Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter Fifteen Working with Network Security. Objectives To discover what dangers lurk in that great big world To examine the basic concepts of security.

Published byRoss Benson Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter Fifteen Working with Network Security. Objectives To discover what dangers lurk in that great big world To examine the basic concepts of security."— Presentation transcript:

1 Chapter Fifteen Working with Network Security

2 Objectives To discover what dangers lurk in that great big world To examine the basic concepts of security To find out when you might have too much security To learn what security features are offered by the NOS To find out what makes a good password policy To review data encryption To learn to block out unwanted visitors To examine some security protocols

3 What Are the Dangers? Data accessed or destroyed by intruders Data accessed or destroyed from the inside Physically stolen data or equipment Data lost or corrupted due to equipment failure Protecting against viruses

4 Some Security Considerations Physical security –Equipment and drives must be protected from theft. Environmental damage Levels of risk –Just how sensitive is your data?

5 Physical Security Hard disks are easily removed. –The data can be extracted at leisure in a safe location. A physical disaster can destroy the equipment housing your critical data.

6 Environmental Damage The Tsunami of 2005 showed how much damage nature can wreak. Voltage surges and/or static electricity can cause data loss.

7 Risk Levels Low risk –Loss or damage to data will not cause an interruption of business or personal risk to people. Medium risk –Loss or damage to data results in noticeable disruption of workflow and/or involves putting people at noticeable risk. High risk –Loss or damage to data could bring the company to a standstill and/or cause serious harm to people.

8 Can You Have Too Much Security? If files or other resources can’t be accessed by the people who need them… If passwords are made too difficult for the average person to remember… Three levels of firewalls to protect your saved Redneck Rampage games might be a bit much.

9 Opening Doors to the Outside Internet access and Email are now essential parts of doing business. Work at home users need to be able to log in remotely. Customer support might require maintaining an accessible intranet.

10 Guarding the Gates Firewalls can limit access from the outside Access control lists on a router interface Securing remote access services (RAS) connections

11 Security in the NOS A network operating system will include a certain degree of security. –Share level versus security user level (discussed earlier) –User authentication (discussed earlier) –File system security –Securing printing devices –Directory services IPSec Kerberos

12 File System Security The Novell File System and NTFS both provide extensive security barriers. –Each one provides different permissions to resources. –Each one allows you to monitor users and what they’re doing on the network.

13 Windows Permissions Full control Modify Read and execute List folder contents Read Write

14 Novell Permissions Browse Create Delete Inheritance control Rename Supervisor

15 A Good Password Policy Never reveal your password to anyone. Force periodic password changes. Do not use common names or words in a password. Mix alpha and numeric characters with a nice mix of punctuation. Mix upper and lower-case letters. Force a minimum password length. Don’t allow repeat passwords to be used.

16 Data Encryption NTFS 5.0 provides the Encrypting File System. –Allows users to individually encrypt files or folders –Provides a recovery agent for getting back lost data –Uses a 128-bit encryption key

17 Basic Rules for Using Encryption Make sure a recovery agent is assigned and trained. Be careful who you choose as a recovery agent. Don’t use it if you don’t need it.

18 Building Barriers Firewalls Proxy servers Access lists

19 Firewalls They can be an application gateway or a circuit gateway. –A circuit gateway directs all outbound traffic to a certain point. –The source IP address is substituted with that of the gateway. –Application gateways work on the software level and mask IP addresses. All firewalls can filter packets by IP address or protocol; more advanced firewalls filter by content.

20 Proxy Servers A single machine provides access to the outside world (similar to a circuit gateway). Private IP addressing is used inside the network. Only the ISP-assigned IP address of the proxy server is visible to the outside world. They can cache frequently accessed pages to provide faster Internet browsing for users.

21 Access Lists Configured as either inbound or outbound lists on the interface of a router Can filter traffic by IP address, protocol, host name, MAC address, or content Outbound traffic can have different rules than inbound traffic

22 Security Protocols Secure Socket Layers Transport Layer Security Secure Multipurpose Internet Mail Extensions IPSec Kerberos

23 Defense Against Viruses Viruses and other malevolent code can do any of the following: –Bring performance to a crawl –Destroy or redirect data to unauthorized people –Render a machine unbootable –Turn an otherwise harmless machine into a SPAM redirector

24 Types of Malevolent Code Viruses Worms Trojan horses Logic bombs Trap doors Embedded macros

25 Good Antivirus Procedures Install an effective antivirus solution. Keep all updates and patches up to date. Regularly update signature files. Scan all incoming files as though your life depended on it.

26 The Virtual LAN It allows a few devices on a network to communicate as if they are a self-contained network. Make use of an intelligent switch configured to create the VLAN.

27 Static VLANs All devices on a single switch are part of the VLAN. Data from other parts of the network can’t get in. Data from the VLAN doesn’t get out to the rest of the network.

28 Dynamic VLANs It requires a switch with intelligent management capability. Switches are configured to group devices together using a list of MAC addresses, by the applications running on systems or by protocol.

Download ppt "Chapter Fifteen Working with Network Security. Objectives To discover what dangers lurk in that great big world To examine the basic concepts of security."

Similar presentations

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.

Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.
Secure Network Design: Designing a Secure Local Area Network IT352 | Network Security |Najwa AlGhamdi1 Case Study

Secure Network Design: Designing a Secure Local Area Network IT352 | Network Security |Najwa AlGhamdi1 Case Study
Firewall Slides by John Rouda

Firewall Slides by John Rouda
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

Similar presentations

Ads by Google