Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Published byBarnard Spencer Modified over 9 years ago

Similar presentations

Presentation on theme: "Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions."— Presentation transcript:

1 Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions

2 Session Overview Network Perimeter Security Protecting the Network Virtual Private Networking

3 Purpose and Limitations of Perimeter Defenses Properly configured firewalls and border routers are the cornerstone for perimeter security The Internet and mobility increase security risks VPNs have exposed a destructive, pernicious entry point for viruses and worms in many organizations Traditional packet-filtering firewalls only block network ports and computer addresses Most modern attacks occur at the application layer

4 Securing the Network Perimeter: What Are the Challenges? Internet Main office Remote user Business partner Branch office Wireless Challenges Include: Determining proper firewall design Access to resources for remote users Effective monitoring and reporting Need for enhanced packet inspection Security standards compliance Challenges Include: Determining proper firewall design Access to resources for remote users Effective monitoring and reporting Need for enhanced packet inspection Security standards compliance

5 Malicious traffic that is passed on open ports and not inspected by the firewall Any traffic that passes through an encrypted tunnel or session Attacks after a network has been penetrated Traffic that appears legitimate Users and administrators who intentionally or accidentally install viruses Administrators who use weak passwords What Firewalls Do NOT Protect Against

6 Securing the Network Perimeter: What Are the Design Options? Back-to-back configuration Bastion host Three-legged configuration Web server Internal network Perimeter network Internet Internal network Perimeter network

7 Firewall Requirements: Multiple-Layer Filtering Packet filtering: Filters packets based on information in the network and transport layer headers Enables fast packet inspection, but cannot detect higher-level attacks Filters packets based on information in the network and transport layer headers Enables fast packet inspection, but cannot detect higher-level attacks Stateful filtering: Filters packets based on the TCP session information Ensures that only packets that are part of a valid session are accepted, but cannot inspect application data Filters packets based on the TCP session information Ensures that only packets that are part of a valid session are accepted, but cannot inspect application data Application filtering: Filters packets based on the application payload in network packets Can prevent malicious attacks and enforce user policies Filters packets based on the application payload in network packets Can prevent malicious attacks and enforce user policies

8 Configuring ISA Server to Secure the Network Perimeter Use ISA Server to: Provide firewall functionality Publish internal resources such as Web or Exchange servers Implement multilayer packet inspection and filtering Provide VPN access for remote users and sites Provide proxy and caching services LAN Server User Remote User VPN Internet Exchange Server Web Server ISA Server Web Server

9 Implementing Network Templates to Configure ISA Server 2004 Deploy the Single Network Adapter template for Web proxy and caching only Back-to-back configuration Bastion host Three-legged configuration Web server Internal network Perimeter network Deploy the Edge Firewall template Deploy the Front end or Back end template Deploy the Front end or Back end template Deploy the 3-Leg Perimeter template Deploy the 3-Leg Perimeter template Internet

10 Session Overview Network Perimeter Security Protecting the Network Virtual Private Networking

11 Protecting the Network: What Are the Challenges? Challenges related to protecting the network layer include: Balance between security and usability Lack of network-based detection or monitoring for attacks Balance between security and usability Lack of network-based detection or monitoring for attacks

12 Implementing Network-Based Intrusion-Detection Systems Important points to note: Network-based intrusion-detection systems are only as good as the process that is followed once an intrusion is detected ISA Server 2004 provides network-based intrusion- detection abilities Network-based intrusion-detection systems are only as good as the process that is followed once an intrusion is detected ISA Server 2004 provides network-based intrusion- detection abilities Provides rapid detection and reporting of external malware attacks Network-based intrusion-detection system

13 Implementing Application Layer Filtering Application layer filtering includes the following: Web browsing and e-mail can be scanned to ensure that content specific to each does not contain illegitimate data Deep content analyses, including the ability to detect, inspect, and validate traffic using any port and protocol

14 Protecting the Network: Best Practices Have a proactive antivirus response team monitoring early warning sites such as antivirus vendor Web sites Have an incident response plan Implement automated monitoring and report policies Implement ISA Server 2004 to provide intrusion- detection capabilities

15 Session Overview Network Perimeter Security Protecting the Network Virtual Private Networking

16 Virtual Private Networking: What Are the Challenges? VPNs provide a secure option for communicating across a public network VPNS are used in two primary scenarios: VPNs provide a secure option for communicating across a public network VPNS are used in two primary scenarios: Network access for remote clients Network access between sites Network access for remote clients Network access between sites VPN quarantine control provides an additional level of security by providing the ability to check the configuration of the VPN client machines before allowing them access to the organization’s network

17 Understanding Quarantine Networks Standard features of a quarantine network include: Typically restricted or blocked from gaining access to internal resources Provides a level of connectivity that allows temporary visitors’ computers to work productively without risking the security of the internal network Currently only available for VPN remote access solutions

18 How Does Network Quarantine Work? ISA Server DNS Server Web Server Domain Controller File Server Quarantine script VPN Quarantine Clients Network VPN Clients Network RQC.exe Quarantine remote access policy ISA server DNS server Web server Domain controller File server Quarantine script Quarantined VPN Clients Network VPN clients network Rqc.exe Quarantine remote access policy

19 Session Summary Properly configured firewalls and border routers are the cornerstone for perimeter security Use an appropriate firewall design Firewalls do not protect against bad security practices Implement a firewall that provides multiple layer filtering ISA Server 2004 provides network-based intrusion-detection abilities VPN quarantine control provides an additional level of security

20 Next Steps Find additional security training events: http://www.microsoft.com/seminar/events/security.mspx Sign up for security communications: http://www.microsoft.com/technet/security/signup/default. mspx Get additional security information on ISA Server: http://www.microsoft.com/technet/security/prodtech/isa/ default.mspx

21 Questions and Answers

22 pkiernan@ward.ie www.ward.ie

Download ppt "Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions."

Similar presentations

Encrypting Wireless Data with VPN Techniques

Encrypting Wireless Data with VPN Techniques
Module 13: Implementing ISA Server 2004 Enterprise Edition: Site-to-Site VPN Scenario.

Module 13: Implementing ISA Server 2004 Enterprise Edition: Site-to-Site VPN Scenario.
Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Microsoft Internet Security and Acceleration (ISA) Server 2004 Technical Overview

Microsoft Internet Security and Acceleration (ISA) Server 2004 Technical Overview
Network Security Essentials Chapter 11

Network Security Essentials Chapter 11
Lecture slides for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 9 “Firewalls and Intrusion Prevention.

Lecture slides for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 9 “Firewalls and Intrusion Prevention.
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Chapter 19: Computer and Network Security Techniques Business Data Communications, 6e.

Chapter 19: Computer and Network Security Techniques Business Data Communications, 6e.
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
Lecture 14 Firewalls modified from slides of Lawrie Brown.

Lecture 14 Firewalls modified from slides of Lawrie Brown.
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
Firewall Configuration Strategies

Firewall Configuration Strategies
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Chapter 12 Network Security.

Chapter 12 Network Security.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

Similar presentations

Ads by Google