Module 11: Designing Security for Network Perimeters.

Slides:



Advertisements
Similar presentations
Network Security Essentials Chapter 11
Advertisements

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Guide to Network Defense and Countermeasures Second Edition
FIREWALLS Chapter 11.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
1 Telstra in Confidence Managing Security for our Mobile Technology.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Firewall Configuration Strategies
Security+ Guide to Network Security Fundamentals
IS Network and Telecommunications Risks
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Essentials of Security Steve Lamb Technical Security Advisor
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Payment Card Industry (PCI) Data Security Standard
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Chapter 2 Information Security Overview The Executive Guide to Information Security manual.
Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.
NW Security and Firewalls Network Security
Intranet, Extranet, Firewall. Intranet and Extranet.
Network Security Essentials Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
1 Guide to Network Defense and Countermeasures Chapter 2.
Module 14: Configuring Server Security Compliance
Module 4: Configuring ISA Server as a Firewall. Overview Using ISA Server as a Firewall Examining Perimeter Networks and Templates Configuring System.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.
Module 7 Planning Server and Network Security. Module Overview Overview of Defense-in-Depth Planning for Windows Firewall with Advanced Security Planning.
Module 2: Installing and Maintaining ISA Server. Overview Installing ISA Server 2004 Choosing ISA Server Clients Installing and Configuring Firewall Clients.
System Security Basics. Information System Security The protection of information systems against unauthorized access to or modification of information,
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
NS-H /11041 Intruder. NS-H /11042 Intruders Three classes of intruders (hackers or crackers): –Masquerader –Misfeasor –Clandestine user.
IS Network and Telecommunications Risks Chapter Six.
Firewall – Survey Purpose of a Firewall – To allow ‘proper’ traffic and discard all other traffic Characteristic of a firewall – All traffic must go through.
Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.
Module 6: Integrating ISA Server 2004 and Microsoft Exchange Server.
Note1 (Admi1) Overview of administering security.
Module 6: Designing Security for Network Hosts
Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.
Firewall Security.
Module 7: Advanced Application and Web Filtering.
Module 9: Designing Security for Data. Overview Creating a Security Plan for Data Creating a Design for Security of Data.
Security fundamentals Topic 10 Securing the network perimeter.
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
Module 2: Designing Network Security
Firewall – Survey  Purpose of a Firewall  To allow ‘proper’ traffic and discard all other traffic  Characteristic of a firewall  All traffic must go.
Module 12: Implementing ISA Server 2004 Enterprise Edition: Back-to-Back Firewall Scenario.
Overview of Network Security. Network Security2 New Challenges 1.Security does not focus on a “product” only; it is a process and focuses on the whole.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Module 7: Designing Security for Accounts and Services.
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Module 5: Designing Physical Security for Network Resources
Security fundamentals
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
ISMS Information Security Management System
Firewalls Purpose of a Firewall Characteristic of a firewall
Firewalls Types of Firewalls Inspection Methods Firewall Architecture
Firewalls Jiang Long Spring 2002.
Implementing Client Security on Windows 2000 and Windows XP Level 150
Presentation transcript:

Module 11: Designing Security for Network Perimeters

Overview Creating a Security Plan for the Perimeter of a Network Creating a Design for Security of Network Perimeters

Lesson 1: Creating a Security Plan for the Perimeter of a Network MSF and Security of Network Perimeters Defense in Depth and Security of Network Perimeters Resources to Protect with Network Perimeters Security STRIDE Threat Model and Security of Network Perimeters

MSF and Security of Network Perimeters The MSF envisioning and planning phases help you to: Decide which locations your plan will help to protect Ensure that appropriate countermeasures are applied Identify your perimeter points. These can include: Direct Internet connections Dedicated WAN links Perimeter Networks VPN client computers Applications Wireless connections Decide which locations your plan will help to protect Ensure that appropriate countermeasures are applied Identify your perimeter points. These can include: Direct Internet connections Dedicated WAN links Perimeter Networks VPN client computers Applications Wireless connections Plan Envision

Defense in Depth and Security of Network Perimeters Policies, Procedures, and Awareness Physical Security Internal Network Application Host Data Perimeter

Resources to Protect with Network Perimeters Security AttackerThreatExample External Information disclosure An attacker runs a series of port scans on a network and creates a network diagram and vulnerability list. The attacker uses this information to systematically attack the network. Internal Denial of service An employee opens an from an external Web-based account that contains a new worm virus. The virus infects the internal network from inside the perimeter.

STRIDE Threat Model and Security of Network Perimeters Exposure of account information Spoofing Unauthorized access to data Tampering Unmanaged VPN client computers Repudiation Forgotten connections to the Internet Information disclosure worms Denial of service Unauthorized Web servers Elevation of privilege

Lesson 2: Creating a Design for Security of Network Perimeters Methods for Securing Network Perimeters Process for Designing Secure Perimeter Networks Methods for Securing Perimeter Networks Guidelines for Protecting Computers on the Perimeter

Methods for Securing Network Perimeters TypeDescription Bastion host Three-pronged configuration Back-to-back configuration

When designing secure screened subnets, determine: The services that you must provide How each service communicates with systems How each service authenticates users How you will manage each service How you will monitor and audit each service How you will configure firewall and router rules to secure the network The services that you must provide How each service communicates with systems How each service authenticates users How you will manage each service How you will monitor and audit each service How you will configure firewall and router rules to secure the network Process for Designing Secure Perimeter Networks

Implement the following security mechanisms on routers and firewalls: Methods for Securing Perimeter Networks Packet filtering Routing rules Stateful packet inspection Application gateway Server publishing User-based authentication Intrusion detection Packet filtering Routing rules Stateful packet inspection Application gateway Server publishing User-based authentication Intrusion detection

For traveling computers or traveling users, follow these guidelines: Use and maintain antivirus software Use personal firewall applications Do not persistently store passwords Consider preventing third-party applications Educate users about security Use and maintain antivirus software Use personal firewall applications Do not persistently store passwords Consider preventing third-party applications Educate users about security Guidelines for Protecting Computers on the Perimeter

Lab: Designing Security for Network Perimeters Exercise 1 Identifying Potential Perimeter Network Vulnerabilities Exercise 2 Implementing Countermeasures

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.