Presentation is loading. Please wait.

Presentation is loading. Please wait.

Guide to Operating System Security Chapter 7 Physical and Network Topology Security.

Similar presentations


Presentation on theme: "Guide to Operating System Security Chapter 7 Physical and Network Topology Security."— Presentation transcript:

1 Guide to Operating System Security Chapter 7 Physical and Network Topology Security

2 2 Guide to Operating System Security Objectives Explain physical security methods for workstations, servers, and network devices Implement a network topology for security Explain network communications media in relation to security Use structured network design for security

3 3 Guide to Operating System Security Physical Security Limiting physical access Location of equipment Construction quality Devices to protect  Workstations  Servers  Network devices and communications media

4 4 Guide to Operating System Security Workstation Security Password protect user accounts Configure screen saver with a password Log off or turn off computers when not in use Lock office doors Keep ventilation holes unobstructed Keep liquids away from computer

5 5 Guide to Operating System Security Workstation Security

6 6 Guide to Operating System Security Server Security (Continued) Centralized versus decentralized considerations Environmentally controlled computer room Strong access controls Cipher locks on locked doors Power regulation devices

7 7 Guide to Operating System Security Server Security (Continued) Motion sensors Camera-monitored entrances and equipment Fire detection and suppression equipment Screen savers for servers

8 8 Guide to Operating System Security Configuring Screen Savers Windows Server  Use screen saver options with passwords for servers Red Hat Linux 9.x  Lock a screen using screen saver NetWare  SCRSAVER command at the console  SECURE CONSOLE command

9 9 Guide to Operating System Security Configuring a NetWare Screen Saver (Continued)

10 10 Guide to Operating System Security Configuring a NetWare Screen Saver

11 11 Guide to Operating System Security Network Devices Access servers Bridges Chassis hubs Firewalls Hubs Multiplexers Repeaters Routers Switches Transceivers UPS

12 12 Guide to Operating System Security Securing Network Devices Place central wiring and network devices in wiring closets that follow EIA/TIA-569 standards  Telecommunications room  Main cross-connect  Intermediate cross-connect Locate wiring closets away from sources of EMI and RFI

13 13 Guide to Operating System Security Designing a Network Topology for Security Main network topologies  Bus  Ring  Star  Bus-star

14 14 Guide to Operating System Security Bus Topology Cable runs from one computer to the next, like a chain Terminators connect to each bus cable segment Disadvantages  Easily compromised by removing a terminator  Easy for unauthorized person to tap into cable segment

15 15 Guide to Operating System Security Bus Topology

16 16 Guide to Operating System Security Ring Topology Continuous path for data; no logical beginning or ending point; no terminators Easier to manage, more reliable, and more secure than the bus More expensive than the bus

17 17 Guide to Operating System Security Ring Topology

18 18 Guide to Operating System Security Star Topology Multiple stations attached to central hub or switch Allows you to emphasize security, efficiency, and reliability

19 19 Guide to Operating System Security Star Topology

20 20 Guide to Operating System Security Star Topology Advantages  Wide variety of equipment available  Unauthorized taps are difficult  Easier to manage than the bus  Expansion options Disadvantages  Hub or switch is single point of failure  Requires more cable than bus

21 21 Guide to Operating System Security Logical Bus Networks in a Physical Star Layout Most common topology Advantages  No exposed terminators to pose security risk  Expansion capabilities

22 22 Guide to Operating System Security Communications Media and Network Security Coaxial cable Twisted-pair cable Fiber-optic cable Wireless technologies

23 23 Guide to Operating System Security Coaxial Cable Copper wire construction Thick and thin varieties Suitability  Older LANs  LANs with strong sources of signal interference

24 24 Guide to Operating System Security Thick Coaxial Cable

25 25 Guide to Operating System Security Thin Coaxial Cable (Thinnet)

26 26 Guide to Operating System Security Twisted-Pair Cable Copper wire construction Shielded twisted-pair (STP) and unshielded twisted-pair (UTP) Most commonly used cabling

27 27 Guide to Operating System Security Twisted-Pair Cable

28 28 Guide to Operating System Security Fiber-Optic Cable Glass (usually) or plastic cable Single mode and multimode Suitability  High-speed LAN and WAN access  To connect networks between different locations  In situations with significant electrical interference  Where security is a concern

29 29 Guide to Operating System Security Fiber-Optic Cable

30 30 Guide to Operating System Security Wireless Technologies Radio, infrared, or microwave Suitability  Difficult or too expensive to use cable  When flexibility to move network hosts and devices is required

31 31 Guide to Operating System Security Comparing Cable Types

32 32 Guide to Operating System Security Using Structured Design Follow accepted guidelines for cable installation Deploy structured wiring design Implement structured network design

33 33 Guide to Operating System Security Guidelines for Cable Installation (Continued) Meet or exceed maximum bandwidth requirements Category 5 or better UTP cable Multimode fiber-optic riser cable between floors IEEE specifications Single-mode fiber-optic cable for long runs

34 34 Guide to Operating System Security Guidelines for Cable Installation (Continued) Wireless options where needed Star-based cable plants High-quality cable Building codes (eg, plenum cable) Do not exceed tension limits of twisted-pair cable

35 35 Guide to Operating System Security Guidelines for Cable Installation (Continued) Follow rules for cable bend radius Extra cable at endpoints Qualified contractor Label all cable Ground cable plants (EIA/TIA-607 standard)

36 36 Guide to Operating System Security Structured Wiring Requirements Flexible cabling Wiring stations into a physical star Adherence to EIA/TIA-568-A/EIA-TIA-568-B standards for horizontal wiring Centralizing cable plant in chassis hubs or switches continued …

37 37 Guide to Operating System Security Structured Wiring Requirements Intelligence built into chassis hubs and switches to detect problems at stations Ability to isolate hosts and servers on their own cable segments Ability to provide high-speed links to hosts and servers and other network devices

38 38 Guide to Operating System Security Structured Wiring Design

39 39 Guide to Operating System Security Structured Network Design Solid horizontal and vertical wiring design enables:  Centralizing a network at strategic points  Customization for security and efficiency  Linking together by a fast backbone

40 40 Guide to Operating System Security Figure 7-10 Structured network for centralized management Structured Network for Centralized Management

41 41 Guide to Operating System Security Vertical Wiring Principles Extended star topology between devices High-speed cable  to reduce congestion  not susceptible to EMI and RFI EIA/TIA-568-A/EIA-TIA-568-B standards for vertical or backbone cabling Riser-rated cable for cable runs through cable ports or vertical shafts Fire-stop material to cover cable between floors

42 42 Guide to Operating System Security Centralized Management Central points are established for critical network functions Simple Network Management Protocol (SNMP)  Community name Network management station (NMS) Network agents

43 43 Guide to Operating System Security Using Virtual LANs Can be used as a central management tool Potential problems  Improper configuration exposes network to security risks  Trunks are vulnerable to attacks

44 44 Guide to Operating System Security Using Network Redundancy for Security Vital network areas remain running even if equipment fails or an attack occurs

45 45 Guide to Operating System Security Figure 7-11 Designing for redundancy Designing for Redundancy

46 46 Guide to Operating System Security Figure 7-12 Building multiple redundant pathways Building Multiple Redundant Pathways

47 47 Guide to Operating System Security Summary How to physically secure workstations and servers How network topologies can be used to enhance security Which network media offer the best security How to combine network topology and media in a structured wiring and networking design for efficiency and security


Download ppt "Guide to Operating System Security Chapter 7 Physical and Network Topology Security."

Similar presentations


Ads by Google