Presentation is loading. Please wait.

Presentation is loading. Please wait.

Purpose Present Drivers and Context for Firewalls Define Firewall Technology Present examples of Firewall Technology Discuss Design Issues Discuss Service.

Published byHoward Blankenship Modified over 9 years ago

Similar presentations

Presentation on theme: "Purpose Present Drivers and Context for Firewalls Define Firewall Technology Present examples of Firewall Technology Discuss Design Issues Discuss Service."— Presentation transcript:

1

2 Purpose Present Drivers and Context for Firewalls Define Firewall Technology Present examples of Firewall Technology Discuss Design Issues Discuss Service and Support Issues Exchange Ideas and Concerns about Risk, Security and Firewalls

3 NOT An unveiling of a firewall service at SU A definition of a firewall service A forum for final decisions An exhaustive technical presentation A specific review of SU implementations

4 Data

5 Category A

6 Client

7 Access

8 Security

9 S = 1/A

10 Remote

11 Wireless

12 Risk

13 Mitigation

14 Affiliation

15 Authentication

16 Authorization

17 Host

18 Firewall

19 Balance

20 Packet

21 Header

22 Source

23 Destination

24 Port

25 Firewall

26 Router

27 Classic

28

29 Rules

30 Permit

31 Deny

32 Established

33 Tiers

34

35 Layers

36 Zones

37 Vulnerabilities

38 Horizontal

39 Vertical

40 Development

41 Production

42 NOT An unveiling of a firewall service at SU A definition of a firewall service A forum for final decisions An exhaustive technical presentation A specific review of SU implementations

43 Service

44

45 SPOC

46 Inventory

47 Questions APPLICATION INVENTORY FOR FIREWALL What is the name of the application? What are the names, locations, OS types, and IP addresses of the computers that host the application? Include the TCP ports that the application uses. Are there unique development and/or testing environments? If yes to #3, will the application use http or https or both? What measures of usage do you have? Are there peak periods of usage? Is there a web server component to the application? If yes, on which computer will it be installed? Is there a database component to the application? If yes, on which computer(s) will it be installed? If yes to #7, is the data sensitive University data – data that is protected by one of the Federal Privacy Acts? If there a unique application layer that mediates between the web services and the database services? If yes, on which computer(s) will it be installed? Who will install, upgrade and maintain the application? These are the application supporters. Will the application supporters need direct access to the web, application and/or database server? Will Firewall Exceptions rules be needed to grant this access? Are the application supporters Stanford employees or outside vendors/contractors? How is change managed in the application? What are the maintenance windows? Will the servers need AFS access? Will the servers need NFS access? Will the servers need Kerberos access? How will the servers be backed up? Will the servers need NTP access? What Windows domain will the servers be using? What type of ongoing service monitoring will be in place? Who is the appropriate person to make Security decisions about the application? How many users do you expect to be using the application? What is the user authentication that will be used for the application?

48 Pictures

49 Rules

50 Risk

51 Escalation

52 Moves

53 Acceptance

54 Troubleshooting

55 VPN

56

57 Monitoring

58 Audit

59 Costs

60 Numerator

61 Denominator

62 Risk Costs

Download ppt "Purpose Present Drivers and Context for Firewalls Define Firewall Technology Present examples of Firewall Technology Discuss Design Issues Discuss Service."

Similar presentations

DMZ (De-Militarized Zone)

DMZ (De-Militarized Zone)
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Module 5: Configuring Access to Internal Resources.

Module 5: Configuring Access to Internal Resources.
Firewalls : usage Data encryption Access control : usage restriction on some protocols/ports/services Authentication : only authorized users and hosts.

Firewalls : usage Data encryption Access control : usage restriction on some protocols/ports/services Authentication : only authorized users and hosts.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
Firewall Configuration Strategies

Firewall Configuration Strategies
1 Firewalls at Stanford: May 14, 2004 Sunia Yang The Group Formerly Known as Networking.

1 Firewalls at Stanford: May 14, 2004 Sunia Yang The Group Formerly Known as Networking.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Chapter 12 Network Security.

Chapter 12 Network Security.
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.

A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.

Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.
Stephen S. Yau 1CSE 465-591, Fall 2006 Firewalls.

Stephen S. Yau 1CSE , Fall 2006 Firewalls.
Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
Network Security (Firewall) Instructor: Professor Morteza Anvari Student: Xiuxian Chen ID: 93036 Term: Spring 2001.

Network Security (Firewall) Instructor: Professor Morteza Anvari Student: Xiuxian Chen ID: Term: Spring 2001.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

Similar presentations

Ads by Google