenges of the intranet

Some potential benefits of using an intranet include:

 Improved communication, information sharing and collaboration within a

business.

 An increased return on investment (ROI) due to the low implementation and

operating costs.

 The ability for human resources to manage employee records and for
customer service representatives to track help requests.

 The use of the intranet as a testing environment for new ideas before they
are implemented on the company's Internet webpage.

 An improved corporate culture within a business through the use of a social

intranet that is built around people and focused on enabling widespread
participation and interaction.

Some challenges faced when using an intranet include:

 A lack of intranet users and therefore a lack of the content, communications

and documents that are necessary to make the intranet beneficial.

 A loss of interest amongst users after the initial excitement and novelty of
the intranet has worn off, also resulting in a lack of content.

92
QUES.25 – Write short note on:

(a) Application of Intranet (b) Merits and demerits of Intranet

ANS. (a) Application of Intranet –

Business Applications for an Intranet

Organizations everywhere are attempting to implement new, more efficient

information technology solutions to common business needs. One of the key
enabling technologies is an intranet: web-based applications running on the LAN
to collect and display company information. This is one of the most versatile, cost-
effective ways to support many business needs. Here are some examples of
business applications that can be supported by an intranet (in conjunction with
other server-side software such as a database):

Information Management:

 Strategic Decision Support

 Enterprise resource management

 On-Line Analytical Protocol (OLAP) for data analysis

 Financial data reporting system

 Time & leave system

 Procurement and supply system

 Travel system

 Employee skills management, teaming

 Balanced Scorecard data collection and reporting

 Knowledge management, metadata development

 Y2K status database

 Performance-based promotion decision support

93
Marketing:

 Promotional presentations (multimedia)

 Customer support

 Customer surveys

Workflow:

 Distributed development teamwork (detachments, partners)

 Process control

 Project scheduling and task tracking

 Calendars for people and meeting rooms

 Process monitoring and data collection

 Productivity monitoring

 Activity-Based Costing

 Business Process Improvement support

 Signature authentication, approvals and tracking

Communications enhancement:

 Secure communications

 Security testing and monitoring

 Registration form

 Internet telephone

 Video and teleconferencing

 Anonymous channel ("rumor mill")

 Threaded discussions

 Chat server
94
  Push technology

 Groupware, e.g. NetMeeting

 Web email

Document Management:

 News

 CAD viewer & server

 File servers

 Forms server

 Document management, library

 Research support using Intelligent Agents and profiles

 Search tools

 Server statistics & reports

Training:

 Online training

 Online testing and certification

 Collaborative training

(b) Merits and Demerits of Intranet –

Advantages of Intranet

There are number of advantages of intranet discussed below

 Intranets offering workforce productivity which can help user to find and
observe information very fast. User may also use applications according to
their roles and tasks. Through web browser a user can get access to entire
contents of any website from anywhere or any time. Intranet also increase

95
 the ability of employee’s by performing their job confidently very fast, and
accurately.

 Intranet permits business companies to share out information to employees

according to their need or requirements. Employees may also link to
appropriate data at their expediency.

 The best advantage offered by intranet is communications within an

organization or business company, landscape or portrait. Intranets are
helpful to converse planned initiative that has an international reach all
through the organization. The well known examples of transportation are
chat, email, and blogs. A actual world example of Intranet is Nestle had a
number of food processing plants.

 The most significant advantage of Intranet is Web publishing which permits

burdensome corporate knowledge to be continued and effortlessly access all
through the company using Web technologies and hypermedia. The familiar
examples of web publishing consist of training, news feed, company polices,
documents, and employee manual. Intranet can be accessed general internet
standards such as CGI applications, Flash files, and Acrobat files. Each unit
can bring up to date the online copy of a document and intranet always
provides the most recent version to employees.

 Intranet offering business operations and administration solutions because it

also being used as a platform of mounting and organizing applications across
the internet world.

 Another advantage of Intranet is time saving because there is no need to

maintain physical documents such as procedure manual, requisition forms,
and internet phone list.

 Now intranet facilitates their user o view and gets information and data via
web browser. Intranet also save the money of any organization on printing,
publishing and overall maintenance.

 Through Intranet common corporate culture every user can view the similar
information.

96
  Intranet offer improve teamwork through which teamwork is enabled and all
certified users can get access to information.

 Intranet providing cross platform capability for UNIX, Mac, Windows.

 Intranet offering their user to write applications on their browser without

cross-browser compatibility issues.

 Intranet is a Web-based tool that permits users to produce a customized site

according their requirements. You can pull all Internet actions and most
wanted contented into a single page which make easier to access.

Disadvantages of Intranet

 Intranet has great features for interconnected manners but has some
disadvantages too

 Management does need to stop control of specific information, this problem

can be minimized but with appropriate prudence.

 The other disadvantage of Intranet is security issue

 Intranet gathered everything in one location which is really good but if it is

not prearranged then you will spoil everything.

 The cost of intranet is very high but has lots of advantages after
implementing.

97
Q26 – Give a brief description on intranet security design. Also
discuss various threats in an Intranet.
ANS The Security Features & Design practice is charged with creating usable
security patterns for major security controls (meeting the standards defined in the
Standards and Requirements practice), building middleware frameworks for those
controls, and creating and publishing other proactive security guidance.

Security Features & Design Level 1

[SFD1.1: 98] Build and publish security features.

Rather than having each project team implement its own security features (e.g.,
authentication, role management, key management, audit/log, cryptography,
protocols), the SSG provides proactive guidance by acting as a clearinghouse of
security features for development groups to use. These features might be
discovered during code review, created by the SSG or a specialized development
team, or be part of a library provided by a vendor, such as a cloud service provider.
Generic security features often have to be tailored for specific platforms. A mobile
crypto feature will likely need at least two versions to cover Android and iOS,
while managing identity in the cloud might require versions specific to AWS,
Google, and Azure. Project teams benefit from implementations that come
preapproved by the SSG, and the SSG benefits by not having to repeatedly track
down the kinds of subtle errors that often creep into security features.

[SFD1.2: 69] Engage the SSG with architecture teams.

Security is a regular topic in the organization’s software architecture discussions,

with the architecture team taking responsibility for security in the same way that it
takes responsibility for performance, availability, and scalability. One way to keep
security from falling out of these discussions is to have an SSG member participate
in architecture discussions. In other cases, enterprise architecture teams can help
the SSG create secure designs that integrate properly into corporate design
standards. Proactive engagement by the SSG is key to success here. Moving a
well-known system to the cloud means reengaging the SSG, for example. It’s
never safe for one team to assume another team has addressed security
requirements.

98
Security Features & Design Level 2

[SFD2.1: 31] Leverage secure-by-design middleware frameworks and

common libraries.

The SSG takes a proactive role in software design by building or providing

pointers to secure-by-design middleware frameworks or common libraries. In
addition to teaching by example, this middleware aids architecture analysis and
code review because the building blocks make it easier to spot errors. For example,
the SSG can modify a popular web framework, such as Spring, to make it easy to
meet input validation requirements. Eventually, the SSG can tailor code review
rules specifically for the components it offers (see [CR3.1 Use automated tools
with tailored rules]). When adopting a middleware framework (or any other widely
used software), the SSG must carefully vet the software for security before
publication. Encouraging adoption and use of insecure middleware doesn’t help the
overall software security goal. Generic open source software security frameworks
and libraries (e.g., Spring Security, NaCl), should not be considered secure by
design. Attempting to bolt security on at the end by calling a library is always an
unsuccessful approach to secure design.

[SFD2.2: 40] Create an SSG capability to solve difficult design problems.

The SSG contributes to new architecture and solves difficult design problems,
minimizing the negative impact that security has on other constraints (time to
market, price, etc.). If a skilled security architect from the SSG is involved in the
design of a new protocol, he or she can analyze the security implications of
existing protocols and identify elements that should be duplicated or avoided.
Likewise, having a security architect understand the security implications of
moving a seemingly well-understood application to the cloud saves a lot of
headaches later. Designing for security up front is more efficient than analyzing an
existing design for security and refactoring when flaws are uncovered, so the SSG
should be involved early in the new project process. Note that some design
problems will require specific expertise outside of the SSG: even the best expert
can’t scale to cover the needs of an entire software portfolio.

99
Security Features & Design Level 3

[SFD3.1: 11] Form a review board or central committee to approve and

maintain secure design patterns.

A review board or central committee formalizes the process of reaching consensus

on design needs and security tradeoffs. Unlike the architecture committee, this
group focuses on providing security guidance and also periodically reviews already
published design standards (especially around authentication, authorization, and
cryptography) to ensure that design decisions don’t become stale or out of date.
Moreover, a review board can help control the chaos often associated with the
adoption of new technologies when development groups might otherwise make
decisions on their own without ever engaging the SSG.

[SFD3.2: 12] Require use of approved security features and frameworks.

Implementers take their security features and frameworks from an approved list or
repository. There are two benefits to this activity: developers don’t spend time
reinventing existing capabilities, and review teams don’t have to contend with
finding the same old defects in new projects or when new platforms are adopted.
Essentially, the more a project uses proven components, the easier testing, code
review, and architecture analysis become (see [AA1.1 Perform security feature
review]). Reuse is a major advantage of consistent software architecture and is
particularly helpful for agile development and velocity maintenance in CI/CD
pipelines. Container-based approaches make it especially easy to package and
reuse approved features and frameworks (see [SE3.4 Use application containers]).

[SFD3.3: 4] Find and publish mature design patterns from the organization.

The SSG fosters centralized design reuse by collecting design patterns (sometimes
referred to as security blueprints) from across the organization and publishing them
for everyone to use. A section of the SSG website could promote positive elements
identified during architecture analysis so that good ideas are spread. This process is
formalized: an ad hoc, accidental noticing isn’t sufficient. In some cases, a central
architecture or technology team can facilitate and enhance this activity. Common
design patterns accelerate development, so it’s important to use secure design

100
patterns not just for applications but for all software (microservices, APIs,
frameworks, infrastructure, and automation).

The issue of intranet security is usually met with stifled yawns or glazed eyes when
it’s mentioned in the office. Often there’s an assumption that because it’s an
internal network, the intranet site is somehow magically secure from viruses and
hacking. But the issue of intranet security goes beyond external threats. Ensuring
that the right staff are accessing the right information is also an important part of
intranet security. In this article, we look at what you need to be doing to ensure the
security of the office intranet.

Intranet Security: External Threats

Even though the intranet is a closed, private network, it is still susceptible to

external threats from hackers or malicious software including worms, viruses, and
malware. Below we examine some of the external threats to the intranet and how to
address them.

Network Security Threats

It’s best to use a firewall to mitigate against external threats. In simple terms,
a firewall is a protective barrier between the intranet and the internet. It is a
software program or a hardware device that filters the information coming through
to the intranet from the internet. Firewalls may decide to allow or block network
traffic between devices based on the rules that are pre-configured or set by the
firewall administrator.

Firewalls provide security for a number of online threats, and while they cannot
guarantee against all threats, they are an essential first line of defence.

Security Breaches

From time to time, the intranet may encounter suspicious traffic such as spam,
phishing, spyware or malware. Using an effective email filter and firewall will help
to block this suspicious traffic.

Viruses

101
Most organizations understand they need to have anti-virus software installed.
However, the threat from viruses is constantly changing, and so it is vital that you
regularly update the software with the latest versions.

As well as external threats to intranet security, there are a number of internal

threats that need to be addressed.

Intranet Security: Internal Threats

Weak Passwords

Too often users have weak passwords, share them with colleagues, never change
them and sometimes they even write them down or tape them to their PCs. The
intranet should be set up so that employees are required to change their passwords
on a regular basis (every 60 days should be standard) and to use passwords of a
minimum length and a combination of letters, numbers and keyboard symbols (for
example, H2pl#5%).

Access Control

Are the right employees accessing the right information? Brian in Sales should not
be able to access sensitive boardroom minutes. Similarly, Jenny in Marketing
should not be able to view employees’ pay details. Access to information can be
secured on the intranet via a series of file permissions and page permissions. These
permissions can be set by a job title, team function, geographic location – whatever
is appropriate for that data.

Allied to this is the need to ensure that permissions are reviewed on a regular basis.
There have been instances where employees have been able to access sensitive
information by a job role they had some ten years ago! Likewise, employees who
no longer work for the company must have their access deleted as soon as they
leave.

102
Q27 – What is a communication protocol? Discuss its types with the
help of diagrams.
ANS. In telecommunication, a communication protocol is a system of rules that
allow two or more entities of a communications system to transmit information via
any kind of variation of a physical quantity. The protocol defines the rules, syntax,
semantics and synchronization of communication and possible error recovery
methods. Protocols may be implemented by hardware, software, or a combination
of both.

Communicating systems use well-defined formats for exchanging various

messages. Each message has an exact meaning intended to elicit a response from a
range of possible responses pre-determined for that particular situation. The
specified behavior is typically independent of how it is to be implemented.
Communication protocols have to be agreed upon by the parties involved. To reach
an agreement, a protocol may be developed into a technical standard.

A programming language describes the same for computations, so there is a close

analogy between protocols and programming languages: protocols are to
communication what programming languages are to computations. An alternate
formulation states that protocols are to communication what algorithms are to
computation.

Multiple protocols often describe different aspects of a single communication. A

group of protocols designed to work together are known as a protocol suite; when
implemented in software they are a protocol stack.

Internet communication protocols are published by the Internet Engineering Task

Force (IETF). The IEEE handles wired and wireless networking, and
the International Organization for Standardization (ISO) handles other types.
The ITU-T handles telecommunication protocols and formats for the public
switched telephone network (PSTN). As the PSTN and Internet converge, the
standards are also being driven towards convergence.

103
 Types of Communication Protocols :-

1. Transmission Control Protocol (TCP): TCP is a popular communication

protocol which is used for communicating over a network. It divides any
message into series of packets that are sent from source to destination and
there it gets reassembled at the destination.

2. Internet Protocol (IP): IP is designed explicitly as addressing protocol. It is

mostly used with TCP. The IP addresses in packets help in routing them
through different nodes in a network until it reaches the destination system.
TCP/IP is the most popular protocol connecting the networks.

3. User Datagram Protocol (UDP): UDP is a substitute communication

protocol to Transmission Control Protocol implemented primarily for
creating loss-tolerating and low-latency linking between different
applications.

4. Post office Protocol (POP): POP3 is designed for receiving incoming E-

mails.

5. Simple mail transport Protocol (SMTP): SMTP is designed to send and

distribute outgoing E-Mail.

6. File Transfer Protocol (FTP): FTP allows users to transfer files from one
machine to another. Types of files may include program files, multimedia
files, text files, and documents, etc.

104
 7. Hyper Text Transfer Protocol (HTTP): HTTP is designed for transferring a
hypertext among two or more systems. HTML tags are used for creating
links. These links may be in any form like text or images. HTTP is designed
on Client-server principles which allow a client system for establishing a
connection with the server machine for making a request. The server
acknowledges the request initiated by the client and responds accordingly.

8. Hyper Text Transfer Protocol Secure (HTTPS): HTTPS is abbreviated as

Hyper Text Transfer Protocol Secure is a standard protocol to secure the
communication among two computers one using the browser and other
fetching data from web server. HTTP is used for transferring data between
the client browser (request) and the web server (response) in the hypertext
format, same in case of HTTPS except that the transferring of data is done in
an encrypted format. So it can be said that https thwart hackers from
interpretation or modification of data throughout the transfer of packets.

9. Telnet: Telnet is a set of rules designed for connecting one system with
another. The connecting process here is termed as remote login. The system
which requests for connection is the local computer, and the system which
accepts the connection is the remote computer.

10.Gopher: Gopher is a collection of rules implemented for searching,

retrieving as well as displaying documents from isolated sites. Gopher also
works on the client/server principle.

 Some Other Protocols

Some other popular protocols act as co-functioning protocols associated with these
primary protocols for core functioning. These are:

 ARP (Address Resolution Protocol)

 DHCP (Dynamic Host Configuration Protocol)

 IMAP4 (Internet Message Access Protocol)

 SIP (Session Initiation Protocol)

 RTP (Real-Time Transport Protocol)

105
106