Click to edit Master subtitle style Chapter 15: Physical Security and Risk.

Slides:



Advertisements
Similar presentations
CCENT Study Guide Chapter 12 Security.
Advertisements

5-Network Defenses Dr. John P. Abraham Professor UTPA.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Firewall Configuration Strategies
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
Chapter 12 Network Security.
5/4/01EMTM 5531 EMTM 553: E-commerce Systems Lecture 7b: Firewalls Insup Lee Department of Computer and Information Science University of Pennsylvania.
Intrusion Detection Systems and Practices
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Physical and Hardware Security Chapter 15 Networking Essentials Spring, 2013.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 5 Network Defenses.
Secure Network Design: Designing a Secure Local Area Network IT352 | Network Security |Najwa AlGhamdi1 Case Study
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
Computer Security Fundamentals by Chuck Easttom Chapter 9: Computer Security Software.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
1 Intrusion Detection Systems. 2 Intrusion Detection Intrusion is any use or attempted use of a system that exceeds authentication limits Intrusions are.
Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Intranet, Extranet, Firewall. Intranet and Extranet.
1 Guide to Network Defense and Countermeasures Chapter 2.
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.
Chapter 6: Packet Filtering
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Windows 7 Firewall.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Firewall Technologies Prepared by: Dalia Al Dabbagh Manar Abd Al- Rhman University of Palestine
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
Security fundamentals Topic 10 Securing the network perimeter.
Overview of Firewalls. Outline Objective Background Firewalls Software Firewall Hardware Firewall Demilitarized Zone (DMZ) Firewall Types Firewall Configuration.
Network Security Terms. Perimeter is the fortified boundary of the network that might include the following aspects: 1.Border routers 2.Firewalls 3.IDSs.
Role Of Network IDS in Network Perimeter Defense.
© ITT Educational Services, Inc. All rights reserved.Page 1 IS3220 Information Technology Infrastructure Security Class Agenda 1  Learning Objectives.
SYSTEM ADMINISTRATION Chapter 10 Public vs. Private Networks.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Chapter 14.  Upon completion of this chapter, you should be able to:  Identify different types of Intrusion Detection Systems and Prevention Systems.
Chapter 8.  Upon completion of this chapter, you should be able to:  Understand the purpose of a firewall  Name two types of firewalls  Identify common.
FIREWALLS By k.shivakumar 08k81f0025. CONTENTS Introduction. What is firewall? Hardware vs. software firewalls. Working of a software firewalls. Firewall.
25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.
Defining Network Infrastructure and Network Security Lesson 8.
Security fundamentals
Click to edit Master subtitle style
CompTIA Security+ Study Guide (SY0-401)
CCENT Study Guide Chapter 12 Security.
Click to edit Master subtitle style
Introduction to Networking
Introduction to Networking
CompTIA Security+ Study Guide (SY0-401)
6.6 Firewalls Packet Filter (=filtering router)
Digital Pacman: Firewall Edition
* Essential Network Security Book Slides.
Security+ Guide to Network Security Fundamentals, Third Edition
IS4680 Security Auditing for Compliance
Firewalls Chapter 8.
Introduction to Network Security
Presentation transcript:

Click to edit Master subtitle style Chapter 15: Physical Security and Risk

Chapter 15 Objectives The Following CompTIA Network+ Exam Objectives Are Covered in This Chapter: 1.1 Explain the functions and applications of various network devices IDS/IPS 2.4 Explain the importance of implementing network segmentation Honeypot/honeynet 3.1 Compare and contrast risk related concepts Disaster recovery Business continuity Battery backups/UPS First responders Data breach End user awareness and training Single point of failure o Critical nodes o Critical assets o Redundancy Adherence to standards and policies Vulnerability scanning Penetration testing 2

Chapter 15 Objectives (Cont) 3.4 Compare and contrast physical security controls Mantraps Network closets Video monitoring o IP cameras/CCTVs Door access controls Proximity readers/key fob Biometrics Keypad/cypher locks Security guard 3

Chapter 15 Objectives (Cont) 3.5 Given a scenario, install and configure a basic firewall Types of firewalls o Host-based o Network-based o Software vs hardware o Application aware/context aware o Small office/home office firewall o Stateful vs stateless inspection o UTM Settings/techniques o ACL o Virtual wire vs routed o DMZ o Implicit deny o Block/allow - Outbound traffic - Inbound traffic o Firewall placement - Internal/external 4

Using Hardware and Software Security Devices 5 In medium to large enterprise networks, strategies for security usually include some combination of internal and perimeter routers plus firewall devices. Internal routers provide added security by screening traffic to the more vulnerable parts of a corporate network though a wide array of strategic access lists. Internet Untrusted Network Perimeter (Premises) Router Firewall Internal (Local Network) Router DMZ Web Server Server Corporate (Trusted) Network

Firewalls 6 Firewalls are usually a combination of hardware and software. The hardware part is usually a router, but it can also be computer or a dedicated piece of hardware called a black box that has two Network Interface Cards (NICs) in it. One of the NICs connects to the public side, and the other one connects to the private side. The software part is configured to control how the firewall actually works to protect your network by scrutinizing each incoming and outgoing packet and rejecting any suspicious ones.

Firewalls 7 Network-Based Firewalls –A network-based firewall is used to protect private network from public networks. –This type of firewall is designed to protect an entire network of computers instead of just one system. –Usually a combination of hardware and software. Host-Based Firewalls –A host-based firewall is implemented on a single machine so it only protects that one machine. –Usually a software implementation.

Firewall Technologies 8 Access Control Lists (ACLs) –The first line of defense for any network that’s connected to the Internet are access control lists. –These reside on your routers and determine by IP addresses and/or ports which machines are allowed to use those routers and in what direction. Network B “Private” Network Network A “Public” Network A can access B, B can access if a secure authenticated connection is detected. Router

Port Security 9 Use port security to define a set of MAC addresses that are allowed to access a port where a sensitive device is located. Use is to set unused ports to only be available to a preconfigured set of MAC addresses.

Firewall Technologies 10 Demilitarized Zone (DMZ) –A demilitarized zone (DMZ) is a network segment that isn’t public or private but halfway between the two. Internet Server Web Server FTP Server Protected Intranet Server File & Print Server Internal Database & Web Server DMZ Switch Firewall Router

Firewall Technologies 11 Protocol Switching –Protocol switching protects data on the inside of a firewall TCP/IP Internet Protected Intranet Server File & Print Server Internal Database & Web Server IPX/SPX TCP/IP Both IPX/SPX Only Deadzone TCP/IP Only Router Firewall Switch Router Protocol switching occurs Inside the firewall. The first NIC understands TCP/IP only. The second NIC understands IPX/SPX only. TCP/IP Only

Firewall Technologies 12 Dynamic Packet Filtering –Packet filtering refers to the ability of a router or a firewall to discard packets that don’t meet the right criteria. Server sending packet #1239 Hacker attempts to get in using packet #1211 Client expecting Packet #1239 Session between A & B: Last packet #1238 Next packet #1239 Hacker is denied access because the state list says the firewall should expect packet #1239 next, but instead It is receiving #1211, so it rejects the packet. Firewall State List X

Firewall Technologies 13 Proxy Services –Proxies act on behalf of the whole network to completely separate packets from internal hosts and external hosts. Web Server Discarded HTTP Proxy Server Internet A proxy receives a request from a client and makes the request on behalf of the client. This example shows an HTTP proxy server. From Proxy From Server From A Data A

Firewall Technologies 14 Firewalls at the Application Layer vs. the Network Layer –Stateful vs Stateless Network-Layer Firewalls –Application-Layer Firewalls Scanning Services and Other Firewall Features Key Default Scanning Settings

Firewall Technologies 15 Content Filtering –Content filtering means blocking data based on the content of the data rather than the source of the data Signature Identification –Firewalls can also stop attacks and problems through a process called signature identification. –Viruses that are known will have a signature, which is a particular pattern of data, within them.

Figure 15.7

Chapter 15 Internet Options Security tab Figure 15.8

Chapter 15 Adding a trusted site Figure 15.9

Chapter 15 Custom security settings Figure 15.10

Intrusion-Detection and Intrusion-Prevention Systems 20 Firewalls are designed to block nasty traffic from entering your network, but IDS is more of an auditing tool: It keeps track of all activity on your network so you can see if someone has been trespassing Attack underway IDS analysis Response Looks for misuse or known attack signatures Firewall Network IDS Attack Signature & Misuse Database

Intrusion-Detection and Intrusion-Prevention Systems 21 Network-Based IDS –The most common implementation of a detection system is a network-based IDS (NIDS). –The IDS system is a separate device attached to the network via a machine like a switch or directly via a tap. Internet Hub or Tap Connection Firewall IDS Secured Management Channel

Intrusion-Detection and Intrusion-Prevention Systems 22 Changing network configuration –An IDS can close the port either temporarily or permanently. –If the IDS closes ports, legitimate traffic may not be able to get through either, but it will definitely stop the attack. IDS Command (Close 80, 60 Seconds) Internet 1 Port 80 attack Sensor Firewall Alert Detected 2 3 Attack occurs IDS analysis/responses Port 80 closed IDS Closing Port 80 for 60 Seconds Client

Intrusion-Detection and Intrusion-Prevention Systems 23 Deceiving the attacker –Trick the attacker into thinking their attack is really working when it’s not. –The system logs information, trying to pinpoint who’s behind the attack and which methods they’re using. –A honeypot is a device or sever which the hacker is directed to; it’s intended keep their interest long enough to gather enough information to identify them and their attack method. X Attack occurs Analysis/response Reroute network traffic Network Attack IDS Alert Detected Honeypot Client Firewall

Vulnerability Scanners 24 NESSUS –Propriety vulnerability scanning program that requires a license to use commercially yet is the single most popular scanning program in use NMAP –Originally intended to simply identify devices on the network for the purpose of creating a network diagram, its functionality has evolved

VPN Concentrators 25 A VPN concentrator is a device that creates remote access for virtual private networks (VPNs) either for users logging in remotely or for a large site-to-site VPN. In contrast to standard remote-access connections, remote-access VPNs often allow higher data throughput and provide encryption. Cisco produces VPN concentrators that support anywhere from 100 users up to 10,000 simultaneous remote-access connections.

Understanding Problems Affecting Device Security 26 Physical Security –Physical Barriers –Security Zones

Figure 15.17

Understanding Problems Affecting Device Security 28 Logical Security Configurations –Ensure your network has an outside barrier and/or a perimeter defense. –Have a solid firewall, and it’s best to have an IDS or IPS of some sort as well.

Chapter 15 Network perimeter defense Figure Internet Router Firewall IDS Local Network

Chapter 15 Network divided into security zones Figure Internet Administration Network Zone 1 Production Network Zone 2 Sales Network Zone 3 Private Network Accounting Network Router

Understanding Problems Affecting Device Security 31 Maybe traffic is heavy, and you need to break up physical segments. Perhaps different groups are in different buildings or on different floors of a building, and you want to effectively segment them. Border Router Firewall IDS PCs Zone 3 Router Zone 2 Router Zone 1 Router

Figure 15.21

Figure 15.22

Figure 15.23

Figure 15.24

Summary 36 Summary Exam Essentials Section Written Labs Review Questions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.