1 / 34

SECURING NETWORK COMMUNICATION

Chapter 9. SECURING NETWORK COMMUNICATION. OVERVIEW. List the major threats to network communications. Describe the functions of Internet Protocol Security (IPSec). Understand the functions and architecture of the IPSec protocols.

lilith
Télécharger la présentation

SECURING NETWORK COMMUNICATION

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Chapter 9 SECURINGNETWORK COMMUNICATION

  2. Chapter 9: SECURING NETWORK COMMUNICATION OVERVIEW • List the major threats to network communications. • Describe the functions of Internet Protocol Security (IPSec). • Understand the functions and architecture of the IPSec protocols. • List the components of a Microsoft Windows Server 2003 IPSec implementation. • List the default IPSec policies included in Windows Server 2003 and their applications.

  3. Chapter 9: SECURING NETWORK COMMUNICATION OVERVIEW (CONTINUED) • Understand the functions of an IPSec policy’s components. • Use the IP Security Policies snap-in to manage IPSec policies. • List the standards that define common wireless local area network (WLAN) technologies. • Describe the security problems inherent in wireless networking. • List the mechanisms that WLANs running IEEE 802.11 based on the Microsoft Windows operating system can use to authenticate clients and encrypt transmitted data.

  4. Chapter 9: SECURING NETWORK COMMUNICATION PLANNING AN IPSec IMPLEMENTATION • Network traffic normally traverses the network unencrypted. • If someone captures traffic from the network, it can be easily viewed. • IPSec extensions are a means of securing the actual network communications.

  5. Chapter 9: SECURING NETWORK COMMUNICATION POTENTIAL THREATS

  6. Chapter 9: SECURING NETWORK COMMUNICATION INTRODUCING NETWORKSECURITY PROTOCOLS

  7. Chapter 9: SECURING NETWORK COMMUNICATION PROTECTING DATA WITH IPSec • IPSec protects data by digitally signing and encrypting it before transmission. • IPSec operates as an extension to Internet Protocol (IP) and provides end-to-end encryption. • IPSec can encrypt any traffic that takes the form of IP datagrams, no matter what kind of information is inside them.

  8. Chapter 9: SECURING NETWORK COMMUNICATION IPSec FUNCTIONS • IPSec performs a number of security functions, including key generation, cryptographic checksums, mutual authentication, replay prevention, and IP packet filtering. • Using IPSec prevents viewing, changing, or deleting data in a packet. • IPSec also prevents IP address spoofing.

  9. Chapter 9: SECURING NETWORK COMMUNICATION IPSec PROTOCOLS The IPSec standards define two protocols: • IP Authentication Header (AH) • IP Encapsulating Security Payload (ESP)

  10. Chapter 9: SECURING NETWORK COMMUNICATION IP AUTHENTICATION HEADER IP Authentication Header protocol: • Does not encrypt the data in IP packets, but it does provide authentication, anti-replay, and integrity services • Ensures that no one has modified the packets en route, and that the packets did actually originate at the system identified by the packet’s source IP address

  11. Chapter 9: SECURING NETWORK COMMUNICATION IP ENCAPSULATING SECURITY PAYLOAD: • IP Encapsulating Security Payload • Prevents unauthorized people from being able to read information in packets by encrypting the data • Provides authentication, integrity, and antireplay services • Although AH and ESP perform some of the same functions, using both protocols provides the maximum possible security for a data transmission.

  12. Chapter 9: SECURING NETWORK COMMUNICATION TRANSPORT MODE AND TUNNEL MODE • IPSec can operate in two modes: transport mode andtunnel mode. • Transport mode is used between IPSec-enabled computers. • Tunnel mode is used between IPSec-enabled routers.

  13. Chapter 9: SECURING NETWORK COMMUNICATION DEPLOYING IPSec • All versions of the Windows operating system since Windows 2000 support IPSec. • IPSec policiesdefine when and how systems should use IPSec. • IPSec implementations on Windows Server 2003 should be compatible with IPSec implementations on other operating systems that conform to Internet Engineering Task Force (IETF) standards.

  14. Chapter 9: SECURING NETWORK COMMUNICATION IPSec COMPONENTS IPSec in Windows Server 2003 consists of the following components: • IPSec policy agent • Internet Key Exchange (IKE) • IPSec driver

  15. Chapter 9: SECURING NETWORK COMMUNICATION PLANNING AN IPSec DEPLOYMENT • Using IPSec creates additional network traffic. • Processor overhead associated with network communications also increases with IPSec deployment. • Backward compatibility must be considered because operating systems earlier than Windows 2000 do not support IPSec without the addition of third-party software.

  16. Chapter 9: SECURING NETWORK COMMUNICATION WORKING WITH IPSec POLICIES • IPSec policies are administered through the IP Security Policies Microsoft Management Console (MMC) snap-in. • IPSec policies define which traffic must be secured and which actions are performed on traffic that does or does not meet criteria. • Three IPSec policies are created by default. More can be created as required.

  17. Chapter 9: SECURING NETWORK COMMUNICATION USING THE DEFAULT IPSec POLICIES

  18. Chapter 9: SECURING NETWORK COMMUNICATION MODIFYING IPSec POLICIES IPSec policies consist of three elements: • Rules • IP filter lists • Filter actions

  19. Chapter 9: SECURING NETWORK COMMUNICATION COMMAND-LINE TOOLS • Netsh.exe • Netdiag.exe

  20. Chapter 9: SECURING NETWORK COMMUNICATION TROUBLESHOOTING IPSec There are two ways to ensure that IPSec is functioning: • Perform a packet capture of the network traffic. • Check the statistics node of the IPSec monitor.

  21. Chapter 9: SECURING NETWORK COMMUNICATION THE IP SECURITY MONITOR

  22. Chapter 9: SECURING NETWORK COMMUNICATION TROUBLESHOOT IPSec AUTHENTICATION There are three methods used toauthenticate an IPSec connection: • Preshared key authentication • Kerberos authentication • Certificate-based authentication

  23. Chapter 9: SECURING NETWORK COMMUNICATION SECURING A WIRELESS NETWORK • Wireless networks are becoming increasingly popular. • Related hardware is becoming more affordable. • Wireless networks present more and different security challenges than their wired counterparts.

  24. Chapter 9: SECURING NETWORK COMMUNICATION UNDERSTANDING WIRELESS NETWORKING STANDARDS • Wireless networking standards are developed and ratified by the Institute of Electrical and Electronics Engineers (IEEE). • Three standards have been defined: • 802.11b: Offers speeds up to 11 megabits per second (Mbps) • 802.11a: In development. Uses different frequency ranges than 802.11b. Offers speeds up to 54 Mbps • 802.11g: Uses the same frequency ranges as 802.11b. Offers speeds up to 54 Mbps

  25. Chapter 9: SECURING NETWORK COMMUNICATION WIRELESS NETWORKING TOPOLOGIES

  26. Chapter 9: SECURING NETWORK COMMUNICATION UNDERSTANDING WIRELESS NETWORK SECURITY • Wireless networks present security risks that are not present when using traditional wired networks. • Logical security becomes of paramount concern because physical security measures are not necessarily preventative. • Two main concerns when using wireless networks are unauthorized access and data interception.

  27. Chapter 9: SECURING NETWORK COMMUNICATION CONTROLLING WIRELESS ACCESS USING GROUP POLICIES

  28. Chapter 9: SECURING NETWORK COMMUNICATION AUTHENTICATING USERS • Open System authentication • Shared Key authentication • IEEE 802.1x authentication

  29. Chapter 9: SECURING NETWORK COMMUNICATION OPEN SYSTEM AUTHENTICATION • Open System authentication is the default authentication method used by IEEE 802.11 devices. • Despite the name, it offers no actual authentication. • A device configured to use Open System authentication will not refuse authentication to another device.

  30. Chapter 9: SECURING NETWORK COMMUNICATION SHARED KEY AUTHENTICATION • Devices authenticate each other using a secret key that both possess. • The key is shared before authentication using a secure channel. • All the computers in the same basic service set (BSS) must possess the same key.

  31. Chapter 9: SECURING NETWORK COMMUNICATION IEEE 802.1x AUTHENTICATION • The IEEE 802.1x standard defines a method of authenticating and authorizing users on any 802 local area network (LAN). • Most IEEE 802.1x implementations useRemote Authentication Dial-In User Service(RADIUS) servers. • RADIUS typically uses one of the following two authentication protocols: • Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) • Protected EAP-Microsoft Challenge Handshake Authentication Protocol version 2 (PEAP-MS-CHAP v2)

  32. Chapter 9: SECURING NETWORK COMMUNICATION ENCRYPTING WIRELESS TRAFFIC • The IEEE 802.11 standard uses an encryption mechanism called WEP to secure data while in transit. • WEP uses the RC4 cryptographic algorithm developed by RSA Security Inc. • WEP allows the key length, as well as the frequency with which the computers generate new keys, to be configured.

  33. Chapter 9: SECURING NETWORK COMMUNICATION SUMMARY • IPSec is a set of extensions to IP that provide protection for data as it is transmitted over the network. • IPSec can operate in transport mode or tunnel mode. • The IPSec implementation in Windows Server 2003 consists of the IPSec policy agent, IKE, and the IPSec driver. • Windows Server 2003 IPSec has three default policies. You can use these policies or create your own. • IPSec policies consist of rules, IP filter lists, and filter actions. A rule is a combination of an IP filter list and a filter action.

  34. Chapter 9: SECURING NETWORK COMMUNICATION SUMMARY (CONTINUED) • Incompatible configuration settings are a common cause of IPSec communication problems. • Most WLANs in use today are based on the 802.11 standards published by the IEEE. • To secure a wireless network, you must authenticate clients before they are granted network access and encrypt all packets transmitted over the wireless link. • To authenticate IEEE 802.11 wireless network clients, you can use Open System authentication, Shared Key authentication, or IEEE 802.1x. • To encrypt transmitted packets, the IEEE 802.11 standard defines the WEP mechanism.

More Related