1 / 13

Network Security

Network Security. Presented by : Brent Vignola. Material overview…. Basic security components that exist in all networks Authentication Firewall Intrusion prevention system Antivirus program Honeypots

walda
Télécharger la présentation

Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Security Presented by: Brent Vignola

  2. Material overview… • Basic security components that exist in all networks • Authentication • Firewall • Intrusion prevention system • Antivirus program • Honeypots • General locations where networks exist, the security required in each, and how to manage each • Homes • Small businesses • Large businesses • Schools • Government

  3. Basic security components:authentication • Establish as genuine • Authorize • Validate • Usually in the form of an ID and password • Example: • Ecom user name and password to log on to university computers

  4. Basic security components:firewall • Prevents unauthorized access to and from a network • Considered to be the first line of defense in protecting information on the network • Different methods of a firewall: • Packet-filter: examines every packet that enters and leaves the network • Application gateway: security directly to an application such as FTP • Circuit-level gateway: used while a connection is being established • Proxy server: improves network performance by filtering requests; all requests go through proxy before reaching the real network

  5. Basic security components:intrusion prevention system • Detection of malware that has entered the network and of suspicious activity on the network • Network-based IPS: • Designed to examine, identify, and report • For example: the IPS… • Examines the network • Identifies a worm on the network • Reports the finding to the user • Three types of the network-based IPS: • Content-based: examines each packet entering the network for any unique areas (called signatures) • Protocol analysis: decodes the protocol to find anything out of the norm • Rate-based: prevents Denial of Service attacks • DoS: malicious attack that is designed to bog-down the traffic

  6. Basic security components:antivirus program • Scans the files on the computer for viruses and malware • Two ways to scan: • Virus dictionary approach: keeps a database of known viruses • Suspicious behavior approach: monitors the performance of all programs • Once scan is complete there are 3 options to fix files: • Repair the file: removes the virus portion of the file • Remove the file: removing the file completely if repairing cannot be done • Quarantine the file: “cover” the file so the virus cannot spread to other files and so the file cannot be accessed by other programs

  7. Basic security components:honeypot • Decoy on the network • Used to distract attackers from the actual network • May look like the actual network • May “appear” to have valuable information • Most of the time it is a computer • But may be: • An unused IP address • Files • Data records • Two types: • Production: help alleviate the risk to a business • Research: learn how and why attackers enter the network

  8. Network locations:homes • Simplest network • Lowest level of security • Basic firewall • Basic Antivirus program • Strong password for wireless connection • Wireless connection should be set to at least WPA or WPA2

  9. Network locations:small businesses • More complex than home networks • Higher level of security than home networks • Stronger firewall and Antivirus program than home networks • Similarity with home network: • Strong password for wireless connection • Strong authentication method: • ID and password for employees • Password should be updated on a monthly basis • Packet analyzer should be implemented: • Examines each packet that enters the network and analyzes its content • Increase employee awareness of physical security: • Log-off computers; shut-down computers; lock office doors

  10. Network locations:large businesses • Similarities with small business networks: • Strong firewall and Antivirus program • Strong password for authentication and wireless devices • Implementation of packet analyzer • Increase employee awareness of physical security • Additional security: • Proxy server: implemented to improve performance by filtering requests • Authentication: passwords should be updated bi-weekly • Physical security: • install cameras around premises • Place fire extinguishers are sensitive material • Hire security guards • Put a fence around the parameter of the property

  11. Network locations:schools • Network is unique because students need to be able to access it both on-campus and off-campus • Strong, but flexible firewall and proxy • Schools’ faculty should have responsibility of supervising the access of indecent websites • Children’s Internet Protection Act (CIPA) signed into law in December 2000: • protect students from viewing inappropriate content on the internet such as pornography • Filtering software on the internet browser • One similarity with other networks: • strong Antivirus program

  12. Network locations:government • Highest security and most complex • Strongest: Firewall; Proxy; Antivirus program • Strong encryption: • usually 256 bit key • Hides the information with a key • Example: used by military for covert operations • Wireless connection: • Only selected people can access the network (President) • Area should be limited to the government property (White House) • Network should be invisible to the outside

  13. THE END Any Questions?

More Related