Eric Van Horn Cosc 356.  Nearly every organization in todays era uses computers and a network to send, receive, and store information  Very important.

Slides:

Advertisements

Similar presentations

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

Advertisements

FIREWALLS Chapter 11.

5-Network Defenses Dr. John P. Abraham Professor UTPA.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Security+ Guide to Network Security Fundamentals, Third Edition

Chapter 12 Network Security.

N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 5 Network Defenses.

Guide to Computer Network Security

Department Of Computer Engineering

Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.

Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.

Penetration Testing Security Analysis and Advanced Tools: Snort.

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

Hacker Zombie Computer Reflectors Target.

Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

By : Himanshu Mishra Nimish Agarwal CPSC 624.  A system designed to prevent unauthorized access to or from a private network.  It must have at least.

BUSINESS B1 Information Security.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.

11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

Firewall Technologies Prepared by: Dalia Al Dabbagh Manar Abd Al- Rhman University of Palestine

Lanxin Ma Institute of High Energy physics (IHEP) Chinese Academy of Sciences September 30, 2004 CHEP 2004, Interlaken The Security Protection System at.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.

Firewalls  Firewall sits between the corporate network and the Internet Prevents unauthorized access from the InternetPrevents unauthorized access from.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.

Firewall Security.

Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.

Intrusion Detection System (IDS) Basics LTJG Lemuel S. Lawrence Presentation for IS Sept 2004.

Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.

1 Network Firewalls CSCI Web Security Spring 2003 Presented By Yasir Zahur.

1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.

Overview of Firewalls. Outline Objective Background Firewalls Software Firewall Hardware Firewall Demilitarized Zone (DMZ) Firewall Types Firewall Configuration.

Firewalls. Intro to Firewalls Basically a firewall is a barrier to keep destructive forces away from your computer network.

I NTRUSION P REVENTION S YSTEM (IPS). O UTLINE Introduction Objectives IPS’s Detection methods Classifications IPS vs. IDS IPS vs. Firewall.

Network Security Terms. Perimeter is the fortified boundary of the network that might include the following aspects: 1.Border routers 2.Firewalls 3.IDSs.

Role Of Network IDS in Network Perimeter Defense.

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

Some Great Open Source Intrusion Detection Systems (IDSs)

25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.

Defining Network Infrastructure and Network Security Lesson 8.

CS457 Introduction to Information Security Systems

CompTIA Security+ Study Guide (SY0-401)

Click to edit Master subtitle style

Introduction to Networking

Security in Networking

CompTIA Security+ Study Guide (SY0-401)

Security+ Guide to Network Security Fundamentals, Third Edition

Intrusion Detection system

AbbottLink™ - IP Address Overview

Introduction to Network Security

Test 3 review FTP & Cybersecurity

Presentation transcript:

Eric Van Horn Cosc 356

 Nearly every organization in todays era uses computers and a network to send, receive, and store information  Very important to focus on the security of the network, especially if the network contains sensitive, confidential, and personal information  Without being up to date, it makes it easy for a hacker to gain unauthorized access to the system

 Information security can be defined as “measures adopted to prevent the unauthorized use, misuse, modification, or denial of use of knowledge, facts, data, or capabilities.”  It is a name given to the preventative steps taken to guard information  Cannot alone guarantee protection

 Numerous methods to ensure security  Sub-netting  Planning for convergence  DMZ’s  Firewalls  Proxy Servers  Network intrusion detection systems  Network intrusion prevention systems

 Divides one network into a series of subnets  Splits the host IP address into two addresses  Network address ( )  Host address (20)

 The source of potential security issues can be located much quicker than on a large single network.  Makes regulating who has access in and out of a particular subnetwork much easier  Decreased network traffic

 The integration of voice and data traffic over a single IP network is becoming a more popular idea in today’s day in age.  Allows several different services to be combined and transferred in a single universal format  Advantages:  Moves from the traditional concept of a network to a more ‘slimmed down’ and efficient concept

 Still has a way to go security wise before being accepted as the standard  As with any traditional network, convergence networks, too, are vulnerable to attacks  Not currently the standard, but someday may be, and so it is important for a secure network design to be ready to convert easily and less chaotically

 Demilitarized zones (DMZ) are a good security measure to take.  If an organization has sensitive, private files that need to be protected while enabling some services of the network to outside “common” users.  DMZ is a separate network located outside the perimeter of the secured network.  Isolates devices and systems that are most vulnerable to attack  servers, web servers

 Users in a DMZ have access to things located within the DMZ but not the secured network  Ex: A hotel has a network for customers to connect to for browsing the web and checking , but not to personal information for the hotel itself

 Computers loaded with data files and software that appears to be legitimate in order to fool attackers  Typically located inside a DMZ  Can be used to monitor attackers techniques, early warning signs of an attack on the secure network and to deflect attention from the actual sensitive data

 Network Address Translation  hides the IP addresses of devices connected to the secure network by switching it with a common, known IP address that can be used by anybody on the network before sending the packet out  typically incorporated into a firewall implementation and is usually required when two or more networks interface with each other  Good for security because it stops users on the internet from seeing the actual IP address of the sender

 Responsible for examining the current state of a system or device attempting to connect to the network before allowing it to join.  Does so by checking to see if the system joining is up to par with a specified set of criteria, such as having the most current anti-virus signature or having the firewall properly enabled.  If device fails to meet criteria, it is sent to a “quarantine” network  A network located outside of the secure network  The overall idea of NAC is to prevent computers with sub-par security from joining the secure network and potentially infecting other computers

 System that attempts to discover unauthorized access to a computer network by analyzing traffic on the network for signs of malicious activity  Can perform simple tasks such as alerting the administrator via or text message at the first sign of an intrusion  i.e., burglar alarm

 A popular open-source NIPS  has the ability to perform real-time traffic analysis and packet logging on IP networks  performs protocol analysis, content searching, and content matching  can also be used to detect probes or attacks, including, but not limited to, operating system fingerprinting attempts, common gateway interface, buffer overflows, server message bloke probes, and stealth port scans.

 Recently entered InfoWorld’s open source hall of fame as “one of the greatest pieces of open source software of all time”  Has several modes to run on  Sniffer mode  Packet logger mode  Intrusion detection mode

 1. Ciampa, Mark D. Security+ Guide to Network Security Fundamentals. 3rd ed. Boston, MA:  Course Technology, Cengage Learning,  2. Fung, K. T. Network Security Technologies. Boca Raton, FL: Auerbach Publications,  3. Maiwald, Eric. Network Security: A Beginner's Guide. New York, NY: Osborne/McGraw-Hill   4. Wikipedia.org