CONNECTING TO THE INTERNET

Slides:



Advertisements
Similar presentations
FIREWALLS Chapter 11.
Advertisements

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Firewall Configuration Strategies
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.
Firewall Slides by John Rouda
4 Network Hardware & Software Network Operating systems: software controlling traffic on the network 2 types of s.ware: server software &client software.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
Chapter 9: Novell NetWare
1 Web Server Administration Chapter 1 The Basics of Server and Web Server Administration.
Chapter 13 – Network Security
1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.
1 Overview of Microsoft ISA Server Introducing ISA Server Protects resourcesProtects resources Connects directly to the Internet and your private.
VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.
CHAPTER 3 PLANNING INTERNET CONNECTIVITY. D ETERMINING INTERNET CONNECTIVITY REQUIREMENTS Factors to be considered in internet access strategy: Sufficient.
1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.
McLean HIGHER COMPUTER NETWORKING Lesson 14 Firewalls & Filtering Comparison of Internet content filtering methods: firewalls, Internet filtering.
NETWORKING FUNDAMENTALS. Network+ Guide to Networks, 4e2.
ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.
Module 10: Windows Firewall and Caching Fundamentals.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
FIREWALLS By k.shivakumar 08k81f0025. CONTENTS Introduction. What is firewall? Hardware vs. software firewalls. Working of a software firewalls. Firewall.
25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.
Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos
Defining Network Infrastructure and Network Security Lesson 8.
Planning the Addressing Structure
Internet Service Providers and types of internet connections
Chapter 1: Explore the Network
MTA Network Fundamental Cram Sesion
Web Server Administration
Chapter 7. Identifying Assets and Activities to Be Protected
CompTIA Security+ Study Guide (SY0-401)
Barracuda Link Balancer
Module 3: Enabling Access to Internet Resources
Understand Wide Area Networks (WANs)
Enabling Secure Internet Access with TMG
(A CORPORATE NETWORK APPROACH)
Firewall.
Internet and Intranet.
Network Address Translation
Planning and Troubleshooting Routing and Switching
Computer Data Security & Privacy
Communications and Networks Chapter 9 McGraw-Hill/Irwin
Introduction to Networking
Introducing To Networking
Security in Networking
CompTIA Security+ Study Guide (SY0-401)
Computer Technology Notes #4
Internet and Intranet.
Chapter 7 Connecting to the Internet
Digital Pacman: Firewall Edition
* Essential Network Security Book Slides.
Firewalls Purpose of a Firewall Characteristic of a firewall
IS4680 Security Auditing for Compliance
Firewalls Routers, Switches, Hubs VPNs
Firewalls Jiang Long Spring 2002.
Internet and Intranet.
Planning the Addressing Structure
Planning the Addressing Structure
Networking at Home and Abroad
AbbottLink™ - IP Address Overview
Introduction to Network Security
Cengage Learning: Computer Networking from LANs to WANs
Instructor Materials Chapter 8: Applied Networking
Internet and Intranet.
Presentation transcript:

CONNECTING TO THE INTERNET Chapter 5 CONNECTING TO THE INTERNET

Chapter 5: CONNECTING TO THE INTERNET CHAPTER INTRODUCTION List the types of routers used for Internet connections. Describe the various WAN technologies used for Internet connections. Understand the criteria used to select an ISP for a network Internet connection. List the criteria for determining how much Internet bandwidth a network needs. Determine the Internet access security requirements for a network.

UNDERSTANDING INTERNET CONNECTIVITY ARCHITECTURE Chapter 5: CONNECTING TO THE INTERNET UNDERSTANDING INTERNET CONNECTIVITY ARCHITECTURE

INTERNET ACCESS ROUTERS Chapter 5: CONNECTING TO THE INTERNET INTERNET ACCESS ROUTERS Software Windows Server 2003 Any Microsoft operating system that supports ICS Any operating system that provides firewall capabilities Hardware Dedicated devices

INTERNET CONNECTION TYPES Chapter 5: CONNECTING TO THE INTERNET INTERNET CONNECTION TYPES Dial-up modem ISDN CATV and DSL Leased lines Frame relay

DIAL-UP MODEM CONNECTIONS Chapter 5: CONNECTING TO THE INTERNET DIAL-UP MODEM CONNECTIONS Maximum speed of 53 Kbps downstream, 33.6 Kbps upstream Widely available Requires standard phone line and modem Inexpensive to implement and run

Chapter 5: CONNECTING TO THE INTERNET ISDN Dial-up technology Requires specialized phone line and hardware Available in two versions BRI 128 Kbps PRI 1.544 Mbps

Chapter 5: CONNECTING TO THE INTERNET CATV AND DSL CATV Available from cable TV providers. Bandwidth varies depending on location and other users. DSL Uses standard phone lines. Consistent bandwidth.

Chapter 5: CONNECTING TO THE INTERNET LEASED LINES Always-on, high-speed digital connection Requires special hardware, installation, and maintenance Normally available in two variants T-1 (also known as DS-1) 1.544 Mbps T-3 (also known as DS-3) 44.736 Mbps

Chapter 5: CONNECTING TO THE INTERNET FRAME RELAY Still requires modem, leased line, or ISDN connection to ISP. Allows you to more effectively manage ISP costs if they are charged on a usage basis. Not all ISPs provide support for frame relay connections.

INTERNET SERVICE PROVIDERS Chapter 5: CONNECTING TO THE INTERNET INTERNET SERVICE PROVIDERS Provide Internet access to business and residential customers Provide related services such as web hosting, e-mail, and DNS server services Organized into tiers depending on their proximity to the Internet backbone

UNDERSTANDING ISP SERVICES Chapter 5: CONNECTING TO THE INTERNET UNDERSTANDING ISP SERVICES Multiple WAN support IP addresses DNS servers E-mail services Web hosting Internet domain hosting

DETERMINING INTERNET CONNECTIVITY REQUIREMENTS Chapter 5: CONNECTING TO THE INTERNET DETERMINING INTERNET CONNECTIVITY REQUIREMENTS How much bandwidth? How many users? What applications do the users need? When is Internet bandwidth needed? Where are the users located?

Chapter 5: CONNECTING TO THE INTERNET HOW MUCH BANDWIDTH? How many users will require Internet access at one time? What applications will the users need? When will the users need access to the Internet? Where will the users be located? How much incoming bandwidth will Internet servers require?

Chapter 5: CONNECTING TO THE INTERNET HOW MANY USERS? Not necessarily equivalent to the number of employees. More accurate measure is how many computers, particularly in environments where computer systems may be shared. Consider work habits such as employees working on a shift system. Consider the type of Internet access required by different users.

WHAT APPLICATIONS DO THE USERS NEED? Chapter 5: CONNECTING TO THE INTERNET WHAT APPLICATIONS DO THE USERS NEED? Some applications are more connection-intensive than others. Consider implementing restrictions to limit the use of unauthorized or unnecessary applications.

WHEN IS INTERNET BANDWIDTH NEEDED? Chapter 5: CONNECTING TO THE INTERNET WHEN IS INTERNET BANDWIDTH NEEDED? Daily schedule Business model Annual schedule

WHERE ARE THE USERS LOCATED? Chapter 5: CONNECTING TO THE INTERNET WHERE ARE THE USERS LOCATED? Influences placement of Internet connectivity solutions Can have an effect on IP addressing schemes Can have an effect on features such as NAT

SECURING AND REGULATING INTERNET ACCESS Chapter 5: CONNECTING TO THE INTERNET SECURING AND REGULATING INTERNET ACCESS Most companies monitor Internet access by employees. Some companies regulate what employees can access on the Internet. Threats include viruses, information theft, and loss of productivity.

DETERMINING INTERNET SECURITY REQUIREMENTS Chapter 5: CONNECTING TO THE INTERNET DETERMINING INTERNET SECURITY REQUIREMENTS Limiting applications Limiting users Regulating Internet access

LIMITING APPLICATIONS Chapter 5: CONNECTING TO THE INTERNET LIMITING APPLICATIONS Using unregistered IP addresses through a firewall protects systems on the internal network from being contacted by systems on the Internet. Port filtering can be used to prevent users from accessing applications from servers based on the TCP/IP port number. Packet filters allow you to control what applications are accessible through the firewall or proxy server.

Chapter 5: CONNECTING TO THE INTERNET LIMITING USERS Two commonly implemented methods of limiting Internet access by users: Packet filtering Authentication

REGULATING INTERNET ACCESS Chapter 5: CONNECTING TO THE INTERNET REGULATING INTERNET ACCESS By using a software application like a proxy server, you can Monitor what users are accessing on the Internet. Identify excessive Internet use. Block sites based on content.

USING NETWORK ADDRESS TRANSLATION Chapter 5: CONNECTING TO THE INTERNET USING NETWORK ADDRESS TRANSLATION Static NAT Provides one-to-one translation between unregistered and registered IP addresses Dynamic NAT Provides many-to-many translation between unregistered and registered IP addresses Masquerading NAT Provides many-to-one translation between unregistered and registered IP addresses

Chapter 5: CONNECTING TO THE INTERNET NAT SECURITY Relies on basic methods and procedures to provide security Is not a substitute for a full-featured firewall Does not provide the capability to block based on traffic type Does not protect against denial of service (DoS) attacks

STATEFUL PACKET INSPECTION Chapter 5: CONNECTING TO THE INTERNET STATEFUL PACKET INSPECTION Inspects the contents of each packet as it travels between interfaces running the stateful inspection software Allows common threats to be identified and filtered Provides ancillary services such as detailed logging

Chapter 5: CONNECTING TO THE INTERNET PORT FORWARDING Allows an internally hosted system to be accessed through NAT by an external system Disguises the IP address of the internal system, which provides added security Used to take advantage of features like load balancing and redirection

Chapter 5: CONNECTING TO THE INTERNET USING A PROXY SERVER Acts as an intermediary between client computers on a private network and servers on the Internet Forwards all requests with the IP address of the proxy server external interface Works only with specific client applications Allows Internet access to be controlled and monitored

USING MICROSOFT INTERNET SECURITY AND ACCELERATION SERVER 2000 Chapter 5: CONNECTING TO THE INTERNET USING MICROSOFT INTERNET SECURITY AND ACCELERATION SERVER 2000 Microsoft’s integrated proxy and firewall solution Provides policy-based security Requires users to authenticate before granting Internet access Caches information retrieved from the Internet to improve performance

SELECTING AN INTERNET ACCESS METHOD Chapter 5: CONNECTING TO THE INTERNET SELECTING AN INTERNET ACCESS METHOD NAT Low security, low level of control Proxy High security, high level of control

Chapter 5: CONNECTING TO THE INTERNET CHAPTER SUMMARY Internet access routers can range from workstation computers to servers to dedicated hardware devices. WAN technologies used to establish Internet connectivity include dial-up modems, ISDN, CATV, DSL, leased lines, and frame relay. ISPs can provide a variety of services to business clients in addition to providing simple Internet access. The Internet bandwidth needed by a network is based on the number of users and the types of applications they run.

CHAPTER SUMMARY (continued) Chapter 5: CONNECTING TO THE INTERNET CHAPTER SUMMARY (continued) An Internet connection is a gateway that can work in both directions, enabling Internet users to access your private network as well as allowing your users Internet access. Most NAT implementations today use masquerading, a technique that maps unregistered IP addresses to a single registered IP address combined with a port number. Proxy server products have evolved to now include an array of firewall and access-control features that provide comprehensive Internet security for a private network.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.