I need some assistance with these assignment. network and communication security protocols Thank you in advance for the help!

I need some assistance with these assignment. network and communication security protocols Thank you in advance for the help! The wide area network connects two or more remote offices that are separated region-wise, country wise and even continent wise. The current WAN of Riordan Manufacturing is based on T1 links that are terminating on an external CSU / DSU. Subscribed bandwidth for Albany is 256 kbps and 256 kbps committed information rate (CIR) for emails. Moreover, bursting is also supported up to 1.5 Mbps o CIR. The plastic fan plant in China is also equipped with T1 that is terminating directly on the router. The custom plastic parts plant located in Pontiac is similar to the Albany site that includes a 256 kbps bandwidth for Internet, and 256 kbps committed information rate (CIR) for emails. The connection is terminating on an external CSU / DSU with a router on the backbone. Headquarter at San Jose is also demonstrating the same WAN architecture that is similar to the site located in China.

There is a requirement of monitoring the network on a continuous basis for possible threats and vulnerabilities. In order to establish a secure and robust WAN architecture, three factors need consideration. The first factor is security. As per the current WAN architecture, there is no adequate security and the network is vulnerable once the firewall is bypassed. Incorporation of an Intrusion detection system (IDS) is compulsory as it will penetrate deep in the network and detect unknown activities related to unauthorized access, viruses and hacking. There are many types of IDS, the recommended IDS is an anomaly-based IDS. An anomaly-based intrusion detection system is based on a data driven methodology that complies with data mining techniques. The functionality of an anomaly-based IDS involves the creation of profiles associated with normal behavior and activities within the network. If any unknown activities initialize that are not similar to the normal profiles, is considered as anomalies or attacks.