Understand Network Isolation Part 2 LESSON 3.3_B 98-367 Security Fundamentals.

Slides:

Advertisements

Similar presentations

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.

Advertisements

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Module 5: Configuring Access to Internal Resources.

Module 5: Configuring Access for Remote Clients and Networks.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Configuring Virtual Private Networks for Remote Clients and Networks.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Security+ Guide to Network Security Fundamentals

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Goal of The Paper  What exactly is a VPN?  Why do you need a VPN?  what are some of the technologies used in deploying a VPN?  How does a VPN work?

Windows 2000 Remote Access. Remote Access Overview With Windows 2000 remote access, remote access clients connect to remote access servers and are transparently.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Internet Protocol Security (IPSec)

Virtual Private Networks Shamod Lacoul CS265 What is a Virtual Private Network (VPN)? A Virtual Private Network is an extension of a private network.

Virtual Private Network (VPN) © N. Ganesan, Ph.D..

Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.

1 © J. Liebeherr, All rights reserved Virtual Private Networks.

Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.

Chapter 11: Dial-Up Connectivity in Remote Access Designs

VPN Scenarios © N. Ganesan, Ph.D.. Chapter Objectives.

Chapter 6 Configuring, Monitoring & Troubleshooting IPsec

Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.

Course 201 – Administration, Content Inspection and SSL VPN

Virtual Private Networks Alberto Pace. IT/IS Technical Meeting – January 2002 What is a VPN ? u A technology that allows to send confidential data securely.

Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 23 Virtual Private Networks (VPNs)

Configuring Routing and Remote Access(RRAS) and Wireless Networking

Intranet, Extranet, Firewall. Intranet and Extranet.

Virtual Private Network (VPN) SCSC 455. VPN A virtual private network that is established over, in general, the Internet – It is virtual because it exists.

Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.

Chapter 9: Novell NetWare

Chapter 13 – Network Security

Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.

Module 14: Configuring Server Security Compliance

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Module 9: Configuring IPsec. Module Overview Overview of IPsec Configuring Connection Security Rules Configuring IPsec NAP Enforcement.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.

Module 11: Remote Access Fundamentals

VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.

11.59 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Overview of Microsoft ISA Server. Introducing ISA Server New Product—Proxy Server In 1996, Netscape had begun to sell a web proxy product, which optimized.

IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It.

Hands-On Microsoft Windows Server Implementing Microsoft Internet Information Services Microsoft Internet Information Services (IIS) –Software included.

Module 8: Managing Terminal Services. Overview Use and manage Terminal Services RemoteApp programs Use and manage Terminal Services Gateway Optimize and.

Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.

Configuring Network Access Protection

Security fundamentals Topic 10 Securing the network perimeter.

Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.

Module 10: Windows Firewall and Caching Fundamentals.

Understand Internet Security LESSON Security Fundamentals.

Lect 8 Tahani al jehain. Types of attack Remote code execution: occurs when an attacker exploits a software and runs a program that the user does not.

IS3220 Information Technology Infrastructure Security

Securing Access to Data Using IPsec Josh Jones Cosc352.

Defining Network Infrastructure and Network Security Lesson 8.

Virtual Private Networks

Security fundamentals

CompTIA Security+ Study Guide (SY0-401)

Module 3: Enabling Access to Internet Resources

Virtual Private Networks

IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It works.

Securing the Network Perimeter with ISA 2004

CompTIA Security+ Study Guide (SY0-401)

Goals Introduce the Windows Server 2003 family of operating systems

Virtual Private Networks

Firewalls Routers, Switches, Hubs VPNs

Designing IIS Security (IIS – Internet Information Service)

Virtual Private Network zswu

Presentation transcript:

Understand Network Isolation Part 2 LESSON 3.3_B Security Fundamentals

LESSON 3.3_B Lesson Overview In this lesson, you will learn about:  VPN  Perimeter network  Honeypot  Server and domain isolation

Security Fundamentals LESSON 3.3_B Anticipatory Set Many risks are associated with VPNs because workstations connect to the network and measures need to be addressed to ensure that the risk is eliminated. 1. What are these risks? 2. How can you control access?

Security Fundamentals LESSON 3.3_B VPN and Perimeter Network  In a common configuration the firewall is connected to the Internet and the VPN server is another intranet resource connected to a perimeter network. o The perimeter network is an IP network segment that typically contains resources available to Internet users such as Web servers and FTP servers. o The VPN server has an interface on the perimeter network and an interface on the intranet.  The firewall must be configured with input and output filters on its Internet interface to allow the passing of tunnel maintenance traffic and tunneled data to the VPN server.  Additional filters can allow the passing of traffic to Web servers, FTP servers, and other types of servers on the perimeter network.

Security Fundamentals LESSON 3.3_B VPN and Perimeter Network (continued)

Security Fundamentals LESSON 3.3_B VPN  A virtual private network.  The extension of a private network that encompasses links across shared or public networks like the Internet.  Enables you to send data between two computers across a shared or public internetwork in a manner that emulates the properties of a point- to-point private link.  Configuring and creating a virtual private network is known as virtual private networking.

Security Fundamentals LESSON 3.3_B VPN (continued)

Security Fundamentals LESSON 3.3_B Basic VPN Scenario  Used to facilitate controlled access to organization resources and information.  Must allow roaming or remote clients to connect to LAN resources.  Must allow remote offices to connect to each other to share resources and information (router-to-router connections).  Must ensure the privacy and integrity of data.  Helps reduce the risk of network-borne security threats.  Therefore, a VPN solution should provide at least all of the following:  User Authentication  Address Management  Data Encryption  Key Management

Security Fundamentals LESSON 3.3_B Basic VPN Elements Honeypots  Performs a function very similar to that of a “honeypot” in the outside world: a sweet lure.  Used to attract the attention of prospective attackers, to learn how they are attempting to infiltrate the system and what they would likely do once they gain access.  There are literally thousands of honeypot networks and systems available from security professionals and hobbyists. o Can provide a wealth of information in assessing trends in network intrusion.

Security Fundamentals LESSON 3.3_B Basic VPN Elements (continued) Server and Domain Isolation  A solution based on Microsoft ® Windows ® Internet Protocol security (IPsec) and the Active Directory ® Domain Services enables administrators to dynamically segment their Windows environment into more secure and isolated logical networks based on policy and without costly changes to their network infrastructure or applications.  Benefits: o Creates an additional layer of protection. o Helps better protect against costly network attacks. o Helps prevent unauthorized access to trusted networked resources. o Achieves regulatory compliance. o Reduces operational costs.

Security Fundamentals LESSON 3.3_B Server and Domain Isolation

Security Fundamentals LESSON 3.3_B Lesson Review A few useful tools for Intrusion Detection and Integrity Analysis are:  Tripwire: (sourceforge.net/projects/tripwire/) For monitoring data integrity. It takes a snapshot of a system binaries (or other directory), creates a checksum, checks system integrity, and reports any deviation.  The Coroner's Toolkit: ( A suite of utilities for checking running process and file/filesystem information, recent changes, and other such information.  Snort: ( A great tool for traffic analysis and intrusion detection. There is a great FAQ on the website.  Chkrootkit: (freshmeat.net) A utility for identifying rootkits installed on the system.