E-Mail Delivery at the University of Guelph. Background Email flow has dramatically increased in the past few years (~2,000,000 msgs/week) This increase.

Slides:

Advertisements

Similar presentations

Kalpesh Vyas & Seward Khem

Advertisements

Firewalls Steven M. Bellovin Matsuzaki ‘maz’ Yoshinobu 1.

IUT– Network Security Course 1 Network Security Firewalls.

FIREWALLS Chapter 11.

Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

Winter CMPE 155 Week 7. Winter Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.

Security Firewall Firewall design principle. Firewall Characteristics.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.

By Won Lee.  Stands for Simple Mail Transfer Protocol  Used for sending and receiving electronic mail efficiently and reliably  Daily function of life.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey

Spring 2004 CMPE 151: Network Administration Lecture 6.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

Internet/Intranet firewall security – policy, architecture and transaction services Written by Ray Hunt This presentation will Examines Policies that influence.

Your technology solution partner.™ Security Enterprise Protection Gener C. Tongco Product Manager CT Link Systems Inc.

1 SMTP Transport Configuration SMTP Configurations and Virtual Servers Customizing the SMTP Service.

Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

Campus Firewalling Dearbhla O’Reilly Network Manager Dublin Institute of Technology.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.

The Linux Operating System Lecture 7: Tonga Institute of Higher Education.

Chapter 6: Packet Filtering

Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.

CERN’s Computer Security Challenge

Trend Micro Confidential 9/23/2015 Threat Rules Sharing Advanced Threats Research.

Huda AL_Omairl - Network 71 Protocols and Network Software.

Telecommunications Networking II Lecture 41e Firewalls.

CONTENTS  INTRODUCTION.  KEYWORDS  WHAT IS FIREWALL ?  WHY WE NEED FIREWALL ?  WHY NOT OTHER SECURITY MECHANISM ?  HOW FIREWALL WORKS ?  WHAT IT.

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

Lanxin Ma Institute of High Energy physics (IHEP) Chinese Academy of Sciences September 30, 2004 CHEP 2004, Interlaken The Security Protection System at.

1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.

1 The 2006 ResNet Security Survey ResNet Applied Research Group David Futey Kevin Guidry December 15, 2006.

Web Content Filtering Mayur Lodha (mdl2130). Agenda  Need of Filtering  Content Filtering  Basic Model  Filtering Techniques  Filtering  Circumvent.

CU – Boulder Security Incidents Jon Giltner. Our Challenge.

Technology Update TSAG Meeting 12/12/02. Announcements: Campus Operations Center: Holiday Hours  Christmas: 12/22-1/1 8am-5pm Coverage  On Call Coverage:

CSCE 201 Security Fall CSCE Farkas2 Electronic Mail Most heavily used network-based application – Over 210 billion per day Used across.

Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.

Internet Security and Firewall Design Chapter 32.

1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.

NETWORKING FUNDAMENTALS. Network+ Guide to Networks, 4e2.

1 Firewall Rules. 2 Firewall Configuration l Firewalls can generally be configured in one of two fundamental ways. –Permit all that is not expressly denied.

ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.

SMTP Tapu Ahmed Jeremy Nunn. Basics Responsible for electronic mail delivery. Responsible for electronic mail delivery. Simple ASCII protocol that runs.

Overview of Firewalls. Outline Objective Background Firewalls Software Firewall Hardware Firewall Demilitarized Zone (DMZ) Firewall Types Firewall Configuration.

Enterprise Network Systems TCP Mark Clements. 3 March 2008ENS 2 Last Week – Client/ Server Cost effective way of providing more computing power High specs.

Linux Operations and Administration Chapter Twelve Configuring a Mail Server.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

Bridge through Firewall Revised August 8th Objectives  Run Bridge through the firewall but block SQL port 1433 for inbound traffic. There should.

554 Access Denied Fermilab’s Experiences with Spamcop.net Kevin Hill Ray Pasetes Jack Schmidt.

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

FNAL Central Systems Jack Schmidt, Al Lilianstrom, Ray Pasetes, and Kevin Hill (Fermi National Accelerator Laboratory) Introduction The FNAL .

25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.

Protocols and networks in the TCP/IP model initially.

Chapter 27: System Security

has many aspects that work together to give people almost instant communication from any computer on the internet to any other computer There.

Firewalls Routers, Switches, Hubs VPNs

FIREWALL By Abhishar Baloni I.D

دیواره ی آتش.

Computer communications

By Seferash B Asfa Wossen Strayer University 3rd December 2003

Filtering, Security and Business Continuity

Presentation transcript:

Delivery at the University of Guelph

Background flow has dramatically increased in the past few years (~2,000,000 msgs/week) This increase has resulted in: An extensive increase in viruses CCS instituted virus scanning in mail flow A massive increase in spam CCS instituted Realtime Blackhole List CCS instituted spam filtering service

The steady increase in compromised machines has resulted in: –A negative impact on network and University reputation –Increased demand for CCS resources to identify problems –Increased demand on departmental resources to correct problems

Necessary Action Better control of flow on/off campus We need to restrict the flow of on/off campus through centrally managed hosts. This will result in: All being virus scanned All passing through preliminary spam filtering All being spam “scored” The limiting of compromised machines to propagate viruses/spam back out onto the internet Proactive notification of virus infected machines Less resources committed to chasing related compromises Improved reputation of the University

Current Mail Flow Internet CCS Mail Servers Dept Mail Servers U of G Workstations

Future Mail Flow Internet CCS Mail Servers Dept Mail Servers U of G Workstations

Delivery Architecture travels across the network using the SMTP (Simple Mail Transfer Protocol) port (ie port 25) of destination hosts. In order to provide a secure and protected environment on campus, CCS will develop the following architecture to control the use of the SMTP port: All mail destined for hosts inside the uoguelph.ca network must pass through the CCS SMTP service. Connections originating outside the uoguelph.ca network to the SMTP port of any host (other than authorized CCS hosts) of the uoguelph.ca network will be blocked. All mail destined for hosts outside the uoguelph.ca network must pass through the CCS SMTP service (outbound.mail.uoguelph.ca). Connections originating inside the uoguelph.ca network from any host (other than authorized CCS hosts) going directly to the SMTP port of hosts outside the uoguelph.ca network will be blocked. Unauthorzied attempts to circumvent these measures will be considered a violation of the Acceptable Use Policy and Guidelines.

Impact As 95%+ of mail is already delivered through centrally managed mail servers, impact will be minimal. A few departments will need to change Some personal workstations will need to change CCS will work with individual departments to phase in the changes by the end of August.

So Far…. Discussion and widespread support at ITSIG Introduction of SMTP controls on ResNet Departments beginning to align