Presentation is loading. Please wait.

Presentation is loading. Please wait.

Physical and Hardware Security Chapter 15 Networking Essentials Spring, 2013.

Published byCaroline Lambert Modified over 9 years ago

Similar presentations

Presentation on theme: "Physical and Hardware Security Chapter 15 Networking Essentials Spring, 2013."— Presentation transcript:

1

2 Physical and Hardware Security Chapter 15 Networking Essentials Spring, 2013

3 Defining Firewalls Firewalls are a combination of ___ & ___ What is a “black box?” (p. 502) Default deny or default allow – which one?

4 Types of Firewalls Network-based firewalls protect __ from __. Host-based firewalls protect ____.

5 Access Control Lists How they are processed Lines are compared in sequential order After a match is made, ACL is exited Implicit deny at the end – why? Standard ACLs vs Extended ACLs Inbound vs outbound ACLs

6 Ways to make things more secure DMZ - Image on page 507 Protocol switching – shift to IPX – why? Proxy Services IP proxy Web proxy FTP proxy SMTP proxy

7 More Firewall Stuff Network Layer Firewalls Stateful – Stateless – Application Layer Firewalls Slower, because they …

8 Scanning Services Default Scanning Settings:

9 Filtering for Content Common things to filter:

10 Local Browser Settings Zones Trusted Sites Customizing Settings

11 Intrusion Detection Systems (IDS) More of a watchdog than a firewall Can be software or an actual device Passive responses: (honeypot) -

12 VPN Concentrators Like a firewall, but made for VPNs Allows for higher-speed throughput Allows for encryption

13 Problems Affecting Device Security Physical security – where to keep stuff Climate conditions – Three barriers to your server – Security zones ID Badges

14 Logical Security Configurations Logging On Locally Only administrator can log onto server Administrator must log on locally – why?

15 Access-Control Principles Utilize implicit denies (UNIX) -.allow file (UNIX) -.deny file Least-privilege model Separate administrative duties Rotate administrator jobs

16 Access Control Methods Mandatory Access Control (MAC) Model … Discretionary Access Control (DAC) … Role-Based Access Control (RBAC) … Rule-Based Access Control (RBAC) …

17 Unsecure Protocols (UNIX) –

18 Secure Protocols

19

Download ppt "Physical and Hardware Security Chapter 15 Networking Essentials Spring, 2013."

Similar presentations

5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.

Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.

Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
NESCOT CATC1 Access Control Lists CCNA 2 v3 – Module 11.

NESCOT CATC1 Access Control Lists CCNA 2 v3 – Module 11.
J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 7 Network Perimeter Security.

J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 7 Network Perimeter Security.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology. BRUCE SCHNEIER,

If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology. BRUCE SCHNEIER,
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.
Computer Security Fundamentals by Chuck Easttom Chapter 9: Computer Security Software.

Computer Security Fundamentals by Chuck Easttom Chapter 9: Computer Security Software.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
1 Intrusion Detection Systems. 2 Intrusion Detection Intrusion is any use or attempted use of a system that exceeds authentication limits Intrusions are.

1 Intrusion Detection Systems. 2 Intrusion Detection Intrusion is any use or attempted use of a system that exceeds authentication limits Intrusions are.
Intrusion Protection Mark Shtern. Protection systems Firewalls Intrusion detection and protection systems Honeypots System Auditing.

Intrusion Protection Mark Shtern. Protection systems Firewalls Intrusion detection and protection systems Honeypots System Auditing.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

Similar presentations

Ads by Google