Network Perimeter Defense Josef Pojsl, Martin Macháček, Trusted Network Solutions, Inc.

Slides:



Advertisements
Similar presentations
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Advertisements

Guide to Network Defense and Countermeasures Second Edition
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.
Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.
The Most Analytical and Comprehensive Defense Network in a Box.
What’s New in Office Visio 2007 Microsoft Office Visio 2007 drawing and diagramming software makes it easy for IT and business professionals to.
Some general principles in computer security Tomasz Bilski Chair of Control, Robotics and Computer Science Poznań University.
1 Telstra in Confidence Managing Security for our Mobile Technology.
Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.
Term Project Teams of ~3 students Pick a system (discuss choice with me)  Want simple functionality, security issues, whole system (e. g., client and.
Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.
University of Massachusetts Amherst InteLock TM Team: Emmanuel Seguin Josh Coffin Anh-Kiet Huynh Christos Tsiokos Remote Access and Proximity Key Advisor:
Stephen S. Yau CSE , Fall Security Strategies.
“Today over 70% of attacks against a company’s network come at the ‘Application Layer’ not the Network or System layer.” - Gartner Is Your Web Application.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Securing Legacy Software SoBeNet User group meeting 25/06/2004.
LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
Chapter 2 Information Security Overview The Executive Guide to Information Security manual.
SEC835 Database and Web application security Information Security Architecture.
HIPAA COMPLIANCE WITH DELL
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.
Joseph Ferracin Director IT Security Solutions Managing Security.
 Protect customers with more secure software  Reduce the number of vulnerabilities  Reduce the severity of vulnerabilities  Address compliance requirements.
CSC 386 – Computer Security Scott Heggen. Agenda Security Management.
Honeypot and Intrusion Detection System
Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.
Module 14: Configuring Server Security Compliance
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Chapter 6 of the Executive Guide manual Technology.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Auditing Information Systems (AIS)
Lecture 16 Page 1 Advanced Network Security Perimeter Defense in Networks: Virtual Private Networks Advanced Network Security Peter Reiher August, 2014.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Firewalls  Firewall sits between the corporate network and the Internet Prevents unauthorized access from the InternetPrevents unauthorized access from.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
Office of Campus Information Security Driving a Security Architecture by Assessing Risk Stefan Wahe Sr. Information Security Analyst.
Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.
Module 11: Designing Security for Network Perimeters.
HP World September 2002 Scott S. Blake, CISSP Vice President, Information Security BindView Corporation Vulnerability Assessment and Action.
PwC New Technologies New Risks. PricewaterhouseCoopers Technology and Security Evolution Mainframe Technology –Single host –Limited Trusted users Security.
IT Security Policy: Case Study March 2008 Copyright , All Rights Reserved.
Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.
Thomas E. Noonan President and Chief Executive Officer Issues in eBusiness Security.
Venus Project Brief Description. What It Do What Monitor Log Analyze Block Narrow Report Search Where Single stations Internet Gates Special Devices Web.
Understand Network Isolation Part 2 LESSON 3.3_B Security Fundamentals.
1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Security ROI and Conclusions Cisco commissioned custom research project.
IS3220 Information Technology Infrastructure Security
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Creating the Network Design Designing and Supporting Computer Networks – Chapter.
Chapter 13 Network Security Auditing Antivirus Firewalls Authentication Authorization Encryption.
Your Partner for Superior Cybersecurity
Critical Security Controls
CompTIA Security+ SY0-401 Real Exam Question Answer
CONFIDENTIALITY, INTEGRITY, LEGAL INTERCEPTION
Computer Security Firewalls November 19, 2018 ©2004, Bryan J. Higgs.
ISMS Information Security Management System
IS4680 Security Auditing for Compliance
INFORMATION SYSTEMS SECURITY and CONTROL
In the attack index…what number is your Company?
Cloud Computing for Wireless Networks
Presentation transcript:

Network Perimeter Defense Josef Pojsl, Martin Macháček, Trusted Network Solutions, Inc.

IP filtering gateways Proxy gateways Combinations (defense in depth) Traditional techniques Internet Internal Network

Perimeter expansion Increased bandwidth Remote offices Telecommuters Roaming users Partners Technology Cryptography VPNs Internet Internal Network

Role of communication Growing dependence on IT systems Paperwork replaced with electronic data As a consequence Greater potential of attacks and vulnerabilities Data integrity attacks Harder detection Automation Complexity Technology Cryptography Content scaning Intrusion detection Vulnerability scanning

Complexity Internet Internal Network VPNs Firewalls Public servers Internal servers Intrusion detection Content scanner Vulnerability scanner

Risk Assessment Risk factors Worth Attraction Threat Vulnerability Probability Countermeasures Prevention Detection Reaction High-risk environments: risk factors are relatively high

Security processes Every day New processes are being transformed into electronic forms New vulnerabilities and patches emerge Event logs must be analyzed Appropriate actions must be taken Etc. As a consequence Security is a process Services serve better than products Expert teams specialized in security are needed Some processes may be (internally) outsourced

Fighting complexity Minimalism Rarely used in software design Unusual parameter combinations Number of interactions Modularity Modules are more easily verifiable Well-defined interfaces between modules Minimal design Customization

Event logging Full, fine-grained event logs are vital for detection Easy to process, human readable Log analysis: statistics, expert systems, manual Audit Logs

Open architecture Not necessarily open-source Source code serves for –Verification –Documentation No “security through obscurity” No “breakthroughs” Compliance with open standards

Conclusion Design principles to follow when building network security defense in high-risk environments Processes, not solutions MinimalismModularity Thorough audit trails and log analysis Open architecture Expert teams Outsourcing

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.