Final Project: Advanced security blade

Slides:



Advertisements
Similar presentations
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Advertisements

Guanjong High School Group 2. Physical Network Access Security Getting into a network closet could easily allow someone to disable computers and connect.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Intrusion Detection Systems and Practices
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
IT Security Doug Brown Jeff Bollinger. What is security? P.H.P. People Have Problems Security is the mitigation and remediation of human error in information.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
07 December 2009Slide 1 of 1207 December 2009Slide 1 of 12 SQL Injection Primer By Nicole Gray, Cliff McCullough, Joe Hernandez.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
07 December 2009Slide 1 of 9 SQL Injection Primer By Nicole Gray, Cliff McCullough, Joe Hernandez.
LittleOrange Internet Security an Endpoint Security Appliance.
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.
Host Intrusion Prevention Systems & Beyond
Department Of Computer Engineering
Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.
IDS Mike O’Connor Eric Tallman Matt Yasiejko. Overview IDS defined IDS defined What it does What it does Sample logs Sample logs Why we need it Why we.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
1 Intrusion Detection Systems. 2 Intrusion Detection Intrusion is any use or attempted use of a system that exceeds authentication limits Intrusions are.
Brad Baker CS526 May 7 th, /7/ Project goals 2. Test Environment 3. The Problem 4. Some Solutions 5. ModSecurity Overview 6. ModSecurity.
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.
1-Vulnerabilities 2-Hackers 3-Categories of attacks 4-What a malicious hacker do? 5-Security mechanisms 6-HTTP Web Servers 7-Web applications attacks.
FEATURES & FUNCTIONALITY. Page 2 Agenda Main topics Packet Filter Firewall Application Control Other features.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.
A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.
1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
Intrusion Detection System (IDS) Basics LTJG Lemuel S. Lawrence Presentation for IS Sept 2004.
Cryptography and Network Security Sixth Edition by William Stallings.
Intrusion Detection Systems Paper written detailing importance of audit data in detecting misuse + user behavior 1984-SRI int’l develop method of.
Firewalls. Intro to Firewalls Basically a firewall is a barrier to keep destructive forces away from your computer network.
I NTRUSION P REVENTION S YSTEM (IPS). O UTLINE Introduction Objectives IPS’s Detection methods Classifications IPS vs. IDS IPS vs. Firewall.
Firewalls A brief introduction to firewalls. What does a Firewall do? Firewalls are essential tools in managing and controlling network traffic Firewalls.
Firewalls Priyanka Verma & Jessica Wong. What is it? n A firewall is a collection of security measures designed to prevent unauthorised electronic access.
Network Security Terms. Perimeter is the fortified boundary of the network that might include the following aspects: 1.Border routers 2.Firewalls 3.IDSs.
Regan Little. Definition Methods of Screening Types of Firewall Network-Level Firewalls Circuit-Level Firewalls Application-Level Firewalls Stateful Multi-Level.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Final Project: Advanced Security Blade IPS and DLP blades.
Eric Van Horn Cosc 356.  Nearly every organization in todays era uses computers and a network to send, receive, and store information  Very important.
Some Great Open Source Intrusion Detection Systems (IDSs)
Security Methods and Practice CET4884
25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.
CompTIA Security+ Study Guide (SY0-401)
Firewalls Dr. X (Derived from slides by Prof. William Enck, NCSU)
DDoS Attacks on Financial Institutions Presentation
Critical Security Controls
Chapter 7: Identifying Advanced Attacks
The Linux Operating System
Intrusion Prevention Systems
Lesson Objectives Aims You should be able to:
Introduction to Networking
Firewalls.
CompTIA Security+ Study Guide (SY0-401)
6.6 Firewalls Packet Filter (=filtering router)
CIS 333Competitive Success/tutorialrank.com
CIS 333 Education for Service-- tutorialrank.com.
CIS 333 RANK Education for Service-- cis333rank.com.
By: Dr. Visavnath, Lecturer Comp. Engg. Deptt.
Information Security Session October 24, 2005
Intrusion Detection & Prevention
Intrusion Prevention Systems
Firewall.
Firewalls.
Intrusion Detection system
FIREWALL.
By: Dr. Visavnath, Lecturer Comp. Engg. Deptt.
Firewall Installation
Presentation transcript:

Final Project: Advanced security blade IPS and DLP blades Roei Ben Harush 2014

Agenda 1 2 3 4 IPS DLP About next assignment How to research malware behavior 4 Roei Ben Harush 2014 2 2 2

Agenda 1 2 3 4 IPS DLP About next assignment How to research malware behavior 4 Roei Ben Harush 2014 3 3 3

Intrusion Prevention System - IPS An IPS monitors network traffic by analyzing the content of the packets Each packet is being examined to check if it contains any malicious content that appears in the signatures database In case a malicious packet is identified and matched to a signature it can raise an alarm or even block the connection if required Basically an IPS searches for attempts to exploit vulnerabilities within the organization by an external attacker IPS might affect network performance since it examines all incoming and outgoing network traffic [Restricted] ONLY for designated groups and individuals

Intrusion Prevention System - IPS An IPS monitors network traffic by analyzing the content of the packets Each packet is being examined to check if it contains any malicious content that appears in the signatures database In case a malicious packet is identified and matched to a signature it can raise an alarm or even block the connection if required IPS might affect network performance since it examines all incoming and outgoing network traffic IPS and it’s brother IDS (differs by protection vs. detection). IPS uses a negative security logic – the signatures says what’s forbidden (blacklisted) as opposed to positive security logic where the security administrator specifically lists what is allowed (whitelist). The IPS is aimed to protect the Application Layer. The downsides of negative security logic: False positive vs. False negative – From the eyes of a company owner, which is worse? Of course a false positive since the one false positive can be a transaction of millions of dollars. [Restricted] ONLY for designated groups and individuals

Agenda 1 2 3 4 IPS DLP About next assignment How to research malware behavior 4 Roei Ben Harush 2014 6 6 6

Data Leak Prevention - DLP Detect: Inform User: Ask User: The users decides if this is a real data leak or a false-positive, everything is logged Prevent: The traffic is blocked [Restricted] ONLY for designated groups and individuals

Data Leak Prevention - DLP Nowadays sensitive data can be easily accessed and transferred DLP monitors data transfer by deeply inspecting and analyzing the data, source, destination and protocol The data can be anything from accounting papers to source code DLP can work in several ways: Detect Inform User Ask User Prevent Detect: Inform User: Ask User: The users decides if this is a real data leak or a false-positive, everything is logged Prevent: The traffic is blocked [Restricted] ONLY for designated groups and individuals

Agenda 1 2 3 4 IPS DLP About next assignment How to research malware behavior 4 Roei Ben Harush 2014 9 9 9

Handle a real world vulnerability In this final project, you’ll have to deal with real-world problem In the IPS part, you’ll ask to make a research about the vulnerability – it’s couse, affect, how does it work etc. After a complete research, you’ll write the protection to the vulnerability. Your firewall will be tested with real exploits! We will see if your protection can stand against real penetration testing framework Roei Ben Harush 2014

Handle a real world vulnerability In the DLP part you’ll have to keep an eye in order to minimize network data leakage risks In order to make it easy for you, we’ll support only http and smtp text You’ll have to protect your organization's source code by recognizing source code being sent through http (get, post) or smtp Again, you’ll have to research yourself the methods to support, learn and protect Roei Ben Harush 2014

Agenda 1 2 3 4 IPS DLP About next assignment How to research malware behavior 4 Roei Ben Harush 2014 12 12 12

Popular sites for vulnerabilities You can find useful information in the following websites https://www.corelan.be http://www.exploit-db.com http://www.securityfocus.com https://www.owasp.org https://www.google.com Roei Ben Harush 2014

Learn about SQL injection Roei Ben Harush 2014

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.