Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Slides:

Advertisements

Similar presentations

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

Advertisements

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

Database Administration and Security Transparencies 1.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Access Control Methodologies

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.

Security+ Guide to Network Security Fundamentals

Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

System and Network Security Practices COEN 351 E-Commerce Security.

Chapter 12 Network Security.

Chapter 7 HARDENING SERVERS.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Lecture 11 Reliability and Security in IT infrastructure.

Computer Security: Principles and Practice

Controls for Information Security

Factors to be taken into account when designing ICT Security Policies

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Stephen S. Yau CSE , Fall Security Strategies.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Introduction to Network Defense

Information Security Information Technology and Computing Services Information Technology and Computing Services

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

Chapter 2 Information Security Overview The Executive Guide to Information Security manual.

Securing Information Systems

Intranet, Extranet, Firewall. Intranet and Extranet.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

Storage Security and Management: Security Framework

Chapter 6 of the Executive Guide manual Technology.

FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.

11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

Data Integrity Lesson 12. Skills Matrix Maintaining Data Integrity Maintaining data integrity is your most important responsibility. –Performing backups.

Module 2: Installing and Maintaining ISA Server. Overview Installing ISA Server 2004 Choosing ISA Server Clients Installing and Configuring Firewall Clients.

Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,

Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.

SAM-21 Fortress Model and Defense in Depth Some revision on Computer Architecture.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

Prepared by Natalie Rose1 Managing Information Resources, Control and Security Lecture 9.

Chapter 2 Securing Network Server and User Workstations.

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

Chap1: Is there a Security Problem in Computing?.

Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.

Security fundamentals Topic 10 Securing the network perimeter.

Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.

Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.

Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.

Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.

Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.

ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.

By: Matt Winkeler.  PCI – Payment Card Industry  DSS – Data Security Standard  PAN – Primary Account Number.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

Importance of IT security ->protects data ->ensures authentication and confidentiality ->preevents data theft.

Securing Network Servers

Information Security, Theory and Practice.

Working at a Small-to-Medium Business or ISP – Chapter 8

Chapter 17 Risks, Security and Disaster Recovery

Joe, Larry, Josh, Susan, Mary, & Ken

INFORMATION SYSTEMS SECURITY and CONTROL

How to Mitigate the Consequences What are the Countermeasures?

Chapter # 3 COMPUTER AND INTERNET CRIME

Designing IIS Security (IIS – Internet Information Service)

Presentation transcript:

Network Security

Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges Trusted locations are systems V partners are Semi trusted entities. You would give them access to non-publically available systems after being. Customers are entities. After authentication, they can be given access to publically available systems.

Assessing the Risks The first stage of designing security infrastructure for your organization is to that you might want to protect and to the organization if that asset is compromised. Once you identify what needs to be protected, you then need to ask what you need to. Conduct a comprehensive risk assessment to: – Identify all potential vulnerabilities – Assess the likelihood that they will be compromised. – Determine the impact/cost that will be incurred if the asset is compromised. – The combination of likelihood and impact are then combined to identify major inherent security risks.

Threats Object, person, or other entity that represents a constant danger to an asset 1.Human error 2.Acts of Nature 3.Technical hardware or software failures – yours, a service provider’s 4.Deliberate Acts (attacks) – Sabotage, Vandalism, theft, software attacks (hacking, viruses, worms)

Defense in depth – Implementation of security so that multiple layers of defense have to be circumvented to gain access to internal information and assets Requires that organization establish sufficient security controls and safeguards so that an intruder faces. If one layer of security is breached, there will be another layer of security with P and security are BOTH important. How does a bank protect its assets?

Figure 5-15 – Spheres of Security IDS = Intrusion Detection System IR = Incident Response DR = Disaster Recovery BC = Business Continuity planning

Technology Controls Access Controls – multiple levels – networks, systems, data Intrusion Detection Systems Disconnection Monitoring Systems/Logging of User Activity Proxy Servers Firewalls Encryption – in storage, in transmission Backups Antivirus Redundant Systems Patches and Upgrades

Definitions not found in CyberProtect Information F: device that selectively discriminates against information flowing into or out of organization Proxy Server: a separate computer that relays requests from an application to an untrusted zone, and receives responses before forwarding them back to the application.

Hardened Systems – Refers to stability and impenetrability of the operating system. Step 1 – Secure the Core Operating System Eliminate unneeded services Patch Management (both OS and Applications) Avoid Unencrypted Protocols Ensure Virus Protection Rename Administrator Accounts Change Default passwords Disable Guest Accounts Do not allow anonymous FTP Control remote access to systems logs Increase size of log files File, Directory and other permissions. Display a warning message for remote access

Hardened Systems Step 2 – Apply Concept of– “Each subject should be granted the most restrictive set of privileges needed for the performance of authorized tasks. “ Usually accomplished through access control lists that are role-based. – Allow users only the system access that they specifically require to perform their role within the organization. –D–D

Hardened Systems Step 3 - Separation of Duties – Cannot create new users, grant them access and activate their accounts. – Similar to NOT having the person who orders something also being the person responsible for receiving the goods. – This ensures that, and therefore reduces the risk of Any local examples you can think of?