Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.

Slides:

Advertisements

Similar presentations

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.

Advertisements

Internet Protocol Security (IP Sec)

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.

Network Security. Reasons to attack Steal information Modify information Deny service (DoS)

NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT

Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Pertemuan 11 IPSec dan SSL Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.

VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.

Internet Protocol Security (IPSec)

Security Data Transmission and Authentication

Chapter 6 Configuring, Monitoring & Troubleshooting IPsec

Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.

Protocol Basics. IPSec Provides two modes of protection –Tunnel Mode –Transport Mode Authentication and Integrity Confidentiality Replay Protection.

32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

1 Chapter 8 Copyright 2003 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.

IP Security: Security Across the Protocol Stack

An Introduction to Encrypting Messages on the Internet Mike Kaderly INFS 750 Summer 2010.

1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.

Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

CSCE 715: Network Systems Security

Information management 1 Groep T Leuven – Information department 1/26 IPSec IP Security (IPSec)

IT:Network:Apps.  RRAS does nice job of routing ◦ NAT is nice ◦ BASIC firewall ok but somewhat weak  Communication on network (WS to SRV) is in clear.

IPSec IPSec provides the capability to secure communications across a LAN, across private and public wide area networks (WANs) and across the Internet.

Karlstad University IP security Ge Zhang

IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.

IPsec Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.

IP Security.  In CERTs 2001 annual report it listed 52,000 security incidents  the most serious involving:  IP spoofing intruders creating packets.

11 SECURING NETWORK COMMUNICATION Chapter 9. Chapter 9: SECURING NETWORK COMMUNICATION2 OVERVIEW  List the major threats to network communications. 

IP Security: Security Across the Protocol Stack. IP Security There are some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.

Hands-On Microsoft Windows Server 2003 Networking Chapter 9 IP Security.

Chapter 32 Internet Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Virtual Private Network. ATHENA Main Function of VPN  Privacy  Authenticating  Data Integrity  Antireplay.

Securing Network Communications Using IPSec Chapter Twelve.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 10: Planning and Managing IP Security.

IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.

1 Lecture 13 IPsec Internet Protocol Security CIS CIS 5357 Network Security.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

Security IPsec 1 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Cryptography and Network Security (CS435) Part Thirteen (IP Security)

IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.

IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.

1 IPSec: An Overview Dr. Rocky K. C. Chang 4 February, 2002.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

IPSec The Wonder Protocol Anurag Vij Microsoft IT.

Network Layer Security Network Systems Security Mort Anvari.

IPSEC Modes of Operation. Breno de MedeirosFlorida State University Fall 2005 IPSEC  To establish a secure IPSEC connection two nodes must execute a.

Computer Science and Engineering Computer System Security CSE 5339/7339 Session 27 November 23, 2004.

Securing Access to Data Using IPsec Josh Jones Cosc352.

Security Data Transmission and Authentication Lesson 9.

11 SECURING NETWORK TRAFFIC WITH IPSEC Chapter 6.

UNIT 7- IP Security 1.IP SEC 2.IP Security Architecture

Virtual Private Networks

Chapter 18 IP Security  IP Security (IPSec)

SECURING NETWORK TRAFFIC WITH IPSEC

Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls

Presentation transcript:

Securing Data Transmission and Authentication

Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol IPSec has two principle goals: To protect the contents of IP packets To provide defense against network attacks through packet filtering and the enforcement of trusted communication. Attacks that IPSec can prevent and reduce: Packet SniffingMan in the Middle Data ModificationDenial of Service Identity Spoofing

Understanding IPSec IPSec can be deployed in the following scenarios: LAN – Client/Server and peer to peer LANs WAN – Router to Router Remote Access – Dial up clients and Internet access from private networks Both sides require a shared IPSec policy to establish the security settings that will be used. IPSec can be configured to use one of two modes: Transport mode – Use this mode when you require packet filtering and when you require end-to-end security. Tunnel mode – Use tunnel mode for site-to-site communications that cross the Internet. Gateway-to- Gateway protection

Understanding IPSec contd. IPSec provides security using a combination of individual protocols. Authentication Header (AH) – protocol provides authentication, integrity, and anti-replay for the packet. This protocol does not encrypt, but protects from modification. Encapsulating Security Payload (ESP) – provides confidentiality of the packet (encryption).

Understanding Security Associations SA – is the combination of security services, protection mechanisms, and keys agreed to by communicating peers. When traffic meets a filter that is defined in the policy, the security parameters much then be negotiated. The SA is what is agreed upon. Internet Key Exchange (IKE) – an algorithm used to generate the secret keys agreed upon in the SA.

IPSec Policies Policies are the security rules that define the desired security levels negotiated in the SA. The policy also define which traffic is “interesting” and whether or not to negotiate IPSec or just send the information with out modification. Components of a Policy: Tunnel setting Network Type IP filter IP protocol Port IP filter list Filter Action Authentication method

Creating IPSec Policies Go to local security Policy Use “IP security policies” for policies that must be compatible with versions of Windows older than Vista/Server 2008 Use Windows Firewall with Advanced Security for Vista/Server 2008 systems.

Breaking it all down Example on board

Configuring Network Authentication When a computer connects to a network it must be authenticated. Typically this is done through Active Directory and Kerberos. However, if there is no AD domain or you have older clients you may need to change the Authentication type to NTLM. Computer Configuration->Policies->Windows Setting- > Security Settings->Security Options->Network Security:NTLM