Haga clic para modificar el estilo de subtítulo del patrón © 2012 – Teldat GmbH – All rights reserved „Port Based Security“ – „Drop-In-Mode“ The ideal.

Slides:



Advertisements
Similar presentations
LAN Segmentation Virtual LAN (VLAN).
Advertisements

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Inter- VLAN Routing LAN Switching and Wireless – Chapter 6.
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.
Guide to Network Defense and Countermeasures Second Edition
IUT– Network Security Course 1 Network Security Firewalls.
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 VLANs LAN Switching and Wireless – Chapter 3.
1 Configuring Virtual Private Networks for Remote Clients and Networks.
Policy Based Routing using ACL & Route Map By Group 7 Nischal ( ) Pranali ( )
1 Version 3.0 Module 8 Virtual LANs. 2 Version 3.0.
1 Fall 2005 Layer 3 Switches and VLANs Qutaibah Malluhi CSE Department Qatar University.
Topics 1.Security options and settings 2.Layer 2 vs. Layer 3 connection types 3.Advanced network and routing options 4.Local connections 5.Offline mode.
Internet Protocol Security (IPSec)
Institute of Technology, Sligo Dept of Computing Semester 3, version Semester 3 Chapter 3 VLANs.
1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.
Improving Customer Satisfaction Through Advances in Remote Management Technology Greg Michel Product Manager Quintum Technologies Inc.
Copyright Microsoft Corp Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Network Security 2 Module 6 – Configure Remote Access VPN.
Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.
Networking Components By: Michael J. Hardrick. HUB  A low cost device that sends data from one computer to all others usually operating on Layer 1 of.
Networking Components Christopher Biles LTEC Assignment 3.
Networking Components Mike Yardley LTEC 4550 Assignment 3
Introduction to IT and Communications Technology Justin Champion C208 – 3292 Ethernet Switching CE
Configuring Routing and Remote Access(RRAS) and Wireless Networking
LTEC 4560 Summer 2012 Justin Kappel Networking Components.
Chapter 4: Managing LAN Traffic
Virtual LAN Design Switches also have enabled the creation of Virtual LANs (VLANs). VLANs provide greater opportunities to manage the flow of traffic on.
Common Devices Used In Computer Networks
Virtual Networking. Module Objectives By the end of this module participants will be able to: Understand the use of virtual LANs Create VLAN subinterfaces.
1/7 Introduction to various Mark Wallis Atlas Gentech o3/May/2o1o LAN configurations for.
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
1/28/2010 Network Plus Network Device Review. Physical Layer Devices Repeater –Repeats all signals or bits from one port to the other –Can be used extend.
Repeaters and Hubs Repeaters: simplest type of connectivity devices that regenerate a digital signal Operate in Physical layer Cannot improve or correct.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.
Chapter 8: Virtual LAN (VLAN)
Chapter 2 Network Topology
Threaded Case Study for Phoenix, AZ. School District Sunny Slope & Sunset Elementary present by Todd Thousand, Bill Siepel, and Jeff Moore.
NETWORK COMPONENTS Assignment #3. Hub A hub is used in a wired network to connect Ethernet cables from a number of devices together. The hub allows each.
Hierarchical Network Design – a Review 1 RD-CSY3021.
Networking Components James Rouse LTEC Network Administration March 15, 2014 Assignment 3.
Computer Networks 15-1 Chapter 15. Connecting LANs, Backbone Networks, and Virtual LANs 15.1 Connecting devices 15.2 Backbone networks 15.3 Virtual LANs.
1 CSCD 433 Network Programming Fall 2011 Lecture 5 VLAN's.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 9 Virtual Trunking Protocol.
A machine that acts as the central relay between computers on a network Low cost, low function machine usually operating at Layer 1 Ties together the.
Chapter 3 - VLANs. VLANs Logical grouping of devices or users Configuration done at switch via software Not standardized – proprietary software from vendor.
Security fundamentals Topic 10 Securing the network perimeter.
Mr C Johnston ICT Teacher G055 - Lecture 03 Local and Wide Area Networks.
Switching Topic 2 VLANs.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Switching in an Enterprise Network Introducing Routing and Switching in the.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 4: Planning and Configuring Routing and Switching.
1 VLANs Relates to Lab 6. Short module on basics of VLAN switching.
Network Components Kortney Horton LTEC October 20, 2013 Assignment 3.
TOPIC 1.3 INTRODUCTION TO NETWORKING. Router – A netwok interconnection device & associated software that links two networks. The networks being linked.
#InnovateIT. WEBROLE.0.CONTOSO.CLOUDAPP.NET
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 VLANs LAN Switching and Wireless – Chapter 3.
PART1: NETWORK COMPONENTS AND TRANSMISSION MEDIUM Wired and Wireless network management 1.
Interconnecting Cisco Networking Devices Part 1 Pass4sureusa Pass4sure.
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Network Troubleshooting CT NWT NameTP No. Gan Pei ShanTP Tan Ming FattTP Elamparithi A/L ThuraisamyTP Tan Ken SingTP
Andre’s VLAN Andre’s VLAN Nykoya’s VLAN Nykoya’s VLAN Patrick’s VLAN Patrick’s VLAN.
Security fundamentals
NET 536 Network Security Firewalls and VPN
SECURITY ZONES.
Switch Setup Connectivity to Other locations Via MPLS/LL etc
Virtual Local Area Network
2018 Real CompTIA N Exam Questions Killtest
Routing and Switching Essentials v6.0
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 4: Planning and Configuring Routing and Switching.
Presentation transcript:

Haga clic para modificar el estilo de subtítulo del patrón © 2012 – Teldat GmbH – All rights reserved „Port Based Security“ – „Drop-In-Mode“ The ideal solution for retail chains

© 2012 – Teldat GmbH – All rights reserved Port Based Security  One private IP subnet (= one IP broadcast domain) in each branch  Static IP addresses on the LAN (no DHCP)  Allow POS transactions to HQ  Customer card transactions via IP connected card machines  Mobile phone topup tranactions and lottery transactions  Remote maintance of the POS equipment  Remote maintance of other IP connected equipment in the branch by 3rd parties  The requirments of the „Payment Card Industry Data Security Standard (PCI)” must be met.  To fulfil these requirements, the network topology at the branch office LAN must be changed (IP subnetting / VLANs).  A change to the Network topology in hundreds or thousands of branches is both expensive and logistically prohibitive Situation: in the branch sites

© 2012 – Teldat GmbH – All rights reserved Port Based Security R1202 Switch IP-Subnet / „M2M/ Lottery/ etc“ „Card Terminal“ VPN-Gateway Problem: How can I prevent access between equipment without extensive modification of network topology? VPN „CRM“

© 2012 – Teldat GmbH – All rights reserved Port Based Security The Challange: ●Virtual separation of the network components WITHOUT removing equipment from the common IP subnet ●Although the network components are in a common IP broadcast domain ensure they CAN NOT DIRECTLY communicate with each other... ●......but to allow communication via the router, which can control the access between network components via its existing Layer 3 features (firewall, ACL)

© 2012 – Teldat GmbH – All rights reserved.1 Port Based Security "Drop-In Mode" - also known as "transparent mode" R1202 Switch IP-Subnet / „M2M/ Lottery/ etc“ „Card terminal“ VPN-Gateway „Drop-In-Router“ Solution: Access is via the "drop in" router with firewall / ACL rules „CRM“

© 2012 – Teldat GmbH – All rights reserved Port Based Security ●Physical separation of network components with the help of separate LAN ports on the router (optionally VLAN also possible) ●The IP broadcast domain extends above it to the entire Ethernet network ●Within each physical (virtual) “Zone“ the direct communication with each other continues to be permitted ●The „Drop-In-Router“ can now control all the traffic ●betweeen the „Zones“ („Intra-Domain-Routing“) ●Between the IP-Broadcast-Domain and other Networks the Layer-3 features control and regulate this The solution: "Drop-In Mode" - also known as "transparent mode"

© 2012 – Teldat GmbH – All rights reserved Port Based Security The advantages of the "drop-in mode" Solution  No complex changes to the network topology are required  Requests between the network components can reliably be controlled via the router security features (firewall, ACL)  No VLAN segmentation is required, however optionally VLAN is also possible.  Easy configuration in the branch router in just a few steps ( Go & Protect )  Ethernet port configuration is identical in all stores...  small number of branch-specific parameters...  Therefore little effort... in installation and maintenance  Compared to other solutions only ONE VPN tunnel to the central office required  Less administrative work  More Performance  Better stablity  Central site solution needs only minimul adjustment

© 2012 – Teldat GmbH – All rights reserved „Drop In Mode“ – Transparent Mode

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.