Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

Slides:



Advertisements
Similar presentations
SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.
Advertisements

Security+ Guide to Network Security Fundamentals
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.
Factors to be taken into account when designing ICT Security Policies
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Network security policy: best practices
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.
CIS460 – NETWORK ANALYSIS AND DESIGN
Security Guide for Interconnecting Information Technology Systems
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Chapter 2 Information Security Overview The Executive Guide to Information Security manual.
SEC835 Database and Web application security Information Security Architecture.
Intranet, Extranet, Firewall. Intranet and Extranet.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
Concepts of Database Management Sixth Edition
BUSINESS B1 Information Security.
E-Security: 10 Steps to Protect Your School’s Network NEN – the education network.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Chapter 6 of the Executive Guide manual Technology.
P RESENTED B Y - Subhomita Gupta Roll no: 10 T OPICS TO BE DISCUSS ARE : Introduction to Firewalls  History Working of Firewalls Needs Advantages and.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.
Appendix C: Designing an Operations Framework to Manage Security.
Office of Campus Information Security Driving a Security Architecture by Assessing Risk Stefan Wahe Sr. Information Security Analyst.
Note1 (Admi1) Overview of administering security.
Knowing What You Missed Forensic Techniques for Investigating Network Traffic.
Chapter 2 Securing Network Server and User Workstations.
CS460 Final Project Service Provider Scenario David Bergman Dong Jin Richard Bae Scott Greene Suraj Nellikar Wee Hong Yeo Virtual Customer: Mark Scifres.
McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved INFORMATION SECURITY SECTION 4.2.
Module 11: Designing Security for Network Perimeters.
Network Security & Accounting
Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.
Agency Name Security Program FY 2009 John Q. Public Agency Director/CIO/ISO.
Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.
Csci5233 Computer Security & Integrity 1 Overview of Security & Java (based on GS: Ch. 1)
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
©Dr. Respickius Casmir Network Security Best Practices – Session 2 By Dr. Respickius Casmir.
Security Environment Assessment. Outline  Overview  Key Sources and Participants  General Findings  Policy / Procedures  Host Systems  Network Components.
1 I ntegrated S ite S ecurity for G rids © Members of the ISSeG Collaboration, EU-FP6 Project ISS e G Integrated Site Security for.
IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.
IS3220 Information Technology Infrastructure Security
INFORMATION SECURITY AND CONTROL. SECURITY: l Deter l Detect l Minimize l Investigate l Recover.
Juniper Networks Mobile Security Solution Nosipho Masilela COSC 356.
1 I ntegrated S ite S ecurity for G rids © Members of the ISSeG Collaboration, EU-FP6 Project ISS e G Integrated Site Security for.
ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
ASHRAY PATEL Protection Mechanisms. Roadmap Access Control Four access control processes Managing access control Firewalls Scanning and Analysis tools.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
Best Cyber Security Practices for Counties An introduction to cybersecurity framework.
Risk Controls in IA Zachary Rensko COSC 481. Outline Definition Risk Control Strategies Risk Control Categories The Human Firewall Project OCTAVE.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Creating the Network Design Designing and Supporting Computer Networks – Chapter.
Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
OIT Security Operations
Working at a Small-to-Medium Business or ISP – Chapter 8
Managing Secure Network Systems
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
ISMS Information Security Management System
IS4680 Security Auditing for Compliance
Intrusion Detection system
Security week 1 Introductions Class website Syllabus review
Protection Mechanisms in Security Management
Presentation transcript:

Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS

S ECURITY : DESIGN Factors -Affordances (E-Commerce) -Remote-Access Services -Business partners Top-Down Approach -Customer development

S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

Identify network assets Network Hosts OS Applications Data Internetworking Devices Routers Switches Network Data Other Trade Secrets Company Reputation

S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

Analyze security risks E XPERT I NTRUDERS ANDE ND U SERS

S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

Analyze security requirements and tradeoffs Affordability Usability Performance Availability Manageability Tradeoffs Packet Filters/Data Encryption

S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

Develop a security plan Resources (time/people) How will users/managers be involved? Is there a need for specialized Administrators? Will you be training on Security Policies and Procedures?

S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

Define a security policy According to RFC 2196, "Site Security Handbook:" “A security policy is a formal statement of the rules by which people who are given access to an organization's technology and information assets must abide.” Personnel Components Access Accountability Authentication Computer-technology guidelines

S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

Develop procedures for applying security policies There’s been an attack… OMG!!!!! Separate Procedures Users Network Admin Security Admin Training?

S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

Maintain security Reading Logs Responding to incidents Staying current with security standards (hardware/software) Updating the plan and policy

S ECURITY : M ECHANISMS Physical Security Authentication Authorization Accounting/Auditing Data Encryption Packet Filters Firewalls Intrusion Detection Intrusion Prevention

S ECURITY : M ECHANISMS Physical Security Authentication Authorization Accounting/Auditing Data Encryption Packet Filters Firewalls Intrusion Detection Intrusion Prevention Equipment Natural Disasters

S ECURITY : M ECHANISMS Physical Security Authentication Authorization Accounting/Auditing Data Encryption Packet Filters Firewalls Intrusion Detection Intrusion Prevention Something the user knows Something the user has Something the user is

S ECURITY : M ECHANISMS Physical Security Authentication Authorization Accounting/Auditing Data Encryption Packet Filters Firewalls Intrusion Detection Intrusion Prevention Privileges

S ECURITY : M ECHANISMS Physical Security Authentication Authorization Accounting/Auditing Data Encryption Packet Filters Firewalls Intrusion Detection Intrusion Prevention Logging tasks

S ECURITY : M ECHANISMS Physical Security Authentication Authorization Accounting/Auditing Data Encryption Packet Filters Firewalls Intrusion Detection Intrusion Prevention Yeah yeah yeah…

S ECURITY : M ECHANISMS Physical Security Authentication Authorization Accounting/Auditing Data Encryption Packet Filters Firewalls Intrusion Detection Intrusion Prevention Uses Authentication and Authorization methods

S ECURITY : M ECHANISMS Physical Security Authentication Authorization Accounting/Auditing Data Encryption Packet Filters Firewalls Intrusion Detection Intrusion Prevention Enforce Enterprise to Internet

S ECURITY : M ECHANISMS Physical Security Authentication Authorization Accounting/Auditing Data Encryption Packet Filters Firewalls Intrusion Detection Intrusion Prevention (IDS) Notification (IPS) Traffic Blocker

S WEET A CTING

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.