Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved in creating a secure network strategy Control access to a Windows 2000 server

Course ILT Topic A Topic A: Introduction to network security Topic B: Understanding security threats Topic C: Creating a secure network strategy Topic D: Windows 2000 server access control

Course ILT Network security defined Network security: –Process by which digital information assets are protected Goals of network security are to: –Protect confidentiality –Maintain integrity –Assure availability Assessing risk –Identify threats –Reduce vulnerabilities

Course ILT Information Security Tasks of guarding digital information, which is typically processed by a computer, stored on a magnetic or optical storage device (such as a hard drive or DVD), and transmitted over a network.

Course ILT An isolated computer What security threat do we have?

Course ILT Connected to the Internet What security threat do we have? The Internet

Course ILT Information vs. Network Most of the threat are from the network, that is why we chose the name “Network Security” instead of “Information Security”. But the intention is to secure the information. Information is an asset that must be protected.

Course ILT Financial Loss Without adequate protection or network security, a company is highly susceptible to a financial loss. The fear of security breach can cause financial loss as an actual breach.

Course ILT Each attack costs $213,000 After an attack on information security, clean-up efforts divert resources, such as time and money away from normal activities A Corporate IT Forum survey of major corporations showed: –Each attack costs a company an average of $213,000 in lost man-hours and related costs –One-third of corporations reported an average of more than 3,000 man-hours lost

Course ILT Information Security

Course ILT Threat vs. Vulnerability A threat is defined as any activity that poses a danger to our information. A vulnerability is a weakness in a system, such as misconfigured hardware or software, poor design, or end-user carelessness. Threats exploit vulnerabilities in order to gain unauthorized access to a network.

Course ILT Effect of Evolving technologies Mainframes LANs Firewalls Extranets Security systems –Intrusion detection –Authentication –Authorization –Vulnerability assessment

Course ILT Security build Trust Security is critical for all types of Internet business. By protecting systems from intrusion and corruption, security technologies help companies build trust A trust that information is protected and transactions are reliable

Course ILT Securing means Managing risk Users can perform only authorized tasks Users can obtain only authorized information Users cannot damage data, applications, or operating environment

Course ILT Errors and Equipment Failures Though “security” means protection against malicious attacks by outsiders. Security also involves controlling the effects of errors and equipment failures.

Course ILT Goals of network security - CIA The goal of implementing network security is to maintain an acceptable level of confidentiality, integrity and availability of information. Confidentiality –Protection of data from unauthorized disclosure to a third party Integrity –Assurance that data is not altered or destroyed in an unauthorized manner Availability –Continuous operation of computing systems

Course ILT Topic B Topic A: Introduction to network security Topic B: Understanding security threats Topic C: Creating a secure network strategy Topic D: Windows 2000 server access control

Course ILT Price of Intrusion Corporate espionage, –FBI estimates up to $100 billion loss Identity theft –up to 700,000 Americans Computer Viruses –up to $13.2 billion in 2001 –Lost revenues –Lost prestige –Lost productivity

Course ILT CERT Computer Emergency Response Team (CERT) security organization compiles statistics regarding number of reported attacks, including: –Speed of attacks –Sophistication of attacks –Faster detection of weaknesses –Distributed attacks –Difficulties of patching Established in 1988, the CERT® Coordination Center (CERT/CC) is a center of Internet security expertise, located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University.Software Engineering InstituteCarnegie Mellon University

Course ILT Sources of threats Compromising of each of these three security goals can cost organization either –directly or –indirectly There are four causes for compromised security: –Technology weaknesses –Configuration weaknesses –Policy weaknesses –Human error or malice

Course ILT Technology weaknesses TCP/IP Operating systems Network equipment

Course ILT TECHNOLOGY WEAKNESSES are a part of each technology TCP/IP A communication protocol designed as an open standard. Application Presentation Session Transport Network Data Link Physical

Course ILT TECHNOLOGY WEAKNESSES are a part of each technology Operating Systems Windows, Linux, Unix, Each operating system has issues.

Course ILT TECHNOLOGY WEAKNESSES are a part of each system Networking equipment All networking equipment must be protected! PasswordsFirewalls ProtocolsAuthentication

Course ILT Configuration weaknesses Unsecured accounts System accounts with easily guessed passwords Misconfigured Internet services Unsecured default settings Misconfigured network equipment Trojan horse programs Vandals Viruses

Course ILT Policy weaknesses Lack of a written security policy Politics High turnover Concise access controls not applied Software and hardware installation and changes do not follow policy Proper security Nonexistent disaster recovery plan

Course ILT Human error and malice Accident Ignorance Workload Dishonesty Impersonation Disgruntled employees Snoops Denial-of-service attacks

Course ILT Topic C Topic A: Introduction to network security Topic B: Understanding security threats Topic C: Creating a secure network strategy Topic D: Windows 2000 server access control

Course ILT Network security strategies Achieve the state where any action that is not expressly permitted is prohibited Address both internal and external threats Define policies and procedures Reduce risk across perimeter security, the Internet, intranets, and LANs (continued)

Course ILT Network security strategies, continued Human factors Knowing your weaknesses Limiting access Achieving security through persistence Physical security Perimeter security (continued)

Course ILT Secure network strategy, cont’d Firewalls Web and file servers Access control Change management Encryption Intrusion detection systems (IDS)

Course ILT Topic D Topic A: Introduction to network security Topic B: Understanding security threats Topic C: Creating a secure network strategy Topic D: Windows 2000 server access control

Course ILT Access control Restricts access to a resource Security levels –Identify –Authenticate –Authorize

Course ILT MAC, DAC and RBAC Mandatory access control (MAC) –Non-discretionary control used in high- security locations Discretionary access control –Allows the owner of a file to dictate who can access the file and to what extent Role-based access control –Access is based on the role a user plays in the organization

Course ILT Unit summary Discussed network security Discussed the security threat trends and their ramifications Discussed the goals of network security and determined the factors involved in a secure network strategy Discussed methods of access control and their implementation on a Windows 2000 server