Presentation is loading. Please wait.

Presentation is loading. Please wait.

Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS."— Presentation transcript:

1

2 Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS

3 S ECURITY : DESIGN Factors -Affordances (E-Commerce) -Remote-Access Services -Business partners Top-Down Approach -Customer development

4 S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

5 S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

6 Identify network assets Network Hosts OS Applications Data Internetworking Devices Routers Switches Network Data Other Trade Secrets Company Reputation

7 S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

8 Analyze security risks E XPERT I NTRUDERS ANDE ND U SERS

9 S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

10 Analyze security requirements and tradeoffs Affordability Usability Performance Availability Manageability Tradeoffs Packet Filters/Data Encryption

11 S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

12 Develop a security plan Resources (time/people) How will users/managers be involved? Is there a need for specialized Administrators? Will you be training on Security Policies and Procedures?

13 S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

14 Define a security policy According to RFC 2196, "Site Security Handbook:" “A security policy is a formal statement of the rules by which people who are given access to an organization's technology and information assets must abide.” Personnel Components Access Accountability Authentication Computer-technology guidelines

15 S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

16 Develop procedures for applying security policies There’s been an attack… OMG!!!!! Separate Procedures Users Network Admin Security Admin Training?

17 S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

18 S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

19 S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

20 S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

21 S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

22 S ECURITY : DESIGN Identify network assets. Analyze security risks. Analyze security requirements and tradeoffs. Develop a security plan. Define a security policy. Develop procedures for applying security policies. Develop a technical implementation strategy. Achieve buy-in from users, managers, and technical staff. Train users, managers, and technical staff. Implement the technical strategy and security procedures. Test the security and update it if any problems are found. Maintain security.

23 Maintain security Reading Logs Responding to incidents Staying current with security standards (hardware/software) Updating the plan and policy

24 S ECURITY : M ECHANISMS Physical Security Authentication Authorization Accounting/Auditing Data Encryption Packet Filters Firewalls Intrusion Detection Intrusion Prevention

25 S ECURITY : M ECHANISMS Physical Security Authentication Authorization Accounting/Auditing Data Encryption Packet Filters Firewalls Intrusion Detection Intrusion Prevention Equipment Natural Disasters

26 S ECURITY : M ECHANISMS Physical Security Authentication Authorization Accounting/Auditing Data Encryption Packet Filters Firewalls Intrusion Detection Intrusion Prevention Something the user knows Something the user has Something the user is

27 S ECURITY : M ECHANISMS Physical Security Authentication Authorization Accounting/Auditing Data Encryption Packet Filters Firewalls Intrusion Detection Intrusion Prevention Privileges

28 S ECURITY : M ECHANISMS Physical Security Authentication Authorization Accounting/Auditing Data Encryption Packet Filters Firewalls Intrusion Detection Intrusion Prevention Logging tasks

29 S ECURITY : M ECHANISMS Physical Security Authentication Authorization Accounting/Auditing Data Encryption Packet Filters Firewalls Intrusion Detection Intrusion Prevention Yeah yeah yeah…

30 S ECURITY : M ECHANISMS Physical Security Authentication Authorization Accounting/Auditing Data Encryption Packet Filters Firewalls Intrusion Detection Intrusion Prevention Uses Authentication and Authorization methods

31 S ECURITY : M ECHANISMS Physical Security Authentication Authorization Accounting/Auditing Data Encryption Packet Filters Firewalls Intrusion Detection Intrusion Prevention Enforce Enterprise to Internet

32 S ECURITY : M ECHANISMS Physical Security Authentication Authorization Accounting/Auditing Data Encryption Packet Filters Firewalls Intrusion Detection Intrusion Prevention (IDS) Notification (IPS) Traffic Blocker

33 S WEET A CTING

Download ppt "Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS."

Similar presentations

SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.

SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.

© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.
Factors to be taken into account when designing ICT Security Policies

Factors to be taken into account when designing ICT Security Policies
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.

Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Network security policy: best practices

Network security policy: best practices
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.

Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.
CIS460 – NETWORK ANALYSIS AND DESIGN

CIS460 – NETWORK ANALYSIS AND DESIGN
Security Guide for Interconnecting Information Technology Systems

Security Guide for Interconnecting Information Technology Systems
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Chapter 2 Information Security Overview The Executive Guide to Information Security manual.

Chapter 2 Information Security Overview The Executive Guide to Information Security manual.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Intranet, Extranet, Firewall. Intranet and Extranet.

Intranet, Extranet, Firewall. Intranet and Extranet.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Similar presentations

Ads by Google