Network Security Department of Housing and Resident Education Charles Benjamin.

Slides:

Advertisements

Similar presentations

CONFIDENTIAL © Copyright Aruba Networks, Inc. All rights reserved AOS & CPPM INTEGRATION CONFIGURATION & TESTING EAP TLS & EAP PEAP by Abilash Soundararajan.

Advertisements

Mr C Johnston ICT Teacher BTEC IT Unit 09 - Lesson 10 Achieving D2.

Network Access Control Systems at Educational Institutions Richard Becker Brian Leslie Kansas State University.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

Overview of Wireless Network Steven Fetcie Infrastructure Manager Information Services.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Housing Residence Education Network and Services.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Cisco NAC Guest Server Guest Access - Simplified Tim Wellborn SE Sangeeta.

Trend Micro Round Table May 19, Agenda Introduction – why switch? Timeline for implementation Related policies Trend Micro product descriptions.

Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 8 Introduction to Printers in a Windows Server 2008 Network.

Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Using RADIUS Within the Framework of the School Environment Charles Bolen Systems Engineer December 6, 2011.

Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

Fermilab VPN Service What is a VPN ?.

Being Proactive with Computer Posture Assessment Department of Housing and Residence Education Charles Benjamin.

Using RADIUS Within the Framework of the School Environment Ed Register Consultant April 6, 2011.

© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.

VPN Scenarios © N. Ganesan, Ph.D.. Chapter Objectives.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.

Course 201 – Administration, Content Inspection and SSL VPN

Linksys LNKWET11 Setup b Ethernet Converter Step 1. Annotate your Computer’s ethernet IP address. Step 2. Change the Ethernet IP Address/subnet/router.

1 ISA Server 2004 Installation & Configuration Overview By Nicholas Quinn.

© 2007 NeoAccel, Inc. NeoAccel SGX Installation Guide Dear Customer: We are pleased to provide you with our training presentation for our SSL VPN-Plus.

Eucalyptus Virtual Machines Running Maven, Tomcat, and Mysql.

Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.

1 Network Admission Control to WLAN at WIT Presented by: Aidan McGrath B.Sc. M.A.

Configuring Routing and Remote Access(RRAS) and Wireless Networking

Being Proactive with Computer Posture Assessment Department of Housing and Residence Education Azfar Mian and Charles Benjamin.

Router. Introduction A router is a device in computer networking that forwards data packets to their destinations, based on their addresses. The work.

1 Week #7 Network Access Protection Overview of Network Access Protection How NAP Works Configuring NAP Monitoring and Troubleshooting NAP.

G046 Lecture 05 Task E Briefing Notes Mr C Johnston ICT Teacher

Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.

Lexmark Wireless Printer Adaptor Instructions Step 1. For a Mac, go to network preferences/ select built-in-ethernet and click on TCP/IP tab and annotate.

70-411: Administering Windows Server 2012

Implementing Network Access Protection

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Configure a Wireless Router Basic Wireless Concepts & Configuration Chapter.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

University of Montana - Missoula Adam Ormesher & Chase Maier.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Section 2 Section 2.1 Identify hardware Describe processing components Compare and contrast input and output devices Compare and contrast storage devices.

What’s New in Fireware v11.9.5

CAEN Wireless Network College of Engineering University of Michigan October 16, 2003 Dan Maletta.

Cisco’s Secure Access Control Server (ACS)

Protecting Students on the School Computer Network Enfield High School.

Deepnet Unified Authentication for Outlook Anywhere.

Module 5: Configuring Internet Explorer and Supporting Applications.

Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Internet Authentication Service.

Welcome Windows Server 2008 安全功能 -NAP. Network Access Protection in Windows Server 2008.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 1 ver.2 Module 6 City College.

Chapter 3: Authentication, Authorization, and Accounting

We now will use Advanced Search Builder option. Access to Advanced is from the initial PubMed page or the Search Results page. Advanced Search.

INDIANAUNIVERSITYINDIANAUNIVERSITY Indiana University Update Tom Zeller

Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?

7.4 Update - ISE Session.

Web Browsing *TAKE NOTES*. Millions of people browse the Web every day for research, shopping, job duties and entertainment. Installing a web browser.

1 Welcome to Designing a Microsoft Windows 2000 Network Infrastructure.

LO2 Understand the key components used in networking.

© 2001, Cisco Systems, Inc. CSPFA 2.0—16-1 Chapter 16 Cisco PIX Device Manager.

Implementing Network Access Protection

WSU Linux Users Group By Haven Hash

FTP - File Transfer Protocol

Computer Basics Section 2.1 YOU WILL LEARN TO… Identify hardware

Welcome To : Group 1 VC Presentation

Chapter 27: System Security

How to install HP printer using IP address? How to install HP printer using IP address? Call

Presentation transcript:

Network Security Department of Housing and Resident Education Charles Benjamin

Resident Housing at UF

The Housing Network

Network Security Change network from flat to routed Installed FWSM Installed 802.1X on Ethernet Started using XpressConnect from Cloudpath Installed CopySense from Audible Magic

Network Security Add Wireless PEAP MSCHAP v2 241 Wireless Access Points ( adding 105) 4 WISMs Configured 802.1X to Wireless Installed SourceFire 3500 IDS Added NOC Installed StealthWatch from Lancope

Computer Security Employee Computers Installed Web Filter Websense Installed and run Identity Finder Installed VIPRE Antivirus Student Computers NAC SafeConnect from Impulse

Network Access Control Evaluation Cisco Bradford Networks Impulse SafeConnect KIS Components Cost Function Other Installation Florida

Impulse SafeConnect Components Policy Enforcer appliance (PE) DB – MySQL, Webserver – Tomcat, Proxy – Squid Management Console Reporting Console Policy Key Lite weight program 1.27 M Router configuration Authentication Server

Management Console

Reporting Console

Impulse SafeConnect Setup Configure Housing Border Router NetFlow Policy Based Routing SSH connection Install Policy Enforcer Appliance Configure Authentication Server RADIUS Configure Policy Groups, Management Console Device Type Location

Impulse SafeConnect Example of Windows Policy Policy Key P2P Anti-virus OS updates Anti-spyware

Impulse SafeConnect Go Live with Housing NAC Implemented in phases: Internal Summer A students Summer B , = 3,030 students Fall , = 7,880 students

Impulse SafeConnect Installing Policy Key DHNet CD, XpressConnect On wireless dhwInstructions DHNet webpage, XpressConnect From SafeConnect Policy Enforcer (PE)

Impulse SafeConnect Connection Process Student runs XpressConnect via DHNet CD Wireless SSID dhwInstructions XpressConnect Configures 802.1X Supplicant Install SafeConnect Policy Key RADIUS server sends accounting to PE IP, MAC, Username

Impulse SafeConnect Connection Process (cont.) Student connects to Housing network Router send NetFlow information to PE PE compares data from RADIUS and Policy Groups configured in PE Items in the Group Policy are processed from top down

Impulse SafeConnect Connection Process (cont.) If the Policy Item specifies Quarantine PE sends Policy Based Routing information to the router via SSH The students connection is “Quarantined” sent to PE and presented with a webpage of instructions and URLs Internet access is limited

Impulse SafeConnect Connection Process (cont.) If the Policy Item specifies Warning The policy key will instruct the browser to display the Warning page Policy Based Routing isn’t used The student still has full Internet access Time limits for warning are set in each item of the PE Policy Groups

Impulse SafeConnect Example of Windows Policy Policy Key Quarantine, Immediate P2P Quarantine, Immediate Anti-virus Warning 1 Day, Warning 1 Day, Quarantine OS updates Warning 1 Day, Warning 1 Day, Quarantine Anti-spyware Warning 1 Day, Warning 1 Day, Quarantine

Management Console

Reporting Console

Real Time Reporting

Anti Spyware

Anti-Virus

Open Access Per User

SafeConnect History