Networks and Security A Series of Lectures, Outlining: How Networks affect Security of a system Security of System Security of Network Security of Organisation.

Slides:

Advertisements

Similar presentations

DMZ (De-Militarized Zone)

Advertisements

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

FIREWALLS Chapter 11.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Principles of Information Security, 2nd Edition1 Firewalls and VPNs.

Firewalls and Intrusion Detection Systems

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &

1 Computer System Evolution Central Data Processing System: - with directly attached peripherals (card reader, magnetic tapes, line printer). Local Area.

Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.

Stephen S. Yau CSE , Fall Security Strategies.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

Internet/Intranet firewall security – policy, architecture and transaction services Written by Ray Hunt This presentation will Examines Policies that influence.

OSI Model Routing Connection-oriented/Connectionless Network Services.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

Intranet, Extranet, Firewall. Intranet and Extranet.

FIREWALL Mạng máy tính nâng cao-V1.

NetworkProtocols. Objectives Identify characteristics of TCP/IP, IPX/SPX, NetBIOS, and AppleTalk Understand position of network protocols in OSI Model.

Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

Chapter 13 – Network Security

1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.

ACM 511 Chapter 2. Communication Communicating the Messages The best approach is to divide the data into smaller, more manageable pieces to send over.

October 15, 2002Serguei A. Mokhov, 1 Intro to Internet-services from Security Standpoint SOEN321-Information-Systems Security Revision.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.

FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.

11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

TCP/IP Protocols Contains Five Layers

1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.

Firewall – Survey Purpose of a Firewall – To allow ‘proper’ traffic and discard all other traffic Characteristic of a firewall – All traffic must go through.

1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.

Chapter 9 Networking & Distributed Security. csci5233 computer security & integrity (Chap. 9) 2 Outline Overview of Networking Threats Wiretapping, impersonation,

Firewall Security.

CS460 Final Project Service Provider Scenario David Bergman Dong Jin Richard Bae Scott Greene Suraj Nellikar Wee Hong Yeo Virtual Customer: Mark Scifres.

Module 11: Designing Security for Network Perimeters.

1 Network Firewalls CSCI Web Security Spring 2003 Presented By Yasir Zahur.

Introduction to Information Security

Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.

1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.

Security fundamentals Topic 10 Securing the network perimeter.

Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:

Network Programming Chapter 1 Networking Concepts and Protocols.

Chapter 9 Networking & Distributed Security (Part C)

Lab #2 NET332 By Asma AlOsaimi. "Security has been a major concern in today’s computer networks. There has been various exploits of attacks against companies,

COSC513 Final Project Firewall in Internet Security Student Name: Jinqi Zhang Student ID: Instructor Name: Dr.Anvari.

The OSI Model. Understanding the OSI Model In early 1980s, manufacturers began to standardize networking so that networks from different manufacturers.

@Yuan Xue CS 285 Network Security Fall 2012 Yuan Xue.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

ASHRAY PATEL Protection Mechanisms. Roadmap Access Control Four access control processes Managing access control Firewalls Scanning and Analysis tools.

Lecture 12 Page 1 CS 136, Spring 2009 Network Security: Firewalls CS 136 Computer Security Peter Reiher May 12, 2009.

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

FIREWALLS An Important Component in Computer Systems Security By: Bao Ming Soh.

KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY IT375 Window Enterprise Administration Course Name – IT Introduction to Network Security Instructor.

Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos

Firewalls Definition: Device that interconnects two or more networks and manages the network traffic between those interfaces. Maybe used to: Protect a.

Security fundamentals

Lab #2 NET332 By Asma AlOsaimi.

CompTIA Security+ Study Guide (SY0-401)

CONNECTING TO THE INTERNET

Firewall – Survey Purpose of a Firewall Characteristic of a firewall

CompTIA Security+ Study Guide (SY0-401)

Firewalls Purpose of a Firewall Characteristic of a firewall

Firewalls Jiang Long Spring 2002.

Introduction to Network Security

Implementing Firewalls

Presentation transcript:

Networks and Security A Series of Lectures, Outlining: How Networks affect Security of a system Security of System Security of Network Security of Organisation Secure vs Trustworthy Attack Vulnerabilities Web references and Bibliography Eur Ing Brian C Tompsett University of Hull

Networking Principles Revision ISO 7 Layer Model Names and function of layers Layer interconnect terminology

Internet Basics Revision IP Addresses (and registrars) Domain Names (and registrars) on.to / i.am / name.is Services/Sockets http port 80

ISO 7 Layer Model Network Datalink Physical Application Presentation Session Transport Network Datalink Physical Application Presentation Session Transport Hub/Repeater Gateway Proxy/Relay NAT/ICS/ Proxy Router Switch/Bridge PTU Frame Datagram Packet Datagram Segment Message IP TCP/UDP HTTP/FTP SMTP PPP/SLIP Ethernet 10BaseT ADSL

Internet The Movie Animation covering salient points It has some factual error Can you spot them? First Mention of Firewalls Covered later

Summary Overall Networking Architecture Role of Layers & Layer Interface Internet Protocols Network Interconnections Any further revision?

2

What is it for? What is the purpose of Trustworthy Computing? Computer Security? Information Security?

Entities Environment Organisation Infrastructure Activity

Data Procedures Activities Infrastructure Organisation

Entities Environment Organisation Infrastructure Activities Procedures Data

Information Security Model Entities Protection Environment Protection Organisation Protection Infrastructure Protection Activity Protection Procedure level Protection Data Protection

Security 7 Layer Model Activity Procedures Data Entities Environment Organisation Infrastructure Activity Procedures Data Entities Environment Organisation Infrastructure Translation Relationship Contract Language Protocol Packet Document Business Contact Information Connection Exchange Gateway Exchange

Entities Objects being manipulated by the system Entities can be active or passive Data about entities is being protected Entities can be People, Organisations or Objects Entities themselves encompass other entities – Collection or Containment Security involves: Physical Changes – Commissioning Operational Procedure – What they do Structure – Interrelations

Environment The restrictions on entities Can act to limit or constrain security or freedom of action Legislation, Regulation, Ethics Technical Capability, Resource Limitation Compatibility, Standards, Procedures Physical Limitation

Organisation The Mechanism by which operations a performed The Organisation within the environment

Infrastructure That which enables activities The physical components which may or may not be entities in their own right

Activity The tasks which process the data Usually a business activity Could be a software Application

Procedure The component steps that enable an activity Can be software components or human procedures

Data The actual data about entities The goal of a security breach Protected by Cryptography Integrity

Security Models ISO ISO – ISO series SABSA Sherwood Applied Business Security Architecture Based on Zachman IS Framework Financial Security Model

SABSA Model

Financial Security Model Finance Applications for financial users, issuers of digital value, trading and market operations Value Instruments that carry monetary value Governance Protection of the system from non-technical threats Accounting Value within defined places Rights An authentication concept – moving value between identities Software Engineering Tools to move instructions over the net Cryptography Sharing truths between parties

ISO Security Policy Organisation of Information Security Asset Management Human Resources Security Physical and Environmental Security Communications and Operational Management Access Control Systems Development, Acquisition, Maintenance Security Incident Management Business Continuity Management Compliance

ISO 17799

Network Security Model Personal Protection Organisation Protection Network Protection System Protection Application Protection Code level Protection Data Protection

Person Organisation Infrastructure Systems Application

Data Procedure Application Systems Infrastructure

Person Organisation Infrastructure Systems Applications Procedures Data

Security 7 Layer Model Application Procedures Data Person Organisation Infrastructure Systems Application Procedures Data Person Organisation Infrastructure Systems Translation Relationship Contract Language Protocol Packet Document Business Contact Information Connection Exchange Gateway Exchange

Static Dynamic ActivityObject

Personal Protection Personal Security Locking Doors, Staying Safe Personal Data Protection Giving out DOB, Credit Card, Family info Securing Access to your Computer Personal Security Policy for all Protect others personal security

Organisation Protection Organisation / Institution / Company A Holistic View Corporate Image Make public only what required Hide internal structure & information Window & Door into Organisation Manages Input & Output

Doors and Windows Decide What Services are available Web servers, ftp, Which hosts on which networks Which domains used On which IP nets Hosted by whom What registration information Names, addresses phone numbers

WWW Internet FTP SMTP Gateway Inside Outside

Network Protection Protect Network as entity/resource Manage permitted traffic flow Manage authorised use Architect the Network - zoning Firewalling

Network Architecture Proper use of Subnets and domains Limit traffic to local segments Use Bridges/Switches/Routers/Proxies Prevent data and authority leaks

What to Firewall? Certain Protocols – netBios Certain Responses – ping/traceroute Certain Applications Real/IRC Certain Systems/Networks Control Port/Host combinations Port/25, HTTP Port/80, FTP Port/21 Rate Limit Denial of Service/Scanners

System Protection Protect each system from misuse Incoming & Outgoing! Control Which Services Run Virus checkers

Application Protection Specific Application Configuration Parental Controls of Web Browsers Domain/IP blockers Spam filters Control file/device exports

Code Level Protection Writing Secure Code Even on secured system Bad Code compromises security Hence software updates

Data Protection Hiding the Data Cryptography Data Transience Data Integrity

3

Forms of Attack Denial of Service Input Data Attack Spoofing Sniffing Social Engineering