January 2006Common Solutions Group1 Network Based Security Looking at the future of university networking…

Slides:



Advertisements
Similar presentations
Network Systems Sales LLC
Advertisements

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
Introducing Campus Networks
IPv6 Planning and Implementation at PSU.  1986 – PSU gets Class B network ( ) & 5 Class C networks  1988 – Department of Computer.
Network+ Guide to Networks, Fourth Edition
Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.
Property of the University of Notre Dame Navigating the Regulatory Maze: Notre Dame’s PCI DSS Solution EDUCAUSE Midwest Regional Conference March 17, 2008.
Secure Computing Network
WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, /30/2009.
Network+ Guide to Networks, Fourth Edition Chapter 1 An Introduction to Networking.
Sharepoint 2007  An integrated suite of server capabilities can help improve organizational effectiveness by providing various processes.  Provides.
Institute of Technology, Sligo Dept of Computing Semester 3, version Semester 3 Chapter 3 VLANs.
All Rights Reserved © Alcatel-Lucent | Dynamic Enterprise Tour – Safe NAC Solution | 2010 Protect your information with intelligent Network Access.
Secure Network Design: Designing a Secure Local Area Network IT352 | Network Security |Najwa AlGhamdi1 Case Study
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
Sample Diagram.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,
Network Devices BY JACKSON HARDESTY. Hubs  Hubs are a now outdated way of sending signals at layer 2 compared to switches.  Hubs are used primarily.
Chapter 14 Managerial issues in networking. Overview Network design Network management – Hardware – Software Technology standards Role of government and.
Network discovery Multi- server mgmt (MSM) Visibility & audit.. Automatic discovery of DC, DHCP and DNS servers, and dynamic IP addresses.
1 Lecture #6 Switch – VLAN Asst.Prof. Dr.Anan Phonphoem Department of Computer Engineering, Faculty of Engineering, Kasetsart University, Bangkok, Thailand.
Network+ Guide to Networks, Fourth Edition Chapter 1 An Introduction to Networking.
1 October 20-24, 2014 Georgian Technical University PhD Zaza Tsiramua Head of computer network management center of GTU South-Caucasus Grid.
Virtual LAN Design Switches also have enabled the creation of Virtual LANs (VLANs). VLANs provide greater opportunities to manage the flow of traffic on.
Current Job Components Information Technology Department Network Systems Administration Telecommunications Database Design and Administration.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
1/28/2010 Network Plus Network Device Review. Physical Layer Devices Repeater –Repeats all signals or bits from one port to the other –Can be used extend.
EMEA Partners XTM Network Training
Module 9: Configuring IPsec. Module Overview Overview of IPsec Configuring Connection Security Rules Configuring IPsec NAP Enforcement.
Module 4: Planning, Optimizing, and Troubleshooting DHCP
© 2006 Cisco Systems, Inc. All rights reserved. Optimizing Converged Cisco Networks (ONT) Module 6: Implement Wireless Scalability.
Module 2: Installing and Maintaining ISA Server. Overview Installing ISA Server 2004 Choosing ISA Server Clients Installing and Configuring Firewall Clients.
AANTS: Web-Based Tools for Cooperative Campus Network Administration Charles Thomas Dave Plonka AANTS Administration Team Division of Info. Tech. (DoIT)
1 Second ATLAS-South Caucasus Software / Computing Workshop & Tutorial October 24, 2012 Georgian Technical University PhD Zaza Tsiramua Head of computer.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
UNIT 6 SEMINAR Unit 6 Chapter 7 and 8, plus Lab 12 Course Name – IT482 Network Design Instructor – David Roberts – Office Hours:
ICT development office ICT research, planning and training dept. Network development and administration dept. System development and operation dept. President.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Introducing Network Design Concepts Designing and Supporting Computer Networks.
Hierarchical Network Design – a Review 1 RD-CSY3021.
Module 8: Managing Terminal Services. Overview Use and manage Terminal Services RemoteApp programs Use and manage Terminal Services Gateway Optimize and.
1 Network-level Security at UVa Jim Jokl Common Solutions Group January 2006.
Based on work by DoIT Network Services, UW-Madison The Network and the Role of Tools January 6, 2006 Ron Kraemer, Deputy CIO.
AANTS: Web-Based Network Administration Tools - Latest Developments Charles Thomas AANTS Administration Team Division of Info. Tech. (DoIT) Network Services.
Chapter 3  Network Implementation and Management Strategies 1 Chapter 3 Overview  Why is a network implementation strategy necessary?  Why is network.
UW Madison Campus Network Security Strategy Campus Firewall Service Rick Keir DoIT Network Services
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Introducing Network Design Concepts Designing and Supporting Computer Networks.
Security fundamentals Topic 10 Securing the network perimeter.
Understand Network Isolation Part 2 LESSON 3.3_B Security Fundamentals.
VLAN Cisco (Router/Switch)
IS3220 Information Technology Infrastructure Security
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Creating the Network Design Designing and Supporting Computer Networks – Chapter.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY IT375 Window Enterprise Administration Course Name – IT Introduction to Network Security Instructor.
VLAN Cisco (Router/Switch)
Security fundamentals
OIT Security Operations
Chapter 1 Introduction to Networking
Instructor Materials Chapter 5: Network Security and Monitoring
SECURITY ZONES.
2016 Citrix presentation.
Securing the Network Perimeter with ISA 2004
The NPD Group - Enterprise DC Agenda
Managing Exchange Online using Office 365 Admin Console
Chapter 5: Network Security and Monitoring
Based on work by DoIT Network Services, UW-Madison
Managing Exchange Online using PowerShell
Managing Exchange Online using Office 365 Admin Console
Managing Exchange Online using Office 365 Admin Console
Chapter 3 VLANs Chaffee County Academy
Managing Exchange Online using PowerShell
Managing Exchange Online using PowerShell
Presentation transcript:

January 2006Common Solutions Group1 Network Based Security Looking at the future of university networking…

January 2006Common Solutions Group2 CSG Network/Subnet Poll (1) Asked on –Ednog –Netguru –Virtnet Heard from (in no particular order): –Berkeley, Columbia, UBuffalo, Stanford, UCLA, VT, Cornell, Yale, Duke, CMU, Northwestern, Colorado, UMich

January 2006Common Solutions Group3 CSG Network/Subnet Poll (2): Complicated technical issues – VLans, VLans, everywhere… History of subnetting for manageability –Smaller broadcast domains –Tracking addresses for abuse Future of subnetting for service differentiation –Traffic isolation for real and imagined safety –Differential firewall policy (users, services, multi-tier web services) –Pre-auth,.1x for vlan assignment, quarantine subnets –Isolated subnets for customer firewalling –Infrastructure devices - no need for remote access –Address preservation, RFC1918 (NAT-ed and not) –Networking ‘for-fee’

January 2006Common Solutions Group4 CSG Network/Subnet Poll (3) A few more issues –Spanning tree isn’t “a fun thing” –Vlans != subnets –Some campus trunks – mostly avoided –Need tools for VLAN management –Lots of ‘not-so-smart’ devices –Edge security is preferred, defense in depth is necessary –Need lots of tools – particular with dynamics –Didn’t ask the vpn question… –Didn’t ask the lambda question…

January 2006Common Solutions Group5 Asking a little differently… How many of you now, or in future will: Offer more than one class of network connectivity? Require VPN’s for remote access to many apps? Require network admission control (pre-access)? –For wired –For wireless Offer (or allow) subnet firewalls? Offer dedicated lambdas?

January 2006Common Solutions Group6 Stanford Governance Pressure University enterprise risk management Internal Audit & Info Security Officer External Audit of Systems Faculty Governance Committee Administrative Governance Committee

January 2006Common Solutions Group7

January 2006Common Solutions Group8 Key UW-Madison Strategies Deploy a three-zone network with clear standards and policies for each zone Build relationships and understanding between central net-admins, department net-admins, and other campus interests Empower (training and tools) department net- admins to manage things that are important to them using a powerful set of web-based network monitoring and administration tools

January 2006Common Solutions Group9 AANTS: Authorized Agent Network Tool Suite Loosely-coupled set of web-based utilities for network administration Tools are team-developed in-house, optimized toward local networking practices, driven by user need About 244 trained network administrators across campus Allow users (campus LAN administrators and network engineers) to manage network devices, change device configurations, troubleshoot, inspect traffic data, coordinate with users, and perform other network management tasks

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.