network security
Download
Skip this Video
Download Presentation
NETWORK SECURITY

Loading in 2 Seconds...

play fullscreen
1 / 21

Network Security - PowerPoint PPT Presentation


  • 262 Views
  • Uploaded on

NETWORK SECURITY. Protecting NSU Technological Assets. Andrea Di Fabio – Information Security Officer. Agenda. Security Internet Connection Network Devices Wireless Devices Firewall and Port Filtering Encryption and VPN IDS and IPS Web Administration Latest Threats and Attacks Logs

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Network Security' - Rita


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
network security

NETWORK SECURITY

Protecting NSU Technological Assets

Andrea Di Fabio – Information Security Officer

agenda
Agenda
  • Security
    • Internet Connection
    • Network Devices
    • Wireless Devices
    • Firewall and Port Filtering
    • Encryption and VPN
    • IDS and IPS
    • Web Administration
    • Latest Threats and Attacks
    • Logs
    • Physical Security
  • Security Demo
    • IPS Console
    • Firewall Management & Logs
    • Authentication and Users Tracking
  • Supercomputing and Clusters
    • A Cluster Demo
securing technological assets
Securing Technological Assets

MISSION

  • Secure and Safeguard NSU Technological assets from unauthorized use.
  • Insure conformity to NSU policies
  • Proactively prevent system intrusion and misuse
  • Investigate and respond to threats
securing from outside attacks
Securing from Outside Attacks

FIREWALL

  • Nokia IP 530 w/ Checkpoint NG AI R55
  • 507 Mbps Firewall Throughput
  • 115 Mbps VPN Throughput
  • 155 Mbps Internet Connection (OC3)
securing from all attacks
Securing from All Attacks

Intrusion Prevention System (IPS)

  • TippingPoint UnityOne 2400
  • #1 IPS System in the market
  • 2 Gbps Wire Speed Throughput
  • ~11,000 Attacks/Exploits Prevention
  • Extensive Reporting
securing from outside attacks8
Securing from Outside Attacks

SPAM and EMAIL VIRUS PROTECTION

  • Spam is: Unsolicited Bulk Email (UBE)
    • Unsolicited means that the recipient has not granted verifiable permission for the message to be sent.
    • Bulk means that the message is sent as part of a larger collection of messages, all having substantively identical content.
  • A message is Spam only if it is both Unsolicited and Bulk.
  • How do we Protect from Spam?
    • BrightMail (a Microsoft Partner)
    • BL and WL
    • Content Filtering
securing from outside attacks10
Securing from Outside Attacks
  • A web access is initiated from the LAN
  • A content engine examines the request for policy compliance.
    • If the request is valid it forwards it to the cache
    • If the request is invalid it returns a message to the user.
  • The Web Cache intercepts the request
    • HIT - If the request is in cache it is served from the cache
    • MISS - If the request is not in cache it is forwarded to the internet
securing from outside attacks11
Securing from Outside Attacks

Web Administration and Caching

BEFORE

AFTER

securing from inside attacks
Securing from Inside Attacks

Latest Threats and Attacks

  • Computer Viruses and Worms
  • Adware, Spyware, Malware, Phishing, Pharming
  • Bots, Botnets and Rootkits
  • Buffer Overflows … attacking the stack
  • Secure yourself … the power of knowledge.
wireless security
Wireless Security

802.1X PEAP Authentication with Dynamic VLAN Assignment

security for the end user
Security for the End User

Windows and Office Updates

  • http://windowsupdate.microsoft.com
  • http://office.microsoft.com/en-us/officeupdate

Free Antivirus

  • Avast - http://www.avast.com
  • Avg - http://free.grisoft.com

Free Spyware / Malware Removal

  • MS Anti-Spyware (Beta) - http://www.microsoft.com
  • Adaware - http://www.lavasoftusa.com
  • Spybot S&D - http://www.safer-networking.org
future enhancements
Future Enhancements

Previous Wish-List

  • Physical Security
    • Biometrics?
    • IP Cameras
    • Access Control
  • Network Security
    • Network Admission Control (NAC)
    • Virtual Private Network (VPN)
    • Network Intrusion Detection System (NIDS)

Current Wish-List

  • Physical Security
    • Biometrics?
  • Network Security
    • Network Admission Control (NAC)
    • Automatic Policy Enforcement
      • The power of Agents
    • Virtual Private Network (VPN)
      • Actively Being tested
    • 2- Factor Authentication
the human factor
The Human Factor
  • 70% of all threats come from within
    • Tailgating
    • Hot Plug
    • Dialup and VPN
    • Shoulder Surfing
    • Unsecured Wireless
    • Social Engineering
      • Viruses exploit vulnerable programs, Social engineering exploits Vulnerable People.
super computing
Super Computing
  • Reminder
    • WHEN: 12pm to 1pm
    • WHERE: Room 131 (Same Room)
    • WHO:
      • Kevin Holman

Blackboard System Support Coordinator

      • Andrea Di Fabio

Information Security Officer and Supercomputing Technology Coordinator

    • WHAT:
      • Super Computers
      • Clusters
      • The Grid
      • Live Cluster Computing Demo
      • Live examples of applications running on the cluster
ad