UNITS meeting September 30, 2004 Network Security Roger Safian

Slides:



Advertisements
Similar presentations
Snort & ACID. UTSA IS 6973 Computer Forensics SNORT.
Advertisements

Acceptable Use Policy –The Acceptable Use Policy defines the rules of the machine and internet connection you are on. –Specific policies differ by machine.
Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.
Configuring your Home Network Configuring your Home Network Jay Ferron ADMT, CISM, CISSP, MCDBA, MCSE, MCT, NSA-IAM.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
IT Security Doug Brown Jeff Bollinger. What is security? P.H.P. People Have Problems Security is the mitigation and remediation of human error in information.
NetPass and Northwestern By Julian Y. Koh As told by Robert Vance NUIT-Telecom & Network Services.
Northwestern University Information Technology UNITS Quarterly Meeting April 29, 2004 Network Security Roger Safian
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
SIRT Contact Orientation Security Incident Response Team Departmental Security Contacts April 16, 2004.
Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.
LittleOrange Internet Security an Endpoint Security Appliance.
IT:Network:Apps.  Security Options  Group Policy  AppLocker  ACL.
Northwestern University Information Technology UNITS meeting February 17, 2005 Network Security – Statistics and Trends Roger Safian
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Advanced Internet Bandwidth and Security Strategies Fred Miller Illinois Wesleyan University.
How to Install Norton Internet Security 2005 Stephen Cooke Veronica McCall Carlos Portillo Vernita Rucker Howard Sanders.
Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.
Network Perimeter Security Yu Wang. Main Topics Border Router Firewall IPS/IDS VLAN SPAM AAA Q/A.
EDUCAUSE Security 2006 Internet John Brown University.
Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.
Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.
Internet safety By Lydia Snowden.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
CERN’s Computer Security Challenge
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.
Security at NCAR David Mitchell February 20th, 2007.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
The ProactiveWatch Monitoring Service. Are These Problems For You? Your business gets disrupted when your IT environment has issues Your employee and.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
Firewall Security.
CSCE 201 Windows XP Firewalls Fall Reading Windows XP help and Support: search on “Firewall” Tony Bradley, CISSP-ISSAP, Windows XP SP2 Firewall,
Wireless Intrusion Prevention System
Small Business Security Keith Slagle April 24, 2007.
Module 11: Designing Security for Network Perimeters.
Security fundamentals Topic 10 Securing the network perimeter.
NetTech Solutions Protecting the Computer Lesson 10.
Firewall – Survey  Purpose of a Firewall  To allow ‘proper’ traffic and discard all other traffic  Characteristic of a firewall  All traffic must go.
I NTRUSION P REVENTION S YSTEM (IPS). O UTLINE Introduction Objectives IPS’s Detection methods Classifications IPS vs. IDS IPS vs. Firewall.
Proposed UW Minimum Computer Security Standards From C&C 28 Jan 2005 Draft.
Network Security Terms. Perimeter is the fortified boundary of the network that might include the following aspects: 1.Border routers 2.Firewalls 3.IDSs.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
WINS Monthly Meeting 06/05/2003 WINS Monthly Meeting 06/05/2003.
IS3220 Information Technology Infrastructure Security
By Kyle Bickel.  Securing a host computer is making sure that your computer is secure when it’s connected to the internet  This be done by several protective.
Copyright © 2008 AusCERT 1 Practical Computer Security See the notes section throughout the slide presentation for additional information.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Chapter 14.  Upon completion of this chapter, you should be able to:  Identify different types of Intrusion Detection Systems and Prevention Systems.
25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.
Security fundamentals
Critical Security Controls
Securing the Network Perimeter with ISA 2004
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
Firewalls.
HOW TO MAKE YOUR GMAIL ACCOUNT SECURE…. At Google, we take account security very seriously. To protect your account, we strongly recommend following the.
Digital Pacman: Firewall Edition
Information Security Session October 24, 2005
Intrusion Prevention Systems
Lecture 3: Secure Network Architecture
Intrusion Detection system
Network hardening Chapter 14.
Implementing Firewalls
Presentation transcript:

UNITS meeting September 30, 2004 Network Security Roger Safian

Agenda Our environment Statistics Why these incidents occur –What can be done to prevent them Future improvements Questions

Firewalls Recommending personal firewalls –Typically Zone Alarm or XP firewall Some departments have traditional firewalls –This number is growing Central IT has a purchasable solution

Optional Router Filters Block traffic from entering NU’s network –On more than 75% of the network –Use VPN to bypass filters Ports filtered –MS networking - 135, 137, 138, 139, 445 –Unix NFS & portmapper - 111, 2049 –MS Terminal Services –MS SQL – 1433, 1434

Packeteer Classifies traffic by application Per application bandwidth partitioning –Mainly P2P Enforces service level agreements –Research park Provides detailed flow information Very limited data lifespan

Flow Data Statistical data from border router Sampled – 1 in 100 packets –Source and Destination address –Source and Destination ports –Byte count –Timestamp Used to produce top 20 reports

Intrusion Detection System We use two solutions in parallel StealthWatch –A statistical/anomaly based system –Currently two devices One at the border the other at 2020 Ridge Snort –Currently 15 devices

Get Control Home for NU security and virus warnings Updated frequently Has tips on staying secure Contains instructions on removing viruses –Links to online removal tools

Statistics FY 2002/2003 –Virus = 1166 –Compromised = 727 –Total incidents = /1/02 – 8/31/03 FY 2003/2004 –Virus = 7976 –Compromised = 467 –Total incidents = /1/03 – 8/31/04

Why these incidents occur? Weak Passwords –All machines and accounts need passwords –Use rules similar to the NetID rules Opening viral attachments –Don’t open unexpected attachments –Only open specific types of extensions –Make sure to look at the LAST extension

Why these incidents occur? (2) Updates not applied –Ensure Windows update runs automatically –Don’t forget about layered products Network use –P2P –Be careful when clicking on links

Why these incidents occur? (3) Out of date anti-viral software –Ensure you install the NU supplied software –Set to update automatically EVERY day Blended Threats –Multiple attack vectors directed at hosts Home Networks –Frequently attacked with little monitoring

Why these incidents occur? (4) Lack of firewall –Even if user has one they don’t understand it –Often installed after the infection Not a good idea This is most serious on home networks –Mitigated by routers with NAT

NUSA Network User Status Agent –Automatic notification Two events port off and display –Allows authorized users to re-enable ports –Accepts input from other sources Future use as data correlation agent –Current systems are stand-alone

NetPass Current system NetReg –Deployed in the dorms –Associates MAC address with NetID –Checks for 3 vulnerabilities NetPass –Checks for 25 vulnerabilities –Includes self-remediation

Questions? Contact Information – – (NOC 24x7)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.