Presentation is loading. Please wait.

Presentation is loading. Please wait.

Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd."— Presentation transcript:

1

2 Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd

3 School Network Internet WebSAMS HTTP Server Router Workstations Wifi Network Attack WebSAMS Server WebSAMS Crystal Report Workstation Network Firewall Teachers ServerIntranet Server Server Attack Security Vulnerabilities  Systems (Win2000, RH7.2)  Application (Web, PhPBB, FTP) Security Vulnerabilities  Systems (Win2000, RH7.2)  Application (Web, PhPBB, FTP) General Suggestions: Security Audit Upgrade Firewall Update Systems and Applications FREQUENTLY Change Password FREQUENTLY General Suggestions: Security Audit Upgrade Firewall Update Systems and Applications FREQUENTLY Change Password FREQUENTLY Application Firewall

4 School Network Internet WebSAMS HTTP Server Router Workstations Wifi WebSAMS Server WebSAMS Crystal Report Workstation Network Firewall Teachers ServerIntranet Server General Suggestions: Security Audit Upgrade Firewall Update Systems and Application FREQUENTLY Change Password FREQUENTLY General Suggestions: Security Audit Upgrade Firewall Update Systems and Application FREQUENTLY Change Password FREQUENTLY Application Firewall Difficulties in Daily Operation: Method and types of attacks change rapidly, difficult for schools to follow the latest updates. Heavy teaching work load makes it difficult to maintain and update such an complicated network security environment by teachers themselves. Limited resources for schools to afford expensive solutions and services for commercial use. Many companies only sell products and lack skills, knowledge and the right to modify the product they provide. Difficulties in Daily Operation: Method and types of attacks change rapidly, difficult for schools to follow the latest updates. Heavy teaching work load makes it difficult to maintain and update such an complicated network security environment by teachers themselves. Limited resources for schools to afford expensive solutions and services for commercial use. Many companies only sell products and lack skills, knowledge and the right to modify the product they provide.

5 School Network Internet WebSAMS HTTP Server Router Workstations Wifi WebSAMS Server WebSAMS Crystal Report Workstation Network Firewall Teachers ServerIntranet Server Application Firewall  Regular update managed by Professional Team who developed SCHOOLWALL.  Tailored for Schools in Hong Kong.  User Friendly Interface – reduce time to learn and operate.  Affordable price  Regular update managed by Professional Team who developed SCHOOLWALL.  Tailored for Schools in Hong Kong.  User Friendly Interface – reduce time to learn and operate.  Affordable price

6 School Network Internet WebSAMS HTTP Server Router Workstations Wifi Network Attack WebSAMS Server WebSAMS Crystal Report Workstation Network Firewall Teachers ServerIntranet Server Server Attack Security Vulnerabilities  Systems (Win2000, RH7.2)  Application (Web, PhPBB, FTP) Security Vulnerabilities  Systems (Win2000, RH7.2)  Application (Web, PhPBB, FTP) General Suggestions: Security Audit Upgrade Firewall Update Systems and Application FREQUENTLY Change Password FREQUENTLY General Suggestions: Security Audit Upgrade Firewall Update Systems and Application FREQUENTLY Change Password FREQUENTLY Application Firewall Difficulties in Daily Operation: Method and types of attacks change rapidly, difficult for schools to follow the latest updates Limited resources for schools to afford expensive solutions and services for commercial use. Heavy teaching work load make it difficult to maintain and update such an complicated network security environment by teachers themselves. Many companies only sell products and lack skills, knowledge and the right to upgrade the product they provide. Difficulties in Daily Operation: Method and types of attacks change rapidly, difficult for schools to follow the latest updates Limited resources for schools to afford expensive solutions and services for commercial use. Heavy teaching work load make it difficult to maintain and update such an complicated network security environment by teachers themselves. Many companies only sell products and lack skills, knowledge and the right to upgrade the product they provide.

7 Latest and Upgraded Functions: User Friendly Interface Packet Filtering URL Filtering Classroom Control Finer access control Bandwidth control Application Protection Web FTP Email Statistics Expansion Module

8 New User Friendly Interface

9 NAT Mapping Filter Rule Packet Filtering Static NAT

10 URL Filtering Transparent Proxy (TCP/Port 80) Global default deny list Configuration – Control Areas: Domain, Keyword, URL, IP address – Permit: Allow exceptions in global deny list – Deny: Deny additional objects in control areas – No-Cache: Do not cache specific domains / IPs – My Domains: Permit all and do not cache self domains sites

11 URL Filtering Transparent Proxy (TCP/Port 80) Global default deny list

12 Classroom Control Additional control on a set of fixed IP addresses – Examples: IP range for staff, computer rooms Domain Blocking / Unblocking – Allow List : Default deny all but allow exception in domains – Deny List : Adding domain block list to global deny list – Deny All : Deny all access, no exceptions – Allow All : Allow all access (no blocking) Bandwidth Control – Guarantee Bandwidth – Maximum Bandwidth

13 Example of adding “Deny List” URL filter Sendspace.com + Classroom Control + Zone control “Deny List” yahoo.com

14 G – Guarantee Bandwidth M – Maximum Bandwidth Maximum Bandwidth limt the download speed Testing URL: ftp://download.speedtest.com.hk/100mb.zip Bandwidth Control Classroom Control

15 Application Protection - Web Setting up Receiving Request Analysis Denied If not allowed Example of blocking SQL injection

16 Application Protection - FTP Set a password retry limit to the connection. If exceed the limit, the IP will be banned for a fixed period of time.

17 Application Protection - Email Anti-spam mechanisms: DNSBL Greylisting SPF DKIM Sender White / Black Listing Self define White / Black list Sender blacklisting

18 Statistics - N etwork Traffic Bandwidth Graphs

19 Email Gateway Statistics Statistics - N etwork Traffic

20 Expansion Module – Server Certificate

21 Comparison Network ProtectionInvestmentConsequence No Firewall$0Serious! Self Developed Firewall Time of Teachers Very difficult to upgrade Commercial Firewall Very Expensive Lack maintenance and support Very Affordable Install, Update, Upgrade, Support - VPN, Lab, Proxy, Filter

22 ~The End~ Thank you!

Download ppt "Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd."

Similar presentations

TrustPort Net Gateway Email traffic protection. WWW.TRUSTPORT.COM Keep It Secure Entry point protection –Clear separation of the risky internet and secured.

TrustPort Net Gateway traffic protection. Keep It Secure Entry point protection –Clear separation of the risky internet and secured.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Fall 2008CS 334: Computer Security1 Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for.

Fall 2008CS 334: Computer Security1 Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for.
Security Firewall Firewall design principle. Firewall Characteristics.

Security Firewall Firewall design principle. Firewall Characteristics.
Firewall Configuration Strategies

Firewall Configuration Strategies
Firewall Ercan Sancar & Caner Sahin. Index History of Firewall Why Do You Need A Firewall Working Principle Of Firewalls Can a Firewall Really Protect.

Firewall Ercan Sancar & Caner Sahin. Index History of Firewall Why Do You Need A Firewall Working Principle Of Firewalls Can a Firewall Really Protect.
Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.

Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Beth Johnson April 27, 1998. What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.

Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.
Computer Network (MASQ/NAT/PROXY)

Computer Network (MASQ/NAT/PROXY)
Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.

Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.
Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.

Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.
Computer Networks IGCSE ICT Section 4.

Computer Networks IGCSE ICT Section 4.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Firewall Slides by John Rouda

Firewall Slides by John Rouda
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.

Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.

Similar presentations

Ads by Google