Presentation is loading. Please wait.

Presentation is loading. Please wait.

Understand Network Isolation Part 2 LESSON 3.3_B 98-367 Security Fundamentals.

Published byArline Taylor Modified over 8 years ago

Similar presentations

Presentation on theme: "Understand Network Isolation Part 2 LESSON 3.3_B 98-367 Security Fundamentals."— Presentation transcript:

1 Understand Network Isolation Part 2 LESSON 3.3_B 98-367 Security Fundamentals

2 LESSON 3.3_B Lesson Overview In this lesson, you will learn about:  VPN  Perimeter network  Honeypot  Server and domain isolation

3 98-367 Security Fundamentals LESSON 3.3_B Anticipatory Set Many risks are associated with VPNs because workstations connect to the network and measures need to be addressed to ensure that the risk is eliminated. 1. What are these risks? 2. How can you control access?

4 98-367 Security Fundamentals LESSON 3.3_B VPN and Perimeter Network  In a common configuration the firewall is connected to the Internet and the VPN server is another intranet resource connected to a perimeter network. o The perimeter network is an IP network segment that typically contains resources available to Internet users such as Web servers and FTP servers. o The VPN server has an interface on the perimeter network and an interface on the intranet.  The firewall must be configured with input and output filters on its Internet interface to allow the passing of tunnel maintenance traffic and tunneled data to the VPN server.  Additional filters can allow the passing of traffic to Web servers, FTP servers, and other types of servers on the perimeter network.

5 98-367 Security Fundamentals LESSON 3.3_B VPN and Perimeter Network (continued)

6 98-367 Security Fundamentals LESSON 3.3_B VPN  A virtual private network.  The extension of a private network that encompasses links across shared or public networks like the Internet.  Enables you to send data between two computers across a shared or public internetwork in a manner that emulates the properties of a point- to-point private link.  Configuring and creating a virtual private network is known as virtual private networking.

7 98-367 Security Fundamentals LESSON 3.3_B VPN (continued)

8 98-367 Security Fundamentals LESSON 3.3_B Basic VPN Scenario  Used to facilitate controlled access to organization resources and information.  Must allow roaming or remote clients to connect to LAN resources.  Must allow remote offices to connect to each other to share resources and information (router-to-router connections).  Must ensure the privacy and integrity of data.  Helps reduce the risk of network-borne security threats.  Therefore, a VPN solution should provide at least all of the following:  User Authentication  Address Management  Data Encryption  Key Management

9 98-367 Security Fundamentals LESSON 3.3_B Basic VPN Elements Honeypots  Performs a function very similar to that of a “honeypot” in the outside world: a sweet lure.  Used to attract the attention of prospective attackers, to learn how they are attempting to infiltrate the system and what they would likely do once they gain access.  There are literally thousands of honeypot networks and systems available from security professionals and hobbyists. o Can provide a wealth of information in assessing trends in network intrusion.

10 98-367 Security Fundamentals LESSON 3.3_B Basic VPN Elements (continued) Server and Domain Isolation  A solution based on Microsoft ® Windows ® Internet Protocol security (IPsec) and the Active Directory ® Domain Services enables administrators to dynamically segment their Windows environment into more secure and isolated logical networks based on policy and without costly changes to their network infrastructure or applications.  Benefits: o Creates an additional layer of protection. o Helps better protect against costly network attacks. o Helps prevent unauthorized access to trusted networked resources. o Achieves regulatory compliance. o Reduces operational costs.

11 98-367 Security Fundamentals LESSON 3.3_B Server and Domain Isolation

12 98-367 Security Fundamentals LESSON 3.3_B Lesson Review A few useful tools for Intrusion Detection and Integrity Analysis are:  Tripwire: (sourceforge.net/projects/tripwire/) For monitoring data integrity. It takes a snapshot of a system binaries (or other directory), creates a checksum, checks system integrity, and reports any deviation.  The Coroner's Toolkit: (www.porcupine.org/forensics/tct.html) A suite of utilities for checking running process and file/filesystem information, recent changes, and other such information.  Snort: (www.snort.org) A great tool for traffic analysis and intrusion detection. There is a great FAQ on the website.  Chkrootkit: (freshmeat.net) A utility for identifying rootkits installed on the system.

Download ppt "Understand Network Isolation Part 2 LESSON 3.3_B 98-367 Security Fundamentals."

Similar presentations

1.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Module 5: Configuring Access to Internal Resources.

Module 5: Configuring Access to Internal Resources.
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
1 Configuring Virtual Private Networks for Remote Clients and Networks.

1 Configuring Virtual Private Networks for Remote Clients and Networks.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Goal of The Paper  What exactly is a VPN?  Why do you need a VPN?  what are some of the technologies used in deploying a VPN?  How does a VPN work?

Goal of The Paper  What exactly is a VPN?  Why do you need a VPN?  what are some of the technologies used in deploying a VPN?  How does a VPN work?
Windows 2000 Remote Access. Remote Access Overview With Windows 2000 remote access, remote access clients connect to remote access servers and are transparently.

Windows 2000 Remote Access. Remote Access Overview With Windows 2000 remote access, remote access clients connect to remote access servers and are transparently.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Internet Protocol Security (IPSec)

Internet Protocol Security (IPSec)
Virtual Private Networks Shamod Lacoul CS265 What is a Virtual Private Network (VPN)? A Virtual Private Network is an extension of a private network.

Virtual Private Networks Shamod Lacoul CS265 What is a Virtual Private Network (VPN)? A Virtual Private Network is an extension of a private network.
Virtual Private Network (VPN) © N. Ganesan, Ph.D..

Virtual Private Network (VPN) © N. Ganesan, Ph.D..
Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.

Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.
1 © J. Liebeherr, All rights reserved Virtual Private Networks.

1 © J. Liebeherr, All rights reserved Virtual Private Networks.
Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.

Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.

Similar presentations

Ads by Google