5-Network Defenses Dr. John P. Abraham Professor UTPA.

Slides:



Advertisements
Similar presentations
Lecture slides for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 9 “Firewalls and Intrusion Prevention.
Advertisements

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
IUT– Network Security Course 1 Network Security Firewalls.
FIREWALLS Chapter 11.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.
Firewalls : usage Data encryption Access control : usage restriction on some protocols/ports/services Authentication : only authorized users and hosts.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Security+ Guide to Network Security Fundamentals, Third Edition
Firewall Configuration Strategies
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 6 Network Security.
Firewalls and Intrusion Detection Systems
Guide to Network Defense and Countermeasures Third Edition
J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 7 Network Perimeter Security.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 5 Network Defenses.
Guide to Computer Network Security
Secure Network Design: Designing a Secure Local Area Network IT352 | Network Security |Najwa AlGhamdi1 Case Study
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
Networking Components Chad Benedict – LTEC
Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
NW Security and Firewalls Network Security
Intranet, Extranet, Firewall. Intranet and Extranet.
Guide to Network Defense and Countermeasures Second Edition Chapter 10 Firewall Topology.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Firewall Security.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
1 Network Firewalls CSCI Web Security Spring 2003 Presented By Yasir Zahur.
Security fundamentals Topic 10 Securing the network perimeter.
Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:
Overview of Firewalls. Outline Objective Background Firewalls Software Firewall Hardware Firewall Demilitarized Zone (DMZ) Firewall Types Firewall Configuration.
Network Security Terms. Perimeter is the fortified boundary of the network that might include the following aspects: 1.Border routers 2.Firewalls 3.IDSs.
Networking Components Quick Guide. Hubs Device that splits a network connection into multiple computers Data is transmitted to all devices attached Computers.
A presentation by John Rowley for IUP COSC 356 Dr. William Oblitey Faculty member in attendance.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Eric Van Horn Cosc 356.  Nearly every organization in todays era uses computers and a network to send, receive, and store information  Very important.
Network Processing Systems Design
FIREWALLS By k.shivakumar 08k81f0025. CONTENTS Introduction. What is firewall? Hardware vs. software firewalls. Working of a software firewalls. Firewall.
Defining Network Infrastructure and Network Security Lesson 8.
أمن المعلومات لـ أ. عبدالرحمن محجوب حمد mtc.edu.sd أمن المعلومات Information Security أمن المعلومات Information Security  أ. عبدالرحمن محجوب  Lec (5)
Security fundamentals
Security+ Guide to Network Security Fundamentals, Fifth Edition
CompTIA Security+ Study Guide (SY0-401)
Click to edit Master subtitle style
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
Firewalls.
CompTIA Security+ Study Guide (SY0-401)
6.6 Firewalls Packet Filter (=filtering router)
Digital Pacman: Firewall Edition
Guide to Computer Network Security
Security+ Guide to Network Security Fundamentals, Third Edition
Firewalls Routers, Switches, Hubs VPNs
Chapter 8 Network Perimeter Security
Firewalls Chapter 8.
AbbottLink™ - IP Address Overview
Introduction to Network Security
Presentation transcript:

5-Network Defenses Dr. John P. Abraham Professor UTPA

Introduction A common mistake in network security – Attempt to patch vulnerabilities in a weak network that was poorly conceived and implemented from the start Securing a network begins with the design of the network and includes secure network technologies

Crafting a Secure Network Security through design – Subnetting, VLAN, DMZ, etc. Security through network technologies – NAT, NAC, etc. Network Security Devices – Firewall, proxy server, honeypot, NIDS, etc. Intrusion Prevention Systems

Security+ Guide to Network Security Fundamentals, Third Edition Security through Network Design Subnetting – IP addresses are actually two addresses: one part is a network address and one part is a host address Classful addressing – The split between the network and host portions of the IP address originally was set on the boundaries between the bytes Subnetting or subnet addressing – Allows an IP address to be split anywhere – Networks can essentially be divided into three parts: network, subnet, and host 4

Subnetting Isolates organizational groups Decreased network traffic Improved troubleshooting Improved utilization of addresses Minimal impact on external routers Better organization

VLAN (virtual LAN) Scattered individual units under same organizational unit can be grouped together (logical grouping rather than physical grouping) – In most network environments, networks are divided or segmented by using switches – A VLAN allows scattered users to be logically grouped together even though they may be attached to different switches – Can reduce network traffic and provide a degree of security similar to subnetting: VLANs can be isolated so that sensitive data is transmitted only to members of the VLAN

Convergence technologies (VOIP, video, etc) vulnerability Phones affected as OS is attacked VOIP protocols have very little security Lack of encryption for voip packages Spam calls

Demilitarized Zone (DMZ) Devices that provides service to outside users are isolated, such as and web servers. If penetrated, confined to that server rather than the LAN itself.

DMZ example

Network Address Translation (NAT) NAT hides the private IP addresses assigned to individual machines. A single or pool of public IPs are used for public visibility. Available private IP , and The NAT device removes the senders private IP from the packet and replaces it with an alias. The NAT device then keeps a table of it and the process is reversed when a packet arrives. A variation is port address translation. Each packet is given the same IP address but a different port number.

Security+ Guide to Network Security Fundamentals, Third Edition Security through Network Technologies Network Address Translation (NAT) – Hides the IP addresses of network devices from attackers Private addresses – IP addresses not assigned to any specific user or organization – Function as regular IP addresses on an internal network – Non-routable addresses 12

Security+ Guide to Network Security Fundamentals, Third Edition Security through Network Technologies (continued) NAT removes the private IP address from the sender’s packet – And replaces it with an alias IP address When a packet is returned to NAT, the process is reversed An attacker who captures the packet on the Internet cannot determine the actual IP address of the sender 13

Security+ Guide to Network Security Fundamentals, Third Edition Security through Network Technologies (continued) 14

Network Access Control (NAC) A special quarantined network area where new devices or guests are allowed to connect to. Only after passing required security checks they are allowed to connect to the LAN. – CISCO – network admission control – Microsoft – Network Access protection – Juniper – Unified access control – Trusted computing group – trusted network connect

Security+ Guide to Network Security Fundamentals, Third Edition Applying Network Security Devices Devices include: – Firewalls – Proxy servers – Honeypots – Network intrusion detection systems – Host and network intrusion prevention systems – Protocol analyzers – Internet content filters – Integrated network security hardware 16

Firewall Filtering data packets – a gatekeeper to the network. Rule based – Allow, block, prompt. Stateful packet filtering – Packet is not allowed to pass to a client, unless the client requested it from the server.

Example packet filtering rules See table 5-6 p 167 Source address = any Destitation address = internal ip Port =80

Proxy Server Intercepts internal user requests and processes that request on behalf of the user. It hides the IP address of the client system inside the secure network When a request for webpage is made the client actually contacts the proxy server, which checks to see if that page exists in the cache

Honeypot Intended to trap attackers. A honeypot is a computer located in a DMZ that is loaded with software and data files that appear to be the real thing. Deflect attention Early warnings of new attacks Examine attacker techniques

Network Intrusion Detection Systems (NIDS) Watches for attempts to penetrate a network. Table 5-9 p.171 NIDs looks for suspicious patterns.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.