Presentation is loading. Please wait.

Presentation is loading. Please wait.

Keimyung University 1 Network Control Hong Taek Ju College of Information and Communication Keimyung University Tel: 053-580-5234

Published byHilda Osborne Modified over 7 years ago

Similar presentations

Presentation on theme: "Keimyung University 1 Network Control Hong Taek Ju College of Information and Communication Keimyung University Tel: 053-580-5234"— Presentation transcript:

1 Keimyung University 1 Network Control Hong Taek Ju College of Information and Communication Keimyung University Tel: 053-580-5234 Email: juht@kmu.ac.kr

2 Keimyung University 2 Table of Contents Introduction Configuration Control Security Control

3 Keimyung University 3 Introduction Network control is concerned with modifying parameters in and causing actions to be taken by the end systems, intermediate systems, and subnetworks that make up the network to be managed All five functional areas of NM involve monitoring and control but configuration and security are more concerned with control Issues in network control –what to control? define what is to be controlled –how to control? how to cause actions to be performed

4 Keimyung University 4 Configuration Management 1.Define Configuration Information 2.Configuration Monitoring –Examine values and relationships –Report on configuration status 3. Configuration Control may be required as a result of monitoring or event reports –Initialize and terminate network operations –Set and modify attribute values –Define and modify relationships

5 Keimyung University 5 Define Configuration Information Includes the nature and status of managed resources –specification and attributes of resources Network Resources –physical resources end systems, routers, bridges, switches, modems, etc. –logical resources TCP connections, timers, counters, virtual circuits, etc. Attributes –name, address, ID number, states, operational characteristics, # of connections, etc. Control function should be able to –define new classes and attributes (mostly done off-line) –define the type and range of attribute values

6 Keimyung University 6 Set and Modify Attribute Values when requesting agents to perform set and modify –the manager must be authorized –some attributes cannot be modified (e.g., # of physical ports) Modification categories –MIB update only does not require the agent to perform any other action e.g., update of static configuration information –MIB update plus resource modification requires the agent to modify the resource itself e.g., changing the state of a physical port to “disabled” –MIB update plus action perform actions as a side effect of set operation SNMP takes this approach

7 Keimyung University 7 Define and Modify Relationships a relationship describes an association, connection, or condition that exists between network resources –topology –hierarchy –containment –physical or logical connections –management domain Configuration control should allow on-line modification of resources without taking all or part of network down

8 Keimyung University 8 Security Management What should be secured in networks? –information security –computer security –network security Security Requirements –Secrecy making information accessible to only authorized users includes the hiding of the existence of information –Integrity making information modifiable to only authorized users –Availability making resources available to only authorized users

9 Keimyung University 9 Security Threats Interruption –destroyed or becomes unavailable or unusable –threat to “availability” Interception –an unauthorized party gains access –threat to “secrecy” Modification –an unauthorized party makes modification –threat to “integrity” Fabrication –an unauthorized party inserts false information Masquerade –an entity pretends to be a different entity

10 Keimyung University 10 Types of Security Threats Information source information destination (a) Normal flow (b) Interruption (c) Interception (d) Modification (e) Fabrication

11 Keimyung University 11 Security Threats and Network Assets.... Data Communication Lines hardware Software Masquerade Modification Interception (capture, analysis) Interruption (loss) Masquerade Modification Interception (capture, analysis) Interruption (loss) Modification Interception Interruption (deletion) Interruption (theft, denial of service)

12 Keimyung University 12 Security Management Functions Maintain Security Information –event logging, monitoring usage of security-related resources –receiving notification and reporting security violations –maintaining and examining security logs –maintaining backup copies of security-related files Control Resource Access Service –use access control (authentication and authorization) security codes (e.g., passwords) routing tables, accounting tables, etc. Control the Encryption Process –must be able to encrypt messages between managers & agents –specify encryption algorithms

13 Keimyung University 13 Summary Network control is concerned with setting and changing parameters of various parts of network resources as consequences of network monitoring and analysis Configuration control and security control are two essential aspects of network control READ Chapter 3 of Textbook

Download ppt "Keimyung University 1 Network Control Hong Taek Ju College of Information and Communication Keimyung University Tel: 053-580-5234"

Similar presentations

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
30/04/2015Tim S Roberts 20081 COIT13152 Operating Systems T1, 2008 Tim S Roberts.

30/04/2015Tim S Roberts COIT13152 Operating Systems T1, 2008 Tim S Roberts.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Cryptography and Network Security Chapter 1

Cryptography and Network Security Chapter 1
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Fundamentals of Computer Security Geetika Sharma Fall 2008.

Fundamentals of Computer Security Geetika Sharma Fall 2008.
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
Informationsteknologi Thursday, October 11, 2007Computer Systems/Operating Systems - Class 161 Today’s class Security.

Informationsteknologi Thursday, October 11, 2007Computer Systems/Operating Systems - Class 161 Today’s class Security.
6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.

6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.
CSA 223 network and web security Chapter one

CSA 223 network and web security Chapter one
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.

Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.
Evidor: The Evidence Collector Software using for: Software for lawyers, law firms, corporate law and IT security departments, licensed investigators,

Evidor: The Evidence Collector Software using for: Software for lawyers, law firms, corporate law and IT security departments, licensed investigators,
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
CPE 5002 Network security. Look at the surroundings before you leap.

CPE 5002 Network security. Look at the surroundings before you leap.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
SNMP and CMIP By, Vishwajit Singh Srigiri Laxman Srinivas ISQS 6341, Spring 2000.

SNMP and CMIP By, Vishwajit Singh Srigiri Laxman Srinivas ISQS 6341, Spring 2000.
SNMP Simple Network Management Protocol

SNMP Simple Network Management Protocol

Similar presentations

Ads by Google