Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.

Slides:

Advertisements

Similar presentations

TrustPort Net Gateway traffic protection. Keep It Secure Entry point protection –Clear separation of the risky internet and secured.

Advertisements

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

Fall 2008CS 334: Computer Security1 Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for.

Security Firewall Firewall design principle. Firewall Characteristics.

Firewall Configuration Strategies

Firewall Ercan Sancar & Caner Sahin. Index History of Firewall Why Do You Need A Firewall Working Principle Of Firewalls Can a Firewall Really Protect.

Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.

Computer Network (MASQ/NAT/PROXY)

Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.

Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.

Computer Networks IGCSE ICT Section 4.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

Firewall Slides by John Rouda

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

Norman SecureSurf Protect your users when surfing the Internet.

Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

Campus Firewalling Dearbhla O’Reilly Network Manager Dublin Institute of Technology.

Virtual Company Group 8 Presentation Date: June /04/2017

Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.

Intranet, Extranet, Firewall. Intranet and Extranet.

Computer Networking Part 1 CS 1 Rick Graziani Cabrillo College Fall 2005.

January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.

Cisco PIX firewall Set up 3 security zones ***CS580*** John Trafecanty Jules R. Nya Baweu August 23, 2005.

1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.

1 The Firewall Menu. 2 Firewall Overview The GD eSeries appliance provides multiple pre-defined firewall components/sections which you can configure uniquely.

Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.

Internet Engineering Course Network Design. Internet Engineering Course; Sharif University of Technology Contents Define and analyse an organization network.

P RESENTED B Y - Subhomita Gupta Roll no: 10 T OPICS TO BE DISCUSS ARE : Introduction to Firewalls  History Working of Firewalls Needs Advantages and.

Time lag between discovering issue and resolving Difficult to find solutions and patches that can help resolve issue Service outages expensive and.

Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.

CHAPTER 3 PLANNING INTERNET CONNECTIVITY. D ETERMINING INTERNET CONNECTIVITY REQUIREMENTS Factors to be considered in internet access strategy: Sufficient.

Firewalls. Intro to Firewalls Basically a firewall is a __________to keep destructive forces away from your ________ ____________.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

McLean HIGHER COMPUTER NETWORKING Lesson 14 Firewalls & Filtering Comparison of Internet content filtering methods: firewalls, Internet filtering.

Module 7: Advanced Application and Web Filtering.

Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.

Security fundamentals Topic 10 Securing the network perimeter.

ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.

Overview of Firewalls. Outline Objective Background Firewalls Software Firewall Hardware Firewall Demilitarized Zone (DMZ) Firewall Types Firewall Configuration.

NetTech Solutions Protecting the Computer Lesson 10.

Module 10: Windows Firewall and Caching Fundamentals.

SYSTEM ADMINISTRATION Chapter 10 Public vs. Private Networks.

Regan Little. Definition Methods of Screening Types of Firewall Network-Level Firewalls Circuit-Level Firewalls Application-Level Firewalls Stateful Multi-Level.

Chapter 8.  Upon completion of this chapter, you should be able to:  Understand the purpose of a firewall  Name two types of firewalls  Identify common.

CompTIA CompTIA Academic/E2C Security+ Study Guide JK0-022

FIREWALLS By k.shivakumar 08k81f0025. CONTENTS Introduction. What is firewall? Hardware vs. software firewalls. Working of a software firewalls. Firewall.

Security fundamentals

Module 3: Enabling Access to Internet Resources

Enabling Secure Internet Access with TMG

CONNECTING TO THE INTERNET

Prepared By : Pina Chhatrala

Firewall – Survey Purpose of a Firewall Characteristic of a firewall

Introduction to Networking

Welcome To : Group 1 VC Presentation

Unit 27: Network Operating Systems

Lecture # 7 Firewalls الجدر النارية. Lecture # 7 Firewalls الجدر النارية.

Firewalls Purpose of a Firewall Characteristic of a firewall

IS4680 Security Auditing for Compliance

Firewalls Routers, Switches, Hubs VPNs

Firewalls Jiang Long Spring 2002.

Office 365 – How NOT to do it UKNOF43.

Presentation transcript:

Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd

School Network Internet WebSAMS HTTP Server Router Workstations Wifi Network Attack WebSAMS Server WebSAMS Crystal Report Workstation Network Firewall Teachers ServerIntranet Server Server Attack Security Vulnerabilities  Systems (Win2000, RH7.2)  Application (Web, PhPBB, FTP) Security Vulnerabilities  Systems (Win2000, RH7.2)  Application (Web, PhPBB, FTP) General Suggestions: Security Audit Upgrade Firewall Update Systems and Applications FREQUENTLY Change Password FREQUENTLY General Suggestions: Security Audit Upgrade Firewall Update Systems and Applications FREQUENTLY Change Password FREQUENTLY Application Firewall

School Network Internet WebSAMS HTTP Server Router Workstations Wifi WebSAMS Server WebSAMS Crystal Report Workstation Network Firewall Teachers ServerIntranet Server General Suggestions: Security Audit Upgrade Firewall Update Systems and Application FREQUENTLY Change Password FREQUENTLY General Suggestions: Security Audit Upgrade Firewall Update Systems and Application FREQUENTLY Change Password FREQUENTLY Application Firewall Difficulties in Daily Operation: Method and types of attacks change rapidly, difficult for schools to follow the latest updates. Heavy teaching work load makes it difficult to maintain and update such an complicated network security environment by teachers themselves. Limited resources for schools to afford expensive solutions and services for commercial use. Many companies only sell products and lack skills, knowledge and the right to modify the product they provide. Difficulties in Daily Operation: Method and types of attacks change rapidly, difficult for schools to follow the latest updates. Heavy teaching work load makes it difficult to maintain and update such an complicated network security environment by teachers themselves. Limited resources for schools to afford expensive solutions and services for commercial use. Many companies only sell products and lack skills, knowledge and the right to modify the product they provide.

School Network Internet WebSAMS HTTP Server Router Workstations Wifi WebSAMS Server WebSAMS Crystal Report Workstation Network Firewall Teachers ServerIntranet Server Application Firewall  Regular update managed by Professional Team who developed SCHOOLWALL.  Tailored for Schools in Hong Kong.  User Friendly Interface – reduce time to learn and operate.  Affordable price  Regular update managed by Professional Team who developed SCHOOLWALL.  Tailored for Schools in Hong Kong.  User Friendly Interface – reduce time to learn and operate.  Affordable price

School Network Internet WebSAMS HTTP Server Router Workstations Wifi Network Attack WebSAMS Server WebSAMS Crystal Report Workstation Network Firewall Teachers ServerIntranet Server Server Attack Security Vulnerabilities  Systems (Win2000, RH7.2)  Application (Web, PhPBB, FTP) Security Vulnerabilities  Systems (Win2000, RH7.2)  Application (Web, PhPBB, FTP) General Suggestions: Security Audit Upgrade Firewall Update Systems and Application FREQUENTLY Change Password FREQUENTLY General Suggestions: Security Audit Upgrade Firewall Update Systems and Application FREQUENTLY Change Password FREQUENTLY Application Firewall Difficulties in Daily Operation: Method and types of attacks change rapidly, difficult for schools to follow the latest updates Limited resources for schools to afford expensive solutions and services for commercial use. Heavy teaching work load make it difficult to maintain and update such an complicated network security environment by teachers themselves. Many companies only sell products and lack skills, knowledge and the right to upgrade the product they provide. Difficulties in Daily Operation: Method and types of attacks change rapidly, difficult for schools to follow the latest updates Limited resources for schools to afford expensive solutions and services for commercial use. Heavy teaching work load make it difficult to maintain and update such an complicated network security environment by teachers themselves. Many companies only sell products and lack skills, knowledge and the right to upgrade the product they provide.

Latest and Upgraded Functions: User Friendly Interface Packet Filtering URL Filtering Classroom Control Finer access control Bandwidth control Application Protection Web FTP Statistics Expansion Module

New User Friendly Interface

NAT Mapping Filter Rule Packet Filtering Static NAT

URL Filtering Transparent Proxy (TCP/Port 80) Global default deny list Configuration – Control Areas: Domain, Keyword, URL, IP address – Permit: Allow exceptions in global deny list – Deny: Deny additional objects in control areas – No-Cache: Do not cache specific domains / IPs – My Domains: Permit all and do not cache self domains sites

URL Filtering Transparent Proxy (TCP/Port 80) Global default deny list

Classroom Control Additional control on a set of fixed IP addresses – Examples: IP range for staff, computer rooms Domain Blocking / Unblocking – Allow List : Default deny all but allow exception in domains – Deny List : Adding domain block list to global deny list – Deny All : Deny all access, no exceptions – Allow All : Allow all access (no blocking) Bandwidth Control – Guarantee Bandwidth – Maximum Bandwidth

Example of adding “Deny List” URL filter Sendspace.com + Classroom Control + Zone control “Deny List” yahoo.com

G – Guarantee Bandwidth M – Maximum Bandwidth Maximum Bandwidth limt the download speed Testing URL: ftp://download.speedtest.com.hk/100mb.zip Bandwidth Control Classroom Control

Application Protection - Web Setting up Receiving Request Analysis Denied If not allowed Example of blocking SQL injection

Application Protection - FTP Set a password retry limit to the connection. If exceed the limit, the IP will be banned for a fixed period of time.

Application Protection - Anti-spam mechanisms: DNSBL Greylisting SPF DKIM Sender White / Black Listing Self define White / Black list Sender blacklisting

Statistics - N etwork Traffic Bandwidth Graphs

Gateway Statistics Statistics - N etwork Traffic

Expansion Module – Server Certificate

Comparison Network ProtectionInvestmentConsequence No Firewall$0Serious! Self Developed Firewall Time of Teachers Very difficult to upgrade Commercial Firewall Very Expensive Lack maintenance and support Very Affordable Install, Update, Upgrade, Support - VPN, Lab, Proxy, Filter

~The End~ Thank you!