Global One Communications

Slides:

Advertisements

Similar presentations

Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.

Advertisements

Module 5: Configuring Access for Remote Clients and Networks.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

IS Network and Telecommunications Risks

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Flexible Network Access Overview. Flexible Access an Integral part of Universal Access Policy Universal Access to Campus IT Resources Managed LAN portsFlexible.

Remote Networking Architectures

Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.

Virtual Private Network prepared by Rachna Agrawal Lixia Hou.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.

Module 14: Configuring Server Security Compliance

Chapter 6 of the Executive Guide manual Technology.

11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.

Module 11: Remote Access Fundamentals

System Security Basics. Information System Security The protection of information systems against unauthorized access to or modification of information,

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

PRESENTED BY P. PRAVEEN Roll No: 1009 – 11 – NETWORK SECURITY M.C.A III Year II Sem.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Exploring the Enterprise Network Infrastructure Introducing Routing and Switching.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

CS460 Final Project Service Provider Scenario David Bergman Dong Jin Richard Bae Scott Greene Suraj Nellikar Wee Hong Yeo Virtual Customer: Mark Scifres.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Module 11: Designing Security for Network Perimeters.

Security fundamentals Topic 10 Securing the network perimeter.

Security Environment Assessment. Outline  Overview  Key Sources and Participants  General Findings  Policy / Procedures  Host Systems  Network Components.

WebCCTV 1 Contents Introduction Getting Started Connecting the WebCCTV NVR to a local network Connecting the WebCCTV NVR to the Internet Restoring the.

Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.

1 Chapter 13: RADIUS in Remote Access Designs Designs That Include RADIUS Essential RADIUS Design Concepts Data Protection in RADIUS Designs RADIUS Design.

IS3220 Information Technology Infrastructure Security

ORNL Site Report ESCC July 15, 2013 Susan Hicks David Wantland.

ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

Agenda Current Network Limitations New Network Requirements About Enterasys Security Branch Office Routers Overall Enterprise Requirements Proposed Solution.

Security fundamentals

Virtual Private Network

Virtual Private Network Access for Remote Networks

Instructor Materials Chapter 5: Network Security and Monitoring

Module 9: Configuring Network Access

Virtual Private Networks

Virtual Private Network (VPN)

Working at a Small-to-Medium Business or ISP – Chapter 8

CONNECTING TO THE INTERNET

Network Infrastructure

Module Overview Installing and Configuring a Network Policy Server

Network Security Analysis Name : Waleed Al-Rumaih ID :

Securing the Network Perimeter with ISA 2004

Configuring and Troubleshooting Routing and Remote Access

Firewall – Survey Purpose of a Firewall Characteristic of a firewall

Security of a Local Area Network

Welcome To : Group 1 VC Presentation

Chapter 5: Network Security and Monitoring

Chapter 1: WAN Concepts Connecting Networks

IS4550 Security Policies and Implementation

Virtual Private Network (VPN)

* Essential Network Security Book Slides.

Server-to-Client Remote Access and DirectAccess

PPPoE Internet Point to Point Protocol over Ethernet

ISMS Information Security Management System

Mobile ad hoc networking: imperatives and challenges

Firewalls Purpose of a Firewall Characteristic of a firewall

Goals Introduce the Windows Server 2003 family of operating systems

Virtual Private Network

Chapter 8: Monitoring the Network

Contact Center Security Strategies

Designing IIS Security (IIS – Internet Information Service)

Topic 12: Virtual Private Networks

AT&T Firewall Battlecard

Introduction to Networking Security

Presentation transcript:

Global One Communications email: christian.sinephro@globalone.net TESTA II Network Security June 06, 2000 Global One Communications Christian Sinephro email: christian.sinephro@globalone.net 1

Contents Overview Corporate Security TESTA II Network Security Backbone Security Access Network Security Global Dial Access Security Additional Security Options Security Management 2

Overview Corporate Security Policy IP VPN using MPLS - No Internet traffic Physical control and security on the backbone Controlled access to the EuroGate Logical segregation of customer traffic based on strong routing protocol (port configuration) Central Management (NMC) of the VPN configuration - No third-party access or delegation of network management function

Corporate Security Key elements of the Corporate Security policy are: comprehensive staff screening Physical security for network nodes and Operations support systems, with access to limited staff on a need-to-know basis Password and user ID for network nodes and support systems, including enabling auditing features Documentation of specific security procedures and processes Continued review of security procedures as an inherent element of network operations. Security Architecture focused on: Securing network infrastructure to avoid network service disruption Preventing and detecting fraud and abuse of Global One network services Implementing overlay services to enhance the implementation of specific security policies

TESTA II Network Security Backbone Security Backbone node infrastructure Access Network Security Quality of Service Service level guarantees (e.g. availability) Classes of Service Security Management Corporate security

TESTA II Network Security EuroDomain LocalDomain A LocalDomain B LocalDomain D C EuroGate Backbone Security Layer “Door-to-Door” Security “Door-to-Door” Security Backbone Security

Backbone Security Fiber - secure Transmission Medium: Backbone Transmission security on fiber optic links (backhaul route diversity, secure cable routing, heavy armoring, ..) Impervious to radio frequency and electromagnetic interference Access Management and Control: All network equipment locations protected with access alarms Alarms monitored continuously by Regional Control centres (NMCs) Network Monitoring: Real-time status and remote software control of switching & transmission Remote diagnostic tools for adding, deleting or modifying circuits or viewing port condition Only registered operators, with appropriate administrator functions, have access to NMC tools and systems. External Protection Denial of service attack: only LD users can access the EuroDomain Tracking and support can be provided

Access Network Security Local Loops: Ordered by Global One and currently provided by local Telecom Operators In some countries, alternative carriers can be used Security is the currently accepted level of security on the local loop Customer Premises Equipment: Provided and managed by Global One under an onsite Rental and maintenance contract. Only Global One has access to the router configuration.

Global Dial Access Security TESTA II EuroDomain Access Server Home Gateway VPDN Tunnel Application Host TESTA II Dial-up User AAA Server

Global Dial Access Security Only registered users have access to the Dial Access service User Authentication via AAA server (Radius) based on the Network Access Identifier Additional SecurID client can be used for strong authentication Limits access to pre-defined resources on the TESTA II backbone Performs user accounting for purposes of security and charge back

Additional Security Options Firewalling Managed firewall service at site location Optional network-based firewall Dedicated secure IP VPN boxes performing: Authentication (Remote keys) Encryption (ITSEC) Firewalling functions Access Filtering Restricted VPN configurations on the TESTA II backbone

Security Management Corporate Security Department responsible for: Performing threat analysis Conducting surveillance and detection services Recommending overall solutions to security issues Protecting management systems and applications