Adaptive packets are encrypted by scrambling theAdaptive packets are encrypted by scrambling the

Adaptive Security Appliance (ASA) is used to configure and establish accessibility to a Simple Mail Transfer Protocol (SMTP) server. The server located in the Demilitarized Zone (DMZ), the inside network. NAT and access list must be configured in order to give access the outside users to access the mail server. To allow access to the outside network to the email server requires the outside_int, in-order to permit the outside users to access list. Allows you to specify a simulated packet and view all of the various steps, checks, and functions that the Firewall goes through when it processes traffic. ASA is a security device that combines firewall, antivirus, intrusion prevention, and virtual private network (VPN) capabilities. It provides proactive threat defence that stops attacks before they spread through the network.  Steps and techniques to configure the ASA, firstly, configure the DMZ interface. Then, configure the outside interface and inside interface. Ensure the access list allows host to connect. (Bhardwaj, 2015)Bastion Host is a main defence of internet firewall, the intranet resources are shielded from external vulnerabilities and attacks.  The bastion host handles the internet service for the intranet. The server will receive requests from clients to other servers serving as an intermediary. Bastion host is a type of application/proxy firewall. Diagram below shows the placement of bastion host on the network. (Preston Gralla, 1996)The best solution for this network connection is implementing Virtual Private Network using IPsec framework. The two remote devices can connect between each other via configuring virtual network. VPN uses the internet as transport medium to establish communication. The recommended solution is site-to-site VPN which is a form of technology known as IPsec. The advantage of selecting this method to fulfil the requirement is the confidentiality and encryption of this method. The packets are encrypted by scrambling the data to be unreadable to eavesdroppers, while the sender and the receiver able to decrypt the data and communicated between one other. This also provide data integrity and authentication, this allows for validation of the device connected which improves security overall. (Hayale, 2014)The implementation of SSH, IPsec, and TLS/SSL. This networking model ensure data encryption between both parties. SSH is an application layer that is used to create tunnels for applications in port-forwarding mode. SSH cannot be implemented into network gateways such as firewall and routers. SSH uses hashes, symmetric, and asymmetric encryptions to connect and authenticate both parties. Furthermore, IPsec ensures secure packets with UDP or TCP packets. IPsec utilizes different transport mode such as AH (authentication header), ESP (encapsulating security payload) transport mode and tunnel mode with different mode providing varies packet security. IT occupies the network layer of the TCP model. This encryption provides secure IP network layer with the additional support of nested tunnels with extra encryption. Lastly, TLS/SSL is part of the transport layer which supports web browser communication.  This provides verification of server for user on the network. Moreover, TLS/SLL support is efficient for UDP traffic as compare to IPsec. Web-browser and emails are recommended for supporting these applications. (Dahl, 2014)The capabilities of IDS for monitoring and detecting unauthorized access to the network. The function of this is to alert threats or suspicious activity. IDS have the ability to block sent traffic to IP addresses that are suspicious. (Rouse, 2007)13.SSL implementation SSL (Secure Socket Layer) protocol occupies the transport layer, this provides encryption for traffic on the network such as LDAP, POP, IMAP, and HTTP. The encryption method used in this protocol is the encryption and decryption of private and public key to each other. The cryptography uses three different methods which consist of public-private key, symmetric key, and digital signature. These keys are exchanged between the receiver and the sender. Implementation of SSL onto the network will secure HTTP traffic between Kuala Lumpur office and Sri Lanka. The process of implementing SSL is configuring basic setting like domain name and DNS servers. Enabling interfaces for SSL VPN access and creating a connection profile is the next step. Configuring alias and group URL for SSL VPN, then user account is created to log use on the network. (Ali, 2003)