Topics 1.Security options and settings 2.Layer 2 vs. Layer 3 connection types 3.Advanced network and routing options 4.Local connections 5.Offline mode.

Slides:

Advertisements

Similar presentations

LAN Segmentation Virtual LAN (VLAN).

Advertisements

DSL-2730B, DSL-2740B, DSL-2750B.

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

1 Basic Installation and GUI Tech Basic Installation and GUI : Objectives  Installing the Quadro  Configuring the Quadro  Installing IP phones.

Module 5: Configuring Access for Remote Clients and Networks.

SCSC 455 Computer Security Virtual Private Network (VPN)

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Configuring Virtual Private Networks for Remote Clients and Networks.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Presented by Serge Kpan LTEC Network Systems Administration 1.

Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

Overview of simple LANs. Networking basics: LAN TCP/IP is the protocol used in the Internet and dominates the internet and transport layers The subnet.

Topics 1.Taking the Lock into use – physical serialization 2.Detailed setup options 3.Using mobile broadband 4.Taking the Key into use.

Remote Networking Architectures

(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,

CECS 474 Computer Network Interoperability Tracy Bradley Maples, Ph.D. Computer Engineering & Computer Science Cal ifornia State University, Long Beach.

1 Enabling Secure Internet Access with ISA Server.

Technical Training: DAP-1360 Wireless N Access Point DAP-1360.

Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.

DrayTek VPN Solution. Outline What is VPN What does VPN Do Supported VPN Protocol How Many Tunnels does Vigor Support VPN Application Special VPN Application.

1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft.

TOSIBOX LOCK security options 1 1.

Course 201 – Administration, Content Inspection and SSL VPN

And how they are used. Hubs send data to all of the devices that are plugged into them. They have no ability to send packets to the correct ports. Cost~$35.

Networking Components By: Michael J. Hardrick. HUB  A low cost device that sends data from one computer to all others usually operating on Layer 1 of.

Linksys LNKWET11 Setup b Ethernet Converter Step 1. Annotate your Computer’s ethernet IP address. Step 2. Change the Ethernet IP Address/subnet/router.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

Module 3: Planning and Troubleshooting Routing and Switching.

Network Redundancy Multiple paths may exist between systems. Redundancy is not a requirement of a packet switching network. Redundancy was part of the.

Configuring Routing and Remote Access(RRAS) and Wireless Networking

LECTURE 9 CT1303 LAN. LAN DEVICES Network: Nodes: Service units: PC Interface processing Modules: it doesn’t generate data, but just it process it and.

Internet Addressing. When your computer is on the Internet, anything you do requires data to be transmitted and received. For example, when you visit.

Introduction to Networking. Key Terms packet  envelope of data sent between computers server  provides services to the network client  requests actions.

Common Devices Used In Computer Networks

11.59 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,

XTM Networking Tips and Tricks Carlo Alvarez Technical Trainer - APAC.

Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.

1 The Firewall Menu. 2 Firewall Overview The GD eSeries appliance provides multiple pre-defined firewall components/sections which you can configure uniquely.

1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.

1/28/2010 Network Plus Network Device Review. Physical Layer Devices Repeater –Repeats all signals or bits from one port to the other –Can be used extend.

Windows 7 Firewall.

VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.

Topics 1.Product information 2.Distinct features 3.Building large systems with the Central Lock.

11.59 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,

NETWORKING COMPONENTS AN OVERVIEW OF COMMONLY USED HARDWARE Christopher Johnson LTEC 4550.

Hands-On Microsoft Windows Server Introduction to Remote Access Routing and Remote Access Services (RRAS) –Enable routing and remote access through.

BZUPAGES.COM. What is a VPN VPN is an acronym for Virtual Private Network. A VPN provides an encrypted and secure connection "tunnel" path from a user's.

SHAWN CROWE LTEC /026 ASSIGNMENT #3 Networking Components.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 1 ver.2 Module 6 City College.

Module 1: Configuring Routing by Using Routing and Remote Access.

Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.

A machine that acts as the central relay between computers on a network Low cost, low function machine usually operating at Layer 1 Ties together the.

Security fundamentals Topic 10 Securing the network perimeter.

NETGEAR CONFIDENTIAL FVS338 ProSafe VPN Firewall 50.

CSC 116 Nov Administrative Required 2 nd exam will be next week on Wed  Nov 18th It will be short (10 questions) It will only cover chapters.

Configure and Security Remote Acess. Chapter 8 Advance Computer Network Lecture Sorn Pisey

Networks DEVICES. Repeater device to amplify or regenerate digital signals received while setting them from one part of a network into another. Works.

KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY IT375 Window Enterprise Administration Course Name – IT Introduction to Network Security Instructor.

Security fundamentals

Chapter 1 Introduction to Networking

Planning and Troubleshooting Routing and Switching

Wireless Modes.

How To Set Up A Wireless Network

Firewalls Routers, Switches, Hubs VPNs

AbbottLink™ - IP Address Overview

Presentation transcript:

Topics 1.Security options and settings 2.Layer 2 vs. Layer 3 connection types 3.Advanced network and routing options 4.Local connections 5.Offline mode

Lock security options – Admin password The most important one! The admin user can change all the security settings in the Lock, so the password should be changed from the default

Lock security options – MAC/IP filter Settings -> Industry settings -> Limit LAN traffic to certain MAC or IP addresses Allowed targets can be specified either using MAC address or IP address Useful especially in mode A

Lock security options – “Do not enter” sign Prevents new connections towards the Key from Lock’s LAN and other connected devices Enabled by default and changeable in Edit Tosibox devices

Lock security options – Prevent traffic between Sub Locks Used for isolating Sub Lock networks from each other Devices in each Sub Lock network can only access the “main” Lock’s LAN and the Internet, but not devices behind other Sub Locks Helps also performance-wise because it reduces the broadcast traffic that would “leak” between the VPN connections

Different connection types Layer 2 – bridged, site-to-site Creates a virtual network interface that appears to be residing in the remote network Can be thought of as having a really long ethernet cable to the remote network Each remote user gets its own address from the remote network Works on the data link layer (MAC) Layer 3 – routed, point-to-point Tunnel end points have private addresses Data is routed to the remote network via the remote end of the tunnel Traffic in the remote network appears to be coming from the Lock device – no additional addresses need to be allocated Works on the network layer (Internet Protocol)

Changing the connection type The default connection type is Layer 2 for Key-Lock connections Layer 3 for Key-Central Lock connections and Mobile Clients The connection type can be changed in Lock’s web UI by clicking Edit Tosibox devices

Advanced network options – Routing Key users’ Internet connection through Lock Similar to traditional corporate VPN setups Usually slows down the Internet access a bit Can be useful for providing access to office/corporate network resources (via WAN) when Lock is deployed in mode B Or forcing all traffic to go through the company’s proxy or firewall

Advanced network options – Access to hosts through WAN Used for providing access to only selected devices outside Lock’s WAN connection. Settings -> Industry settings Other traffic (e.g. Internet) is not routed via the Lock

Advanced network options – Static routes Low-level configuration interface for more complex and rare cases Needed e.g. if there are multiple routers in the LAN providing access to different destinations Static routes are pushed also to Key users’ computers - requires Layer 3 connection Configuration at Network -> Static routes

Local connections TOSIBOX Key periodically sends out messages in the local networks (LANs) to discover Locks or Central Locks When a connection is requested to a Lock/Central Lock located in the same LAN, a direct connection is made locally, without MatchMaking service

Offline mode It is also possible to disable Internet access in the Lock device so that only local connections are allowed (so-called Offline mode). The administrator can choose to block either: All Internet access: both inbound VPN connections and outbound Internet access from LAN is blocked VPN access from Internet (inbound) A temporary exception (timer) can be defined for both, e.g. to allow a technician to get remote access for one hour to perform maintenance work

Offline mode It is also possible to disable Internet access in the Lock device so that only local connections are allowed (so-called Offline mode). The administrator can choose to block either: All Internet access: both inbound VPN connections and outbound Internet access from LAN is blocked VPN access from Internet (inbound) A temporary exception (timer) can be defined for both, e.g. to allow a technician to get remote access for one hour to perform maintenance work