1 Defining Network Security Security is prevention of unwanted information transfer What are the components? –...Physical Security –…Operational Security.

Slides:



Advertisements
Similar presentations
DMZ (De-Militarized Zone)
Advertisements

IUT– Network Security Course 1 Network Security Firewalls.
FIREWALLS Chapter 11.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Network Security. Reasons to attack Steal information Modify information Deny service (DoS)
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Lecture 25: Firewalls Introduce several types of firewalls
Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.
Firewalls and Intrusion Detection Systems
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World.
Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.
Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.
Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
1 © J. Liebeherr, All rights reserved Virtual Private Networks.
1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.
Course 201 – Administration, Content Inspection and SSL VPN
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.
NW Security and Firewalls Network Security
8: Network Security8-1 Security in the layers. 8: Network Security8-2 Secure sockets layer (SSL) r Transport layer security to any TCP- based app using.
Intranet, Extranet, Firewall. Intranet and Extranet.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.
Web Server Administration Chapter 10 Securing the Web Environment.
Csci5233 Computer Security1 Bishop: Chapter 27 System Security.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
2/24/2000 Will Lennon 1 Internet Security Based on Learning Tree Course #468: Internet and Intranet Security: A Comprehensive Introduction.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
FIREWALLS Prepared By: Hilal TORGAY Uğurcan SOYLU.
Chapter 37 Network Security. Aspects of Security data integrity – data received should be same as data sent data availability – data should be accessible.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
TCP/IP Protocols Contains Five Layers
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Module 4 Quiz. 1. Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution.
Hands-On Microsoft Windows Server Implementing Microsoft Internet Information Services Microsoft Internet Information Services (IIS) –Software included.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
Secure Wired Local Area Network( LAN ) By Sentuya Francis Derrick ID Module code:CT3P50N BSc Computer Networking London Metropolitan University.
Karlstad University Firewall Ge Zhang. Karlstad University A typical network topology Threats example –Back door –Port scanning –…–…
Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Security fundamentals Topic 10 Securing the network perimeter.
Chapter 40 Network Security (Access Control, Encryption, Firewalls)
Lect 8 Tahani al jehain. Types of attack Remote code execution: occurs when an attacker exploits a software and runs a program that the user does not.
SYSTEM ADMINISTRATION Chapter 10 Public vs. Private Networks.
Presented By Hareesh Pattipati.  Introduction  Firewall Environments  Type of Firewalls  Future of Firewalls  Conclusion.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Chapter 8.  Upon completion of this chapter, you should be able to:  Understand the purpose of a firewall  Name two types of firewalls  Identify common.
FIREWALLS An Important Component in Computer Systems Security By: Bao Ming Soh.
Security fundamentals
CompTIA Security+ Study Guide (SY0-401)
Virtual Private Networks
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
CompTIA Security+ Study Guide (SY0-401)
Computer Security Firewalls November 19, 2018 ©2004, Bryan J. Higgs.
Firewalls Purpose of a Firewall Characteristic of a firewall
Firewalls Routers, Switches, Hubs VPNs
Introduction to Network Security
Advanced Computer Networks
Presentation transcript:

1 Defining Network Security Security is prevention of unwanted information transfer What are the components? –...Physical Security –…Operational Security –…Human Factors –…Protocols

2 Areas for Protection Privacy Data Integrity Authentication/Access Control Denial of Service

3 Regulations and Standards Computer Crime Laws Encryption Government as “Big Brother”

4 Security Threat, Value and Cost Tradeoffs Identify the Threats Set a Value on Information Add up the Costs (to secure) Cost < Value * Threat

5 Threats Hackers/Crackers (“Joyriders”) Criminals (Thieves) Rogue Programs (Viruses, Worms) Internal Personnel System Failures

6 Network Threats IP Address spoofing attacks TCP SYN Flood attacks Random port scanning of internal systems Snooping of network traffic SMTP Buffer overrun attacks

7 Network Threats (cont.) SMTP backdoor command attacks Information leakage attacks via finger, echo, ping, and traceroute commands Attacks via download of Java and ActiveX scripts TCP Session Hijacking TCP Sequence Number Prediction Attacks

8 Threat, Value and Cost Tradeoffs Operations Security Host Security Firewalls Cryptography: Encryption/Authentication Monitoring/Audit Trails

9 Host Security Security versus Performance & Functionality Unix, Windows NT, MVS, etc PCs “Security Through Obscurity” 

10 Host Security (cont) Programs Configuration Regression Testing

11 Network Security Traffic Control Not a replacement for Host-based mechanisms Firewalls and Monitoring, Encryption Choke Points & Performance

12 Access Control Host-based: –Passwords, etc. –Directory Rights –Access Control Lists –Superusers  Network-based: –Address Based –Filters –Encryption –Path Selection

13 Network Security and Privacy Protecting data from being read by unauthorized persons. Preventing unauthorized persons from inserting and deleting messages. Verifying the sender of each message. Allowing electronic signatures on documents.

14 FIREWALLS Prevent against attacks Access Control Authentication Logging Notifications

15 Types of Firewalls Packet Filters –Network Layer Stateful Packet Filters –Network Level Circuit-Level Gateways –Session Level Application Gateways –Application Level Presentation Transport Network Session Data Link Physical Application

16 Packet Level Sometimes part of router TAMU “Drawbridge” Campus ROTW RouterDrawbridge

17 Circuit Level Dedicated Host Socket Interfaces ROTW Local FW

18 Application Level Needs a dedicated host Special Software most everywhere telnet ROTW Firewall

19 Firewall Installation Issues DNS Router FTPWebMail INTERNET

20 Firewall Installation Issues DNS Problems Web Server FTP Server Mail Server Mobile Users Performance

21 Address Transparency Need to make some addresses visible to external hosts. Firewall lets external hosts connect as if firewall was not there. Firewall still performs authentication

22 Network Address Translation Firewall Internet Gateway

23 Network Address Translation ftpd TCP IP Data Link Hardware ftp TCP IP Data Link Hardware proxy ftp TCP IP Data Link Hardware gw control Host A: Internal HostGateway HostHost B: External Host DatagramAGWDatagramAB

24 IP Packet Handling Disables IP Packet Forwarding Cannot function as a insecure router eg. ping packets will not be passed Fail Safe rather than Fail Open Only access is through proxies

25 DNS Proxy Security finance.xyz.commarketing.xyz.comsales.xyz.com Eagle Gateway eagle.xyz.com DNSd INTERNET External DNS Server

26 INTERNET Virtual Private Tunnels Hello Encapsulate Authenticate Encrypt Decapsulate Authenticate Decrypt Creates a “ Virtual Private Network “

27 VPN Secure Tunnels Two types of Tunnels supported –SwIPe and IPsec tunnels Encryption –DES, triple DES and RC2 Secret key used for used for authenticatio and encryption Trusted hosts are allowed to use the tunnel on both ends

28 Designing DMZ’s INTERNET Web FTP Mail DMZ Screening Router Company Intranet

29 Firewall Design Project Wide Area Router Dallas Raptor Remote Hawk Console INTERNET Mail Server San Jose Raptor Eagle File Server Internet Router

30 Monitoring Many tools exist for capturing network traffic. Other tools can analyze captured traffic for “bad” things. Few tools are real-time.

31 Summary Security must be comprehensive to be effective. Remember threat, value, cost when implementing a system. Security is achievable, but never 100%. Make your system fault tolerant.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.