Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 11: Secure Network Architecture and Securing Network Components.

Published byRussell Dawson Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 11: Secure Network Architecture and Securing Network Components."— Presentation transcript:

1 Chapter 11: Secure Network Architecture and Securing Network Components

2 OSI Model History of the OSI Model OSI functionality Encapsulation/deencapsulation OSI layers

3 History of the OSI Model Developed after TCP/IP was created Abstract framework Theoretical model Common reference point

4 OSI Functionality Seven layers Manages information flow Layers communicate with layers directly above and below Supports peer-layer communication

5 Encapsulation/Deencapsulation Flow of information up or down protocols stack Adding headers and footers Removing headers and footers Calculating checksums

6 OSI Layers 1 – Physical 2 – Data link 3 – Network 4 – Transport 5 – Session 6 – Presentation 7 – Application

7 TCP/IP Model DoD or DARPA model Four layers – Application/Process – Transport/Host-to-host – Internet/Internetworking – Link

8 TCP/IP Protocol TCP and UPD – Ports: 65,536 – TCP header flags: SYN, ACK, FIN, RST IPv4 vs. IPv6 ICMP IGMP ARP

9 Common Application Protocols 1/2 Telnet FTP TFTP SMTP POP IMAP DHCP

10 Common Application Protocols 2/2 HTTP SSL/TLS LPD X Windows BootP NFS SNMP

11 Converged Protocols FCoE MPLS iSCSI VoIP SDN Content distribution networks

12 Wireless Networks Securing wireless access points Securing the SSID Conducting a site survey Using secure encryption protocols Determining antenna placement Antenna types Adjusting power-level controls Using captive portals

13 Securing Wireless Access Points 802.11, 11a, 11b, 11g, 11n 802.1x Infrastructure vs. ad hoc mode SSID

14 Securing the SSID BSSID ESSID Disable SSID broadcast Beacon frame

15 Conducting a Site Survey Signal strength measurements Used to optimize deployment of base stations Minimize external access

16 Using Secure Encryption Protocols OSA, SKA WEP WPA – TKIP WPA2 – CCMP 802.1x/EAP PEAP, LEAP MAC filter

17 Determining Antenna Placement Based on site survey Centrally located Avoid emanation obstructions Avoid emanation reflective surfaces

18 Antenna Types Omnidirectional Unidirectional Yagi Cantenna Panel Parabolic

19 Adjusting Power-Level Controls Set by manufacturer May be adjustable in software Based on site survey results Maintain reliable connections internally Minimize connections externally

20 Using Captive Portals Authorization system Forced interaction with control page May require payment, logon credentials, or access code Displays use policies Often found on public access wireless networks

21 General Wi-Fi Security Procedure Security steps Secure network components Network access control Firewalls Endpoint security Other network devices

22 Security Steps Change default password Disable SSID broadcast Change SSID Enable MAC filtering Consider using static IP addresses Use WPA2 Use 802.1x Use a firewall, VPN, IDS

23 Secure Network Components Intranets, extranets Network segmentation Boost performance Reduce communication issues Provide security VLANs, routers, firewalls DMZ

24 Network Access Control Prevent/reduce zero-day attacks Enforce security policy Use identities to perform access control Preadmission vs. postadmission

25 Firewalls Filtering between network segments Static packet filtering Application-level gateway Circuit-level gateway Stateful inspection Multihomed Deployment architectures

26 Endpoint Security Local security on each device Reduce network weaknesses Use appropriate security measures on every system

27 Other Network Devices Repeaters, concentrators, amplifiers Hubs Modems Bridges, switches Routers, brouters Gateways Proxies LAN extenders

28 Cabling, Wireless, Topology, and Communications Technology Network cabling Network topologies Wireless communications and security LAN technologies

29 Network Cabling LAN vs. WAN Coax Baseband and broadband cables Twisted pair Fiber optic Conductors 5-4-3 rule

30 Network Topologies Ring Bus Star Mesh

31 Wireless Communications and Security Radio wave communications FHSS, DSSS, OFDM Cell phones Bluetooth (IEEE 802.15) Cordless phones Mobile devices

32 LAN Technologies Ethernet Token ring FDDI Analog vs. digital Synchronous vs. asynchronous Baseband vs. broadband Broadcast, multicast, unicast LAN media access – CSMA, CSMA/CD, CSMA/CA, token passing, polling

Download ppt "Chapter 11: Secure Network Architecture and Securing Network Components."

Similar presentations

Chapter 1: Introduction

Chapter 1: Introduction
IST 201 Chapter 9. TCP/IP Model Application Transport Internet Network Access.

IST 201 Chapter 9. TCP/IP Model Application Transport Internet Network Access.
v3.1 CIS151 Module 2 JEOPARDY K. MartinG. Valencia.

v3.1 CIS151 Module 2 JEOPARDY K. MartinG. Valencia.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Underlying Technology.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Underlying Technology.
Lab Practical 2 Study about different types of Networking Device

Lab Practical 2 Study about different types of Networking Device
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Communicating over the Network Network Fundamentals – Chapter 2.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Communicating over the Network Network Fundamentals – Chapter 2.
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
Network Concepts. Networks LAN WAN Main Concepts n Protocol n Media n Topology.

Network Concepts. Networks LAN WAN Main Concepts n Protocol n Media n Topology.
Introduction To Networking

Introduction To Networking
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 18 Introduction to Computer Networks.

CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 18 Introduction to Computer Networks.
OSI Reference Model An overview. Standards and the internet International Organization for Standardization ISO 70’s.

OSI Reference Model An overview. Standards and the internet International Organization for Standardization ISO 70’s.
COMPUTER NETWORKS.

COMPUTER NETWORKS.
Chapter 2 Review of Computer Network Technology

Chapter 2 Review of Computer Network Technology
OSI Model Routing Connection-oriented/Connectionless Network Services.

OSI Model Routing Connection-oriented/Connectionless Network Services.
LAN Review. What is a Network? A group of computers and devices connected together for the purpose of sharing resources and services.

LAN Review. What is a Network? A group of computers and devices connected together for the purpose of sharing resources and services.
Chapter 5: Computer Networks

Chapter 5: Computer Networks
MTA Networking Fundamentals

MTA Networking Fundamentals
TC 361 Data Networking Test Review

TC 361 Data Networking Test Review
Network Technology Foundations © 2004 ProsoftTraining All Rights Reserved.

Network Technology Foundations © 2004 ProsoftTraining All Rights Reserved.

Similar presentations

Ads by Google