Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Published byBernadette Matthews Modified over 9 years ago

Similar presentations

Presentation on theme: "Information Security 1 Information Security: Security Tools Jeffy Mwakalinga."— Presentation transcript:

1 Information Security 1 Information Security: Security Tools Jeffy Mwakalinga

2 Information Security 2 Information security is defined as methods and technologies as methods and technologies for deterrence (scaring away hackers), protection, detection, response, recovery and extended functionalities Introduction

3 Information Security 3 Generic Security Principles Deterrence (Scare away) Deterrence (Scare away) Recovery Response Detection Protection Generic Security System Information while in storage Information while in transmission Hardware Hacker

4 Information Security 4 Security Tools m Introduction m Security Services m Overview of Existing Security Tools

5 Information Security 5 Security Services : Confidentiality To keep a message secret to those that are not authorized to read it Confidentiality Authentication Access Control Integrity Availability Availability Non-repudiation

6 Information Security 6 Security Services: Authentication Confidentiality Authentication Access Control Integrity Availability Non-repudiation To verify the identity of the user / computer

7 Information Security 7 Security Services: Access Control Confidentiality Authentication Access Control Integrity Availability Non-repudiation To be able to tell who can do what with which resource

8 Information Security 8 Security Services: Integrity Confidentiality Authentication Access Control Integrity Availability Non-repudiation To make sure that a message has not been changed while on Transfer, storage, etc

9 Information Security 9 Security Services: Non-repudiation Confidentiality Authentication Access Control Integrity Availability Non-repudiation To make sure that a user/server can’t deny later having participated in a transaction

10 Information Security 10 Security Services: Availability Confidentiality Authentication Access Control Integrity Availability Non-repudiation To make sure that the services are always available to users.

11 Information Security 11 Security Overview m Introduction m Security Services m Overview of Existing Security Systems

12 Information Security 12 Overview of Existing Security Systems : Firewalls Used even for Deterring (Scaring attackers) Firewalls  Designed to prevent malicious packets from entering Software based  Runs as a local program to protect one computer ( personal firewall ) or as a program on a separate computer ( network firewall ) to protect the network Hardware based  separate devices that protect the entire network (network firewalls)

13 Information Security 13 Overview of Existing Security Systems : Detection - Intrusion Detection Systems Intrusion Detection System (IDS)  Examines the activity on a network Goal is to detect intrusions and take action Two types of IDS: Host-based IDS  Installed on a server or other computers (sometimes all) Monitors traffic to and from that particular computer Network-based IDS  Located behind the firewall and monitors all network traffic

14 Information Security 14 Overview of Existing Security Systems : Network Address Translation (NAT) Network Address Translation (NAT) Systems  Hides the IP address of network devices Located just behind the firewall. NAT device uses an alias IP address in place of the sending machine’s real one “You cannot attack what you can’t see”

15 Information Security 15 Overview of Existing Security Systems :Proxy Servers Overview of Existing Security Systems : Proxy Servers Proxy Server  Operates similar to NAT, but also examines packets to look for malicious content Replaces the protected computer’s IP address with the proxy server’s address Protected computers never have a direct connection outside the networkThe proxy server intercepts requests. Acts “on behalf of” the requesting client

16 Information Security 16 Adding a Special Network called Demilitarized Zone (DMZ) Demilitarized Zones (DMZ)  Another network that sits outside the secure network perimeter. Outside users can access the DMZ, but not the secure network Some DMZs use two firewalls. This prevents outside users from even accessing the internal firewall  Provides an additional layer of security

17 Information Security 17 Overview of Existing Security Systems : Virtual Private Networks (VPN) m Virtual Private Networks (VPNs)  A secure network connection over a public network Allows mobile users to securely access information Allows mobile users to securely access information Sets up a unique connection called a tunnel Sets up a unique connection called a tunnel

18 Information Security 18 Overview of Existing Security Systems :Virtual Private Networks (VPN) Overview of Existing Security Systems : Virtual Private Networks (VPN)

19 Information Security 19 Overview of Existing Security Systems : Honeypots Honeypots  Computer located in a DMZ and loaded with files and software that appear to be authentic, but are actually imitations Intentionally configured with security holes Goals: Direct attacker’s attention away from real targets; Examine the techniques used by hackers

20 Information Security 20 Overview of Existing Security Systems : Secure Socket Layer (SSL) SSL is used for securing communication between clients and servers. It provides mainly confidentiality, integrity and authentication WWW Server Client Establish SSL connection - communication protected

21 Information Security 21 Protecting one Computer Summary (continued) m Operating system hardening is the process of making a PC operating system more secure Patch management Patch management Antivirus software – to protect your pc from viruses Antivirus software – to protect your pc from viruses Antispyware software Antispyware software Firewalls – to deter (scare), protect Firewalls – to deter (scare), protect Setting correct permissions for shares Setting correct permissions for shares Intrusion detection Systems – to detect intrusions Intrusion detection Systems – to detect intrusions Cryptographic systems Cryptographic systems

22 Information Security 22 Protecting a Wireless Local Area Network (WLAN)

23 Information Security 23 Security in a Wireless LAN m WLANs include a different set of security issues m Steps to secure: Turn off broadcast information Turn off broadcast information MAC address filtering MAC address filtering Encryption Encryption Password protect the access point Password protect the access point Physically secure the access point Physically secure the access point Use enhanced WLAN security standards whenever possible Use enhanced WLAN security standards whenever possible Use cryptographic systems Use cryptographic systems

24 Information Security 24 Summary m Introduction m Security Services m Overview of Existing Security Tools

25 Information Security 25 ? Questions

Download ppt "Information Security 1 Information Security: Security Tools Jeffy Mwakalinga."

Similar presentations

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.

Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Security+ Guide to Network Security Fundamentals, Third Edition

Security+ Guide to Network Security Fundamentals, Third Edition
Firewall Configuration Strategies

Firewall Configuration Strategies
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Introduction to Firewall Technologies. Objectives Upon completion of this course, you will be able to: Understand basic concepts of network security Master.

Introduction to Firewall Technologies. Objectives Upon completion of this course, you will be able to: Understand basic concepts of network security Master.
Security Awareness Chapter 5 Wireless Network Security.

Security Awareness Chapter 5 Wireless Network Security.
Chapter 12 Network Security.

Chapter 12 Network Security.
N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.

N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Organizational Security 1 IT Security From an Organizational Perspective Ulrika Norman Jeffy Mwakalinga Reference: 1) Enterprise Security. Robert C. Newman.

Organizational Security 1 IT Security From an Organizational Perspective Ulrika Norman Jeffy Mwakalinga Reference: 1) Enterprise Security. Robert C. Newman.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Similar presentations

Ads by Google