Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security Principles & Practices By Saadat Malik Cisco Press 2003.

Published byOswin Horton Modified over 8 years ago

Similar presentations

Presentation on theme: "Network Security Principles & Practices By Saadat Malik Cisco Press 2003."— Presentation transcript:

1 Network Security Principles & Practices By Saadat Malik Cisco Press 2003

2 Network Security2 – Chapter 2 – Defining Security Zones What are security zones? DMZ Cisco PIX firewalls

3 Network Security3 Network Architecture The topological design of a network is one of the best defenses against network attacks. Using zones to segregate various areas of the network from each other. Different zones of the same network have different security needs. Better scalability

4 Network Security4 Zoning strategies 1.Greater security needs, more secure zones 2.Controlled access to zones 3.Publicly accessed servers are placed in separate zones from private servers. 4.To achieve highest security, each server is placed in a separate zone. Why? 5.The ‘defense in depth principle’ - Firewalls are used to separate the zones.

5 Network Security5 DMZ Different ways of creating demilitarized zones: 1.Using a 3-legged firewall 2.Placing the DMZ outside the firewall ‘Bastion hosts’ are placed in the DMZ. a)In the path between a firewall and the Internet b)Dirty DMZ Rationale ? 3.Placing the DMZ between stacked firewalls

6 Network Security6 Cisco PIX Firewall Multiple interfaces, each with its own security level (lowest 0.. 100 highest) May support multiple security zones, thus allowing multiple DMZs to be set up In general, a computer/device in a lower security zone cannot access computer/device in a higher security zone, unless a ‘hole’ is created. Each security zone should have a unique number.

7 Network Security7 Cisco PIX Firewall Example configuration: –nameif ethernet0 outside security0 –nameif ethernet1 inside security100 –nameif ethernet2 dmz security50

Download ppt "Network Security Principles & Practices By Saadat Malik Cisco Press 2003."

Similar presentations

Computer Security II Lecturer – Lynn Ackler – Office – CSC 222 – Office Hours 9:00 – 10:00 M,W Course – CS 457 – CS 557.

Computer Security II Lecturer – Lynn Ackler – Office – CSC 222 – Office Hours 9:00 – 10:00 M,W Course – CS 457 – CS 557.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University

Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
IT security Are you protected against hackers?. Why are we in danger?  The Internet is worldwide, publicly accessible  More and more companies and institutes.

IT security Are you protected against hackers?. Why are we in danger?  The Internet is worldwide, publicly accessible  More and more companies and institutes.
Security Firewall Firewall design principle. Firewall Characteristics.

Security Firewall Firewall design principle. Firewall Characteristics.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Firewall Configuration Strategies

Firewall Configuration Strategies
Firewall Ercan Sancar & Caner Sahin. Index History of Firewall Why Do You Need A Firewall Working Principle Of Firewalls Can a Firewall Really Protect.

Firewall Ercan Sancar & Caner Sahin. Index History of Firewall Why Do You Need A Firewall Working Principle Of Firewalls Can a Firewall Really Protect.
J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 7 Network Perimeter Security.

J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 7 Network Perimeter Security.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey

Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey
Guide to Computer Network Security

Guide to Computer Network Security
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Cisco PIX 515E Firewall. Overview What a PIX Firewall can do Adaptive Security Algorithm Address Translation Cut-Through Proxy Access Control Network.

Cisco PIX 515E Firewall. Overview What a PIX Firewall can do Adaptive Security Algorithm Address Translation Cut-Through Proxy Access Control Network.
CISCO PIX FIREWALL Configuration for DCSL Tuan Anh Nguyen CSCI 5234 University of Houston Clear Lake Fall Semester, 2005.

CISCO PIX FIREWALL Configuration for DCSL Tuan Anh Nguyen CSCI 5234 University of Houston Clear Lake Fall Semester, 2005.
Chapter 8 PIX Firewall. Adaptive Security Algorithm (ASA)  Used by Cisco PIX Firewall  Keeps track of connections originating from the protected inside.

Chapter 8 PIX Firewall. Adaptive Security Algorithm (ASA)  Used by Cisco PIX Firewall  Keeps track of connections originating from the protected inside.
Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.

Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.

Similar presentations

Ads by Google