Presentation is loading. Please wait.

Presentation is loading. Please wait.

SECURING NETWORK TRAFFIC WITH IPSEC

Published byShawn Jones Modified over 5 years ago

Similar presentations

Presentation on theme: "SECURING NETWORK TRAFFIC WITH IPSEC"— Presentation transcript:

1 SECURING NETWORK TRAFFIC WITH IPSEC
Chapter 6 SECURING NETWORK TRAFFIC WITH IPSEC Briefly describe the topics covered in the chapter. Refer to the objectives list at the beginning of Chapter 6.

2 Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC
GOALS OF IPSEC Protects the contents of IP packets Provides defense against network attacks Explain the goals of Internet Protocol Security (IPSec) and how these functions can be used to protect network traffic and provide a method of controlling traffic.

3 PROTECTING AGAINST SECURITY ATTACKS
Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC PROTECTING AGAINST SECURITY ATTACKS T y p e o f A t a c k D s r i n Packet sniffing Attackers use an application or device (packet sniffer) that monitors or reads network packets to capture network data. Data modification Attackers modify data in transit and send counterfeit data. Identity spoofing Attackers falsify identities, use stolen passwords, or attempt to break passwords. Man-in-the-middle attacks Attackers monitor, capture, and control data between communicating hosts. Denial of service ( DoS) attacks Attackers prevent normal use of network resources. Explain each of the potential security attacks and which features of IPSec can be used to protect a network against each type of attack.

4 Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC
WHAT IS IPSEC? IPSec is an architectural framework that provides cryptographic security services for IP packets. Discuss the definition of IPSec and explain that only the communicating peers are aware of IPSec’s use in most situations. Explain how IPSec can be used in local area networks (LANs), wide area networks (WANs), or remote access environments.

5 IPSEC SECURITY FEATURES
Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC IPSEC SECURITY FEATURES Automatic security association (SA) IP packet filtering Network layer security Peer authentication Data origin authentication Data integrity Data confidentiality Anti-replay Key management Explain each of these security features. Discuss how IPSec can provide these types of protection.

6 NEW IPSEC FEATURES IN MICROSOFT WINDOWS SERVER 2003
Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC NEW IPSEC FEATURES IN MICROSOFT WINDOWS SERVER 2003 The IP Security Monitor snap-in Stronger cryptographic master key The Netsh command-line tool Computer startup security Persistent policies Improved IPSec functionality over Network Address Translation (NAT) Improved load balancing Resultant Set of Policies (RSoP) Discuss the function of each of these features, emphasizing how the features improve or enhance IPSec functionality in Windows Server 2003.

7 Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC
IPSEC PROTOCOLS Authentication Header (AH) Encapsulating Security Payload (ESP) Explain the purpose of AH and ESP. Discuss how ESP can work with AH or how it can stand alone.

8 Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC
IPSEC MODES Transport mode Tunnel mode Explain the function of each mode. Discuss the requirements for each mode. Explain that the transport mode cannot be used if IPSec traffic crosses a NAT interface.

9 SECURITY ASSOCIATIONS (SAs)
Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC SECURITY ASSOCIATIONS (SAs) Internet Security Association and Key Management Protocol (ISAKMP) IPSec Security Parameters Index (SPI) Discuss main mode SA and quick mode SA. Explain that both are created for IPSec peers to communicate securely. Explain how the SPI is used to track the usage of SAs.

10 INTERNET KEY EXCHANGE (IKE)
Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC INTERNET KEY EXCHANGE (IKE) Oakley Key Determination Protocol Diffie-Hellman key exchange Dynamic rekeying Discuss the IKE process and the features that Windows Server 2003 supports.

11 IPSEC POLICY AGENT SERVICE
Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC IPSEC POLICY AGENT SERVICE Explain the IPSec Policy Agent service. Discuss how the IPSec Policy Agent service works in a domain environment and on a stand-alone computer.

12 Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC
IPSEC DRIVER Explain how the IPSec driver and the IPSec Policy Agent service work together to filter packets.

13 SECURITY NEGOTIATION PROCESS
Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC SECURITY NEGOTIATION PROCESS Explain main mode negotiation and quick mode negotiation. Mention that main mode negotiation creates the ISAKMP SA and quick mode negotiation creates the IPSec SA.

14 IPSEC SECURITY POLICIES
Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC IPSEC SECURITY POLICIES Demonstrate how to access the IPSec security policy settings, and discuss the options that are available for assigning security policies to a user, a group, an application, a domain, a site, or a global enterprise.

15 COMPONENTS OF IPSEC POLICIES
Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC COMPONENTS OF IPSEC POLICIES Tunnel settings IP address of the tunnel endpoint Network type Type of connection affected by the IPSec policy IP filter Subset of network traffic based on IP address, port, and transport protocol IP filter list The concatenation of one or more IP filters defining a range of network traffic Filter action How the IPSec driver should secure network traffic Authentication method Security algorithm used for authentication and key exchanges Discuss each of the components of security policy. If possible, demonstrate how to configure these settings.

16 DEFAULT IPSEC SECURITY POLICIES
Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC DEFAULT IPSEC SECURITY POLICIES Server (Request Security) Client (Respond Only) Secure Server (Require Security) Open the local IP Security Policy screen. Explain each of the default IP security policy settings. From the Action button, go through the steps to create a new IP security policy. Explain what the default response rule is.

17 DEPLOYING IPSEC POLICIES
Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC DEPLOYING IPSEC POLICIES Using local policies Using the Active Directory directory service Mixed-mode environment Persistent policies Explain how IPSec can be deployed on a local computer that is not part of a domain and to computers or groups of computers that are members of an Active Directory domain. Emphasize that Active Directory–based IPSec policy overrides local IPSec policy. Discuss persistent policies. Explain how they can be used to secure the computer startup process.

18 IMPLEMENTING IPSEC USING CERTIFICATES
Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC IMPLEMENTING IPSEC USING CERTIFICATES X.509 certificates Role of a certification authority (CA) Explain that the X.509 certificate provides a method of secure communication between two hosts that do not share the same authentication protocol. Discuss the role of the CA in a public key infrastructure (PKI).

19 CONFIGURING IPSEC TO USE A CERTIFICATE
Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC CONFIGURING IPSEC TO USE A CERTIFICATE Demonstrate how to edit IPSec security policy to use certificates.

20 Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC
IPSEC AND NAT Problems associated with IPSec and NAT IKE over NAT Discuss the issues that must be resolved for IPSec traffic to cross a NAT interface. Explain how Windows Server 2003 overcomes the obstacles associated with using NAT in an IPSec environment.

21 MONITORING IPSEC USING IP SECURITY MONITOR
Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC MONITORING IPSEC USING IP SECURITY MONITOR Discuss how IP Security Monitor can be used to monitor IPSec traffic on a network. Demonstrate how to open IP Security Monitor, and discuss the options that are available under main mode and quick mode. Explain how RSoP can also be used to display IPSec policies that are assigned but not applied to IPSec clients.

22 IPSEC-RELATED EVENTS IN EVENT VIEWER
Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC IPSEC-RELATED EVENTS IN EVENT VIEWER Explain the types of IPSec-related events that can be viewed using the System log in Event Viewer. Demonstrate and explain how the Oakley log can be used to view the details of the SA process. Remind students to be very careful when making changes to the registry.

23 USING NETSH AND NETDIAG TO MANAGE AND MONITOR IPSEC
Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC USING NETSH AND NETDIAG TO MANAGE AND MONITOR IPSEC Demonstrate how to use the Netsh command-line tool to view and monitor IPSec. Explain static mode and dynamic mode. Remind students that Netsh is available only in Windows Server 2003. Demonstrate how to use Netdiag to display IPSec information. Explain that Netdiag is available for Microsoft Windows 2000 and later operating systems. It is included in Windows Server 2003 Support Tools.

24 Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC
SUMMARY The purpose and features of IPSec in a Windows Server 2003 environment IPSec protocols—AH and ESP IPSec modes—transport and tunnel SAs IKE IPSec Policy Agent

25 Chapter 6: SECURING NETWORK TRAFFIC WITH IPSEC
SUMMARY (continued) IPSec security policies Deploying IPSec security policies IPSec and NAT Tools for managing and monitoring IPSec

Download ppt "SECURING NETWORK TRAFFIC WITH IPSEC"

Similar presentations

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.

Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.
NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT 09.11.2005.

NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT
IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.

IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.

IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
Internet Protocol Security (IPSec)

Internet Protocol Security (IPSec)
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Network Security 2 Module 6 – Configure Remote Access VPN.

© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Network Security 2 Module 6 – Configure Remote Access VPN.
Security Data Transmission and Authentication

Security Data Transmission and Authentication
What is in Presentation What is IPsec Why is IPsec Important IPsec Protocols IPsec Architecture How to Implement IPsec in linux.

What is in Presentation What is IPsec Why is IPsec Important IPsec Protocols IPsec Architecture How to Implement IPsec in linux.
Chapter 6 Configuring, Monitoring & Troubleshooting IPsec

Chapter 6 Configuring, Monitoring & Troubleshooting IPsec
Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.

Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.
Protocol Basics. IPSec Provides two modes of protection –Tunnel Mode –Transport Mode Authentication and Integrity Confidentiality Replay Protection.

Protocol Basics. IPSec Provides two modes of protection –Tunnel Mode –Transport Mode Authentication and Integrity Confidentiality Replay Protection.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 9: Securing Network Traffic Using IPSec.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 9: Securing Network Traffic Using IPSec.
1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.

1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.

Similar presentations

Ads by Google