WINS Monthly Meeting 10/1/2004 WINS Monthly Meeting 10/1/2004.

Slides:



Advertisements
Similar presentations
New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.
Advertisements

Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
Authored by: Rachit Rastogi Computer Science & Engineering Deptt., College of Technology, G.B.P.U.A. & T., Pantnagar.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
System and Network Security Practices COEN 351 E-Commerce Security.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Course 201 – Administration, Content Inspection and SSL VPN
Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.
Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
EDUCAUSE Security 2006 Internet John Brown University.
Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
FortiGateAntivirusFirewallOverview. 2 Fortinet Technologies Network Security Network security can be viewed from three perspectives: t controlling access.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Introducing Quick Heal Endpoint Security 5.2. “Quick Heal Endpoint Security 5.2 is designed to provide simple, intuitive centralized management and control.
ProtectionProfiles. 2 Fortinet Technologies Protection Profiles Protection profiles control t the type of traffic protected t HTTP t FTP t IMAP t POP3.
ShareTech 2015 Next-Gen UTM.
Chapter 6: Packet Filtering
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
Windows Vista Security Center Chapter 5(WV): Protecting Your Computer 9/17/20151Instructor: Shilpa Phanse.
IMPLEMENTING F-SECURE POLICY MANAGER. Page 2 Agenda Main topics Pre-deployment phase Is the implementation possible? Implementation scenarios and examples.
1 Technology Coordinator Meeting Humanities 019 Friday, March 29, 2002.
Module 10: Monitoring ISA Server Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.
1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.
Safeguarding OECD Information Assets Frédéric CHALLAL Head, Systems Engineering Team OECD.
Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.
Monitoring Your Network A College Approach Chris Bamber, IT Systems Manager Somerville College Confidentiality: The contents of this presentation and workshop.
BZUPAGES.COM. What is a VPN VPN is an acronym for Virtual Private Network. A VPN provides an encrypted and secure connection "tunnel" path from a user's.
Lanxin Ma Institute of High Energy physics (IHEP) Chinese Academy of Sciences September 30, 2004 CHEP 2004, Interlaken The Security Protection System at.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.
VolNet2 Bill White Network Services. September 20, 2004OIT Fall Staff Meeting Why Volnet2? Based on the Security Assessment findings Insecure protocols.
7400 Samsung Confidential & Proprietary Information Copyright 2006, All Rights Reserved. -0/17- OfficeServ 7400 Enterprise IP Solutions Quick Install Guide.
TSAG Meeting 1/09/02 Update on Current Technology Initiatives Steven Fitzgerald.
Firewall Policies. Module Objectives By the end of this module participants will be able to: Identify the components used in a firewall policy Create.
Operating Systems Proj.. Background A firewall is an information technology (IT) security device which is configured to permit, deny or proxy data connections.
Microsoft ISA Server 2000 Presented by Ricardo Diaz Ryan Fansa.
Security fundamentals Topic 10 Securing the network perimeter.
WINS Monthly Meeting 11/5/2004 WINS Monthly Meeting 11/5/2004.
ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.
NetTech Solutions Protecting the Computer Lesson 10.
Moving from Reactive to Proactive – DeepNines and ESU 3 Nate Jackson, Territory Manager Greg Jackson, Vice President of Technical Services Martin Rosas,
WINS Monthly Meeting 5/7/2004 WINS Monthly Meeting 5/7/2004.
WINS Monthly Meeting www2.widener.edu/wins 10/7/2005 WINS Monthly Meeting www2.widener.edu/wins 10/7/2005 www2.widener.edu/wins.
Office 365 Performance Management. Meet Paul Andrew Office 365 Technical Product Manager – Office 365 datacenter, networking, identity management.
WINS Monthly Meeting www2.widener.edu/wins 2/4/2005 WINS Monthly Meeting www2.widener.edu/wins 2/4/2005 www2.widener.edu/wins.
WINS Monthly Meeting 4 /2/2004 WINS Monthly Meeting 4 /2/2004.
WINS Monthly Meeting www2.widener.edu/wins 03/02/2007 www2.widener.edu/wins
WINS Monthly Meeting 06/05/2003 WINS Monthly Meeting 06/05/2003.
Internet security for the home Paul Norton MEng(Hons) MIEE Electronic engineer working for Pascall Electronics Ltd. on the Isle of Wight A talk on Internet.
Introducing Kaspersky Anti-Virus 6.0 for Windows Workstations Introducing Kaspersky ® Anti-Virus 6.0 for Windows Workstations.
Network Security Solution. 2 Security Gateway Switch Network Security Products  Multi-Homing  VPN/Firewall  SPI Firewall  Anti-Virus  Anti-Spam 
Chapter 8.  Upon completion of this chapter, you should be able to:  Understand the purpose of a firewall  Name two types of firewalls  Identify common.
25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.
Defining Network Infrastructure and Network Security Lesson 8.
Security fundamentals
UTM Content Security Gateway
TMG Client Protection 6NPS – Session 7.
Introduction to Operating Systems
Securing the Network Perimeter with ISA 2004
Configuring TMG as a Firewall
Welcome To : Group 1 VC Presentation
Information Security Session October 24, 2005
Firewalls Routers, Switches, Hubs VPNs
Designing IIS Security (IIS – Internet Information Service)
Presentation transcript:

WINS Monthly Meeting 10/1/2004 WINS Monthly Meeting 10/1/2004

Agenda Introductions Introductions Nortel 8600 Upgrades Nortel 8600 Upgrades Nortel Designated SE Nortel Designated SE Shasta Replacement Update Shasta Replacement Update Fortigate 3600 Fortigate 3600 Allot NetEnforcer Allot NetEnforcer Dorm Students Return… Argh! Dorm Students Return… Argh! Campus Manager? Campus Manager? Question & Answers Question & Answers

Introductions Name Name Title Title Location Location

Nortel 8600 Upgrade Was running Was running Hardware Memory upgraded from 64M to 256M Hardware Memory upgraded from 64M to 256M Software Upgrade to Software Upgrade to Spanning Tree issues at Garnet Valley from misconfig Spanning Tree issues at Garnet Valley from misconfig No other problems No other problems First Upgrade on July 1 and last on July 20th First Upgrade on July 1 and last on July 20th

Nortel Designated SE Past Tom Desilets, Nortel, Designated Direct Sales Past Tom Desilets, Nortel, Designated Direct Sales Tim Slattery, CNI, Designated Reseller Tim Slattery, CNI, Designated Reseller Nortel SE, Product specific, available Nortel SE, Product specific, available Gladys Kline – Now Nortel Designated SE Gladys Kline – Now Nortel Designated SE Office Office Cell Cell

Shasta Replacement Update Review conversation issue Review conversation issue Problem areas Widener Academic and Dorms Problem areas Widener Academic and Dorms Lab testing done in June Lab testing done in June Dorms cutover in July Dorms cutover in July Widener Academic cutover in Aug Widener Academic cutover in Aug Still to move : Tech Park, Computer Science, and DCIU Districts Still to move : Tech Park, Computer Science, and DCIU Districts

Widener Fortigate 3600 Installed in July Installed in July Detects, quarantines, and eliminates viruses and Detects, quarantines, and eliminates viruses and worms in real-time. Scans incoming and worms in real-time. Scans incoming and outgoing attachments (SMTP, POP3, outgoing attachments (SMTP, POP3, IMAP), HTTP and FTP traffic including web-based IMAP), HTTP and FTP traffic including web-based , and encrypted VPN tunnels – without , and encrypted VPN tunnels – without degrading Web performance degrading Web performance Detection and prevention of over 1300 intrusions Detection and prevention of over 1300 intrusions and attacks, including DoS and DDoS attacks, and attacks, including DoS and DDoS attacks, based on user-configurable thresholds. Automatic based on user-configurable thresholds. Automatic updates of IPS signatures from FortiProtect updates of IPS signatures from FortiProtect Network Network Processes all Web content to block inappropriate Processes all Web content to block inappropriate material and malicious scripts via URL blocking material and malicious scripts via URL blocking and keyword/phrase blocking and keyword/phrase blocking Industry standard stateful inspection firewall Industry standard stateful inspection firewall Industry standard PPTP, L2TP, and IPSec VPN Industry standard PPTP, L2TP, and IPSec VPN support support FortiGate units can be deployed in conjuction FortiGate units can be deployed in conjuction with existing firewall and other devices to with existing firewall and other devices to provide antivirus, content filtering, and other provide antivirus, content filtering, and other content-intensive applications content-intensive applications Interfaces 10/100Base-T Ports Base-SX Ports (Fiber) 4* 1000Base-T Ports (Copper) 2 System Performance Concurrent sessions 1,000,000 New sessions/second 25,000 Firewall throughput (Gbps) 4Gbps 168-bit Triple-DES throughput (Mbps) 600 Unlimited concurrent users Policies 50,000 Schedules 256 Fortinet FortiGate-3600 – Product of the Year - Gold Award – Enterprise firewall system searchNetworking.com February 2004 A fortress in a box – FortiGate 3600 offers a smorgasbord of security services on one machine FCW.com October 2003

Allot NetEnforcer Provide Internet access to bandwidth-hungry students without compromising on resources needed for teaching and research--or the business of running a university. Limit P2P music- sharing and non-essential applications at peak hours while guaranteeing bandwidth for mission- critical applications. Create service level agreements (SLAs) for classes of users and offer ISP-style classes of services. Filter Internet content to increase students' and educators' productive use of network resources and to reduce bandwidth contention between "fun" content and research- or work-related applications. Provide Internet access to bandwidth-hungry students without compromising on resources needed for teaching and research--or the business of running a university. Limit P2P music- sharing and non-essential applications at peak hours while guaranteeing bandwidth for mission- critical applications. Create service level agreements (SLAs) for classes of users and offer ISP-style classes of services. Filter Internet content to increase students' and educators' productive use of network resources and to reduce bandwidth contention between "fun" content and research- or work-related applications. Cache redirection software package, enables caching for fast response time Accounting provides browser-based traffic statistics and reports.

Widener Internet Solution

Dorm Students Return… Argh! 'Twas the night before Check-in, when all thro' the campus, Not a creature was stirring, not even a Virus; 'Twas the night before Check-in, when all thro' the campus, Not a creature was stirring, not even a Virus; Fortigate CPU Maxed out Fortigate CPU Maxed out Allot indicated conversations Allot indicated conversations Allot increased to and recorded Allot increased to and recorded Dorms disconnected and reconnected one at a time Dorms disconnected and reconnected one at a time Isolated to one PC streaming conversations Isolated to one PC streaming conversations Placed Attack Mitigator on Dorm Placed Attack Mitigator on Dorm Found students that did not update windows OS or let anti-virus software expire Found students that did not update windows OS or let anti-virus software expire Shut down over 150 PC’s to date Shut down over 150 PC’s to date Virus/Worms to few to mention… but we will! Virus/Worms to few to mention… but we will! Ground Hogs Day!!!! Ground Hogs Day!!!!

Campus Manager Register Network Users Register Network Users Import and synchronize user and group information from a network directory server i.e. Active Directory, Novell Directory Services, Sun ONE Directory Server, or any Lightweight Directory Access Protocol (LDAP) system server. Import and synchronize user and group information from a network directory server i.e. Active Directory, Novell Directory Services, Sun ONE Directory Server, or any Lightweight Directory Access Protocol (LDAP) system server. Import user information from a delimited text file. Import user information from a delimited text file. Proactively Deal with Unregistered Network Users Proactively Deal with Unregistered Network Users Unregistered users connecting to the network can be denied network access. A typical rollout plan, in single VLAN network environments, is to permit users access for a period of time to allow for user registration and after the specified period of time unregistered users are denied network access. Unregistered users connecting to the network can be denied network access. A typical rollout plan, in single VLAN network environments, is to permit users access for a period of time to allow for user registration and after the specified period of time unregistered users are denied network access. Identify who is accessing the Network Identify who is accessing the Network A real time view of who is connected to the network. A real time view of who is connected to the network. Locate Network Users Locate Network Users The ability to locate where a user is currently online or was last online given the user’s first or last name, network address, physical network address, or a physical location. The ability to locate where a user is currently online or was last online given the user’s first or last name, network address, physical network address, or a physical location. Connection Based Scanning Connection Based Scanning Scan / test network computers and servers as they access the network. Scan / test network computers and servers as they access the network. Restrict / Deny an individual Network Access Restrict / Deny an individual Network Access Proactively schedule usage policies to restrict or deny network access. React to network access issues on a case-by-case basis and restrict or deny user network access. Proactively schedule usage policies to restrict or deny network access. React to network access issues on a case-by-case basis and restrict or deny user network access. Enable / Disable Ports Enable / Disable Ports Proactively schedule policies to enable and disable ports. React to network access issues on a case-by-case basis and enable or disable ports. Proactively schedule policies to enable and disable ports. React to network access issues on a case-by-case basis and enable or disable ports.

Questions & Answers Next Meeting Friday Nov 5th Next Meeting Friday Nov 5th

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.