1 / 9

Network Security Principles & Practices

Network Security Principles & Practices. By Saadat Malik Cisco Press 2003. – Chapter 1 – Introduction to Network Security. Model of Network Security Process Elements of Network Security Policy Elements of Network Security Design Case Study. Elements of a Network Security Policy.

qamra
Télécharger la présentation

Network Security Principles & Practices

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Security Principles & Practices By Saadat Malik Cisco Press 2003

  2. – Chapter 1 – Introduction to Network Security • Model of Network Security Process • Elements of Network Security Policy • Elements of Network Security Design • Case Study Network Security

  3. Network Security

  4. Elements of a Network Security Policy • Based on FRC 2196 Site Security Handbook. B. Fraser. September 1997. (ftp://ftp.rfc-editor.org/in-notes/rfc2196.txt) • Computer technology purchasing guidelines – wrt security features • Privacy policy – emails, user data • Access policy – control of access to assets • Accountability policy – roles/responsibilities, auditing, incident handling Network Security

  5. Elements of a Network Security Policy (2) • Authentication policy (identity management) – passwords, remote authentication, smart cards • Availability statement – expected availability, QoS, hours • Maintenance policy for IT system & network – esp. remote admin, outsourcing • Violations reporting policy – types of violations, anonymous reporting? • Supporting information – point(s) of contact, publicity, company policies, … Network Security

  6. Network Security Design • Assets + Threats + Risks  Policies • Policies + Control measures (tools, procedures, etc.)  Design Network Security

  7. Elements of Network Security Design • Device security features Admin passwords, Secure Shell, … • Firewalls • VPN Client-server VPN, site-to-site VPN • IDS • AAA (Radius server) • Access control Access Control Lists, Committed Access Rate • And more … ? Network Security

  8. Case Study • pp. 12-21 • Exercise A: Draw a network diagram to show the network security design of Biotech, Inc. • Exercise B: In Table 1-1, three criteria (confidentiality, integrity, and availability) are used in constructing the ‘critical asset risk rating’ table. Add two more criteria, origin integrity and non-repudiability, into the table, and assign risk ratings to the two new columns. Justify your answer. Network Security

  9. Network Security Design:An Exercise • Refer to the paper “Design of Distributed Computer Security Lab”. Journal of Computing Sciences in Colleges. Volume 20, Issue 1. October 2004. http://sce.cl.uh.edu/yang/research/DCSL%20RMCCSC04.pdf • Task: The DCSL lab is currently located in Delta 140. A new Computer Security Lab (CSL) is to be added to Delta 158. The new lab will consist of 30 desktop computers, connected to a switch, through which a connection to the DCSL network is established. • Identify the assets. • Identify the threats. • Risk Analysis. • Devise security policies based on the requirements you have collected from the paper and from relevant personnel. • Draw a network security diagram to illustrate your design of the complete DCSL and CSL labs. Indicate what control measures are to be adopted to counter the threats. Network Security

More Related