Columbus Convention Center - October 1, 2008 Meeting Room E171 James Matheke Greg Perkins.

Slides:



Advertisements
Similar presentations
Encrypting Wireless Data with VPN Techniques
Advertisements

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
Fundamentals of Information Systems, Second Edition 1 Telecommunications, the Internet, Intranets, and Extranets Chapter 4.
2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)
Firewall Configuration Strategies
Mgt 20600: IT Management & Applications Telecommuncations and Networks Tuesday March 28, 2006.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Nasca Internet Ch. 5Internet Ch. 8 Networking and Security Ch. 6 Networking and Security Ch. 8.
Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.
Copyright Kenneth M. Chipps Ph.D. 1 VPN Last Update
Network Address Translation, Remote Access and Virtual Private Networks BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.
1 © J. Liebeherr, All rights reserved Virtual Private Networks.
Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.
Virtual Private Network
MCTS GUIDE TO MICROSOFT WINDOWS 7 Chapter 14 Remote Access.
Virtual Private Network prepared by Rachna Agrawal Lixia Hou.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
Introduction to Networks Networking Concepts IST-200 VWCC 1.
1 Networks, advantages & types of What is a network? Two or more computers that are interconnected so they can exchange data, information & resources.
VPN: An Easy Software / Appliance Solution for Remote Access Robert Gulick, EdD DBA/Technology Trainer Parma City School District
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
Virtual Private Network (VPN). ©2001 Check Point Software Technologies Ltd. - Proprietary & Confidential “ If saving money is wrong, I don’t want.
Networks and Hackers Copyright © Texas Education Agency, All rights reserved. 1.
1 Web Server Administration Chapter 1 The Basics of Server and Web Server Administration.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
Common Devices Used In Computer Networks
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
Module 8 Configuring Mobile Computing and Remote Access in Windows® 7.
Module 4: Designing Routing and Switching Requirements.
CIS 450 – Network Security Chapter 3 – Information Gathering.
VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.
Virtual Private Network (VPN) Topics Discussion What is a VPN? What is a VPN?  Types of VPN  Why we use VPN?  Disadvantage of VPN  Types of.
15-1 Networking Computer network A collection of computing devices that are connected in various ways in order to communicate and share resources.
Fundamentals of Information Systems, Second Edition 1 Telecommunications, the Internet, Intranets, and Extranets.
Chapter 11 Introduction to Computer Networks Chapter 1.
Hands-On Microsoft Windows Server Introduction to Remote Access Routing and Remote Access Services (RRAS) –Enable routing and remote access through.
BZUPAGES.COM. What is a VPN VPN is an acronym for Virtual Private Network. A VPN provides an encrypted and secure connection "tunnel" path from a user's.
Hp education services education.hp.com 10 Virtual Private Networks Version B.00 H7076S Module 2 Slides.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
University of Palestine Faculty of Applied Engineering and Urban Planning Software Engineering Department INTRODUCTION TO COMPUTER NETWORKS Dr. Abdelhamid.
NETWORKING COMPONENTS Buddy Steele Assignment 3, Part 1 CECS-5460: Summer 2014.
TCP/IP (Transmission Control Protocol / Internet Protocol)
Last Minute Security Compliance - Tips for Those Just Starting 10 th National HIPAA Summit April 7, 2005 Chris Apgar, CISSP – President Apgar &
NETWORKING FUNDAMENTALS. Network+ Guide to Networks, 4e2.
Mohammed F & Aya. Peer-to-peer network are usually common in homes and small businesses and are not necessarily expensive. On a peer-to-peer network each.
Security fundamentals Topic 10 Securing the network perimeter.
Fundamentals of Information Systems, Second Edition 1 Telecommunications, the Internet, Intranets, and Extranets.
CHAPTER - 4 COMPUTER NETWORK Dr. BALAMURUGAN MUTHURAMAN
Release 16/7/2009 Introduction to Computer Networks Chapter 1 Jetking Infotrain Ltd.
IS3220 Information Technology Infrastructure Security
Introduction to Networking. What is a Network? Discuss in groups.
Introduction to Networks. When Personal Computers first appeared in business, software programs were designed for a single user. However as computers.
VPN Alex Carr. Overview  Introduction  3 Main Purposes of a VPN  Equipment  Remote-Access VPN  Site-to-Site VPN  Extranet Based  Intranet Based.
VIRTUAL PRIVATE NETWORKS Lab#9. 2 Virtual Private Networks (VPNs)  Institutions often want private networks for security.  Costly! Separate routers,
COMPUTER NETWORKS Quizzes 5% First practical exam 5% Final practical exam 10% LANGUAGE.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY IT375 Window Enterprise Administration Course Name – IT Introduction to Network Security Instructor.
Security fundamentals
Chapter 7. Identifying Assets and Activities to Be Protected
Encrypted from CDS Office Technologies
Virtual Private Networks (VPN)
Virtual Private Networks
Securing the Network Perimeter with ISA 2004
Virtual Private Networks (VPN)
Packet Sniffing.
Need for VPN As a business grows, it might expand to multiple shops or offices across the country and around the world. the people working in those locations.
Virtual Private Network
Firewalls Routers, Switches, Hubs VPNs
Protocol Application TCP/IP Layer Model
Topic 12: Virtual Private Networks
Presentation transcript:

Columbus Convention Center - October 1, 2008 Meeting Room E171 James Matheke Greg Perkins

Securing Data Transmission is becoming a growing concern for Security Professionals in both private and public sectors especially health related. Business requires that many forms of data be transmitted securely.

HIPAA  HIPAA – Health Insurance Portability & Accountability Act of  HIPAA protects PHI  PHI – Protected Health Information  Several ODH applications transmit PHI  HIPAA Title II – regulates & establishes health care related IT systems.

When you begin to discuss Secure Data Transmissions there are several questions that need to be ask.  What data needs secured ?  Where is your sensitive data?  Who uses the sensitive data?  How does the data move?

 What data needs secured ?  Data transmitted to Business Partners  Data sent via  Data transmitted internally over the WAN  Data transmitted from Remote Users  Wireless data communication

 As you can see Securing Data Communications is a broad topic due to the types of data transmission avenues. So I would like to give you an overview of the various technologies available to assist you with this task.  Securing Data Transmission is most likely some part of every IT staff individual’s responsibility. Hopefully if this does not make sense now it will by the time we are finished.

Focus Points  Network Level encryption  Securing Remote users  External Organization- Secure data transmissions with business partners  Application encryption  Wireless encryption  encryption

Network Level Encryption  Network level encryption is an easy way to encrypt data without modifying or rewriting your applications. This is all done at the network layer on your organization.  This level of encryption enables the security professionals to protect data transmissions at a network layer between entire source networks and destination networks as well as host to host communication.  This type of encryption is typically done on networks within an organization across the WAN but not typically between organizations.

Network Level Encryption  Example: ◦ Confidential data identified ◦ Client/Server Application ◦ Data runs across WAN … private point to point T1 ◦ Why do you still need to encrypt this data? It a private T1. ◦ It may be quicker, easier and/or more cost effective to implement network level encryption. This is a good example of how organizations use this technology. ◦

Network Level Encryption  The State of Ohio also utilizes this type of encryption between the Cabinet Level Agencies. ◦ Has anyone heard of the Inter-Agency VPN … or State VPN?

Network Level Encryption  ODH utilizes the technology with our Local Health Departments in each County & larger cities  Dedicated server farm centrally located.  Encrypted all traffic to these server networks  Advantage: This allows ease of management.  Disadvantage: Obviously it takes slightly more network resources (router CPU etc…) to encrypted traffic but for us (and most organizations) network resources are not the issue.  Advantage: Each time an application changes or a new application is put in place it would considerable work to modify the network each time.  Advantage: Also we don’t have to worry about miscommunication or no communicate that a new application requires secure communication.

Network Level Encryption  WIC offices – non co-located  Inexpensive Broadband for these offices  How do secure data transmissions?  Encrypt or tunnel all network traffic back from the small office back to the Central Office, across the Internet for access to agency applications.  Good small office solution (1-30 users).  Local 1.5 Mb broadband access is available for as low as $70/month (w/ 2 year contract).

Securing Remote Users  Remote users create additional security concerns because of where they communicate from  Secure Remote users with a VPN solution  There are numerous VPN solution products  How they typically work: Configured on a security device i.e. VPN concentrator or Firewall as well as adding VPN software to the client PC/Laptop.  SSL VPN can also be done without a client

Securing Remote Users Concerns/Recommendations:  No Split Tunneling. A term for a specific VPN configuration that allows the users to connect to the “users at home” LAN/Internet as well as the organizations network. This possible allows other LAN users to connect via the VPN to the organization resources.  Be sure to group your incoming VPN users (say by IP address) so that if you have a security incident that you can identify the individual or group.  Migrate RAS dial-up to DMZ and limit access.

External Organization Data Communication  What is external organization data communication ◦ Communication with your various business partners ◦ i.e. ODH receives various lab results and hospital info.  How do we secure data transmissions with our business partners? ◦ T1 to every business partner? No. ◦ Use the Internet ◦ Create “site to site” VPN connections.  These connections encrypt the data communication as it flows across the Internet.  Like Securing Remote Access this is done with a security device such as a VPN concentrator or firewall at each organization.

Application encryption  Secure Data transmissions with application encryption  SSL based html code  Examples: Banking, Internet purchasing, personal health related or other sites with confidential data.  What if you need to encrypt new data content on your web servers?  Load Balancing devices can “encrypted” data

Application encryption  ODH Migration Project from BigIP to NetScaler. ◦ Terminate SSL connection on both devices.  Communicate via http to back end servers … can encrypt also  More efficient and speeds up your web applications.  Additional features (off subject) ◦ Cache static content (*.gif, *.jpeg, *.pdf, *.css and java scripts ◦ Compression of these file types ◦ Additional speed with these features.  There are also ways to implement a PKI solution to secure/encrypt your applications.

Wireless Security  Wireless networks are increasing as are wireless security issues.  Unsecured wireless networks can be a huge vulnerability of an organization. ◦ Rouge access points brought in by staff, public wireless access or mis-configured AP’s in an unsecure manner can be a big issue. ◦ Secure your confidential information accessed via your wireless network. Hackers can captures data out of the air.  Wireless Internet access from Hotel

encryption  Numerous encryption applications are available on the market.  How do they work? ◦ They work by sending a web link to the recipient of the who then logs into to the secure server to retrieve the  ODH uses ZIX Corp encryption which has built in algorithms or dictionaries called Lexicons that inspect outbound traffic for 1000’s of keywords, phrases including PHI information signatures as well as other confidential indentifying information.

Securing Data Transmission Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.