Download presentation
Presentation is loading. Please wait.
Published byEvan Collins Modified over 9 years ago
1
Joe Budzyn Jeff Goeke-Smith Jeff Utter
2
Risk Analysis Match the technologies used with the security need Spend time and resources covering the most likely and most expensive risks
3
Firewalls What is a firewall? A technology for the selective allowance of network traffic. Types of firewalls Stateful or Stateless Software or Hardware Border or Intranet
4
Firewalls Rule Set Methodology Mostly Open Mostly Closed Zones Untrust Trust DMZ
5
IDS / IPS Network Device that identifies and optionally stops hostile network traffic Signature based detection Signatures can match on packet content Signatures can match on behavior Deployed at network choke points Generally in conjunction with a firewall Border of an office, a workgroup, a building, or a campus
6
Encryption Encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. Public Key / Private Key Pre-shared Key Example Uses Disk Encryption, File Encryption Secure Email (i.e. PGP)
7
VPN Network tunnel over a more general network Implies channel encryption, authentication, authorization May be used to avoid firewalls and IPS/IDS systems on the path of the tunnel Deployed next to firewalls for remote access or administrative access.
8
Secure Remote Access Remote Desktop Client SSH Network Tunnels Two Factor Authentication Key Based Authentication
9
Tripwire Tripwire watches for changes to files for monitored systems. Enterprise Tripwire runs with a server and clients. Remote monitoring of changes, with alerts. Ability to approve or roll back some changes. Useful in the detection of intentional and unintentional changes.
10
Network Flow Analysis Look for ‘odd’ behavior rather than ‘odd’ content. Traffic sent to an analysis engine via a mirror, or summarized by the routers Multiple products exist with differing emphasis Arbor Networks Q1 labs
11
Anti-Malware Malware is any piece of malicious code or a program that embeds itself onto a computer without the user’s knowledge. Examples Virus Spam Trojan Root kit Spyware Adware Key Logger
12
Anti-Malware What to do about it? DON’T OPEN ATTACHMENTS THAT YOU ARE NOT EXPECTING. ○ ESPECIALLY IF YOU DON’T TRUST THE SOURCE Keep an up to date Anti-Malware application (or suite) installed and running. ○ Many different vendors and some free apps do this.
13
Security Practices - Servers Patch Management All systems are vulnerable, patching makes them less so Log Analysis Learn what is normal, then watch for the abnormal Secure Configuration Pick a standard and follow it
14
Security Practices - Users All users on the network are integral to overall security User Education Campaigns User Policy Tools Group Policy, reviewing logs
15
Denial of Service Protection Types of DoS UDP flood, SYN flood, ICMP flood, backscatter, distributed, packet of death, BGP route injection Type of protection Routing infrastructure Firewalls Special adaptive devices
16
Advanced Network Tricks Honey Pots – a weakened computer meant to attract attackers Tar Pits – a series of fake computers meant to slow attackers down Dark Nets – a network of fake computers meant to determine what attackers are doing
17
Managing Your Identities Common complaint: I have too many passwords to remember! This may lead to sticky notes under keyboards Password Wallet or Password Safe Public key / private key encryption Password generation algorithms
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.