Safeguarding of Financial Organization from Cyber-Attack using Next Generation Firewall (NGFW), Security Information & Event Management (SIEM) and Honeypot

No Thumbnail Available
Authors
Rabiul Hasan, Mohammad
Issue Date
2024
Degree
MSc Cybersecurity
Publisher
Dublin Business School
Rights
Abstract
This project explores a robust cybersecurity initiative aimed at fortifying financial organizations against cyber-attacks through the strategic integration of Next Generation Firewall (NGFW), Security Information & Event Management (SIEM), and Honeypot technologies. Conducted on the EVE-NG VM platform, the project employs a multi-zoned strategy, encompassing Outside/Attacker, DMZ, Core/Production, and Branch zones, establishing a secure network design. The NGFW emerges as a linchpin in preventing unauthorized access, specifically shielding critical web servers from potential cyber threats such as unauthorized SSH, FTP, RDP, and Telnet access. Controlled interactions are maintained, allowing real user engagement, while stringent measures block social media sites to enhance security policies and productivity. Within the DMZ, an Intrusion Detection System (IDS) showcases real-time monitoring and alerting capabilities, swiftly identifying and notifying administrators of suspected intrusion attempts. Simultaneously, Wazuh SIEM and HFish honeypot contribute significantly to IT asset inventory, log collection, reporting, management, and attack pattern analysis. This multi layered defense approach not only safeguards sensitive financial data but also empowers organizations to stay one step ahead of cyber adversaries. The amalgamation of NGFW, SIEM, and Honeypot technologies creates a proactive and adaptive defense system, allowing financial organizations to navigate the complex challenges of cybersecurity with resilience and confidence in the face of an ever-evolving digital landscape.