Presentation is loading. Please wait.

Presentation is loading. Please wait.

UNIT 7 SEMINAR Unit 7 Chapter 9, plus Lab 13 Course Name – IT482 Network Design Instructor – David Roberts – Office Hours: Tuesday.

Similar presentations


Presentation on theme: "UNIT 7 SEMINAR Unit 7 Chapter 9, plus Lab 13 Course Name – IT482 Network Design Instructor – David Roberts – Office Hours: Tuesday."— Presentation transcript:

1 UNIT 7 SEMINAR Unit 7 Chapter 9, plus Lab 13 Course Name – IT482 Network Design Instructor – David Roberts Email – droberts@kaplan.edu Office Hours: Tuesday 9:00 PM ET and Thursday 11:00 PM ET

2 UNIT 6 REVIEW Covered last week … Chapter 7 Network Management Architecture Defining Network Management Network Devices and Characteristics Network Management Mechanisms Monitoring, Instrumentation and Configuration Mechanisms Architectural Considerations In-band management, Out-of-band management, Centralized, distributed and hierarchical management, Scaling network management traffic, Checks and balances, Managing network management data, MIB selection, Integration of OSS (operations support systems) Chapter 8 Performance Architecture Developing Goals for Performance Performance Mechanisms QoS, Prioritization, Traffic Management, Scheduling, Queuing, SLAs Architectural Considerations

3 UNIT 7 Security and Privacy Architecture Security – integrated within all areas of the network and impacts all other functions on the network. Network Security - the protection of networks and their services from unauthorized access, modification, destruction and disclosure. Network Privacy – a subset of network security, focusing on protection of networks and their services from unauthorized access or disclosure. Three security considerations: protecting the integrity, confidentiality and authentication of the network and system resources and data (CIA)

4 UNIT 7 Developing a Security and Privacy Plan What are we trying to solve, add, or differentiate by adding security mechanisms to this network? Are security mechanisms sufficient for this network? Common areas addressed: Which resources need to be protected What problems (threats) are we protecting against The likelihood of each problem (threat)

5 UNIT 7 Security and Privacy Administration Threat Analysis - a process used to determine which components of the system need to be protected and the types of security risks (threats) they should be protected from. Potential Assets and Threats to be Analyzed

6 UNIT 7 Threat Analysis Worksheet Developing a threat analysis identifies the assets to be protected and identifies the possible threats.

7 UNIT 7 Policies and Procedures Formal statements on the rules for system, network, and information access and use, in order to minimize exposure to security threats. Clarifies for users what security threats are and what can be done to reduce them. Types: Deny Specifics/ Accept Everything Else OR Accept Specifics/Deny Everything Else

8 UNIT 7 Physical Security and Awareness Physical Security – protection of devices from physical access, damage, and theft. Examples: access-control rooms, backup power sources, off-sight storage, alarm systems, etc.

9 UNIT 7 Protocol and Application Security Transport Mode of IPSec Use of common protocol and application security mechanisms: IPSec, SNMP, and packet filtering

10 UNIT 7 Encryption and Decryption A security mechanism where cypher algorithms are applied together with a secret key to encrypt data. Two types: public key and private key. Public Key Infrastructure (PKI) – combines security mechanisms with policies and directives. Secure Sockets Layer (SSL) and Transport Layer Security (TLS)- allow client/server applications to communicate across a network Tradeoff in performance

11 UNIT 7 Network Perimeter and Remote Access Security Network Perimeter – protecting external interfaces – use of NAT and NAPT (network address port translation) and firewalls Remote Access – protecting dial-in, point-to-point sessions and VPN connections. Authentication of users and authorization of devices, NAS (network access server), RADIUS, etc.

12 UNIT 7 Architectural Considerations Security mechanisms applied where needed Example: Apply security mechanisms to architectural model Access/Distribution/Core Architectural Model

13 UNIT 7 Architectural Considerations Security zones - Embedded within each other Defense-in-depth

14 UNIT 7 Security and Performance Security architecture includes trade-offs, dependencies and constraints High security can disrupt traffic flows and reduce performance.

15 LAB 11 Lab 13 in Experiments Manual Applications – analyze the performance of an application protocol and the relation between network protocols. Questions 1 through 4 for the lab.


Download ppt "UNIT 7 SEMINAR Unit 7 Chapter 9, plus Lab 13 Course Name – IT482 Network Design Instructor – David Roberts – Office Hours: Tuesday."

Similar presentations


Ads by Google