Network security
This presentation is the property of its rightful owner.
Sponsored Links
1 / 11

Network Security PowerPoint PPT Presentation


  • 32 Views
  • Uploaded on
  • Presentation posted in: General

Network Security. Introduction

Download Presentation

Network Security

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Network security

Network Security

Introduction

Security technologies protect mission-critical networks from corruption and intrusion. Network security enables new business applications by reducing risk, and providing a foundation for expanding your business with Intranet, extranet, and electronic commerce applications.


Reasons choosing network security as topic

Reasons choosing Network Security as Topic

  • Protection from “Crackers”

  • Cooperate with NT

    (NT is not enough security)

  • Learning for my own compnay use

  • Trying to get the contract from Government in Taiwan for building security system


Network security1

Network Security

•Internet Security - From Infrastructure to Network to Computer

•Wide-Area Network Security - Bridge and Router Packet Filtering•Local-Area Network Security - Tape Backup and LAN Admin.•Computer Security - Power Protection and Special Mounting & Fastening Devices to Secure Computer Equipmen


Improving network security by means of secure gateways or firewall

Improving Network Security By Means of Secure Gateways (or Firewall)

  • Internet sites often use the TCP/IP protocol suite and UNIX for local area networking purposes, UNIX and TCP/IP offer methods for centralizing the management of users and resources.

  • But. Crackers often roam the Internet searching for unprotected sites; misconfigured systems as well as use of insecure protocols that make the cracker's job much easier.

  • Two of the TCP/IP services most often used in local area networking, NIS (Network Information Services) and NFS (Network File System), are easily exploited; crackers can use weaknesses in NIS and NFS to read and write files, learn user information, capture passwords, and gain privileged access.

  • Kerberos and Secure RPC are effective means for reducing risks and vulnerabilities on local area TCP/IP networks, however they suffer from the disadvantages of requiring modified network daemon programs on all participating hosts.

  • For many sites, the most practical method for securing access to systems and use of inherently vulnerable services is to use a Secure Gateway, or firewall system.


Examples of firewalls

Examples of Firewalls

  • Packet-filtering-only firewall (is perhaps most common and easiest to employ.)

  • Dual-homed gateway(are often the least-expensive option for many sites and, if used mainly as an application gateway, can be quite secure.)

  • Choke-gate firewall(would handle ftp and telnet traffic using group accounts . The choke-gate firewall is more flexible than the dual-homed firewall, however, and more secure.)

  • Screened-subnet firewall. The telnet/ftp and e-mail gateways could be the only systems accessible from the Internet. providing a high level of security and offering more flexibility for internal systems that need to connect to the Internet


Typical firewall architecture

Typical Firewall Architecture

  • In this architecture, the router that is connected to the Internet (exterior router) forces all incoming traffic to go to the application gateway. The router that is connected to the internal network (interior router) accepts packets only from the application gateway.

  • The application gateway institutes per-application and per-user policies. In effect, the gateway controls the delivery of network-based services both into and from the internal network. For example, only certain users might be allowed to communicate with the Internet, or only certain applications are permitted to establish connections between an interior and exterior host.


Ip security

IP security

Why do we need IP security:

  • Loss of privacy

  • Loss of Data Integrity

  • Identity spoofing

  • Denial of services


Addressing the threat

Confidentiality

Integrity

Authentication

Encryption of data in transit

Network-layer encryption

Addressing the Threat

are key services used to protect against the threats by way of :


Intranet vpns

Intranet VPNs

Intranet VPNs link corporate headquarters, remote and branch offices through dedicated connections


Extranet vpns

Extranet VPNs

  • Extranet VPNs connect customers, partners other interest parties to corporate intranets over dedicated connections


Understanding network security

Limit the scope of access

Understand your environment

Limit your trust

Remember your physical security

Security is pervasive (everywhere)

Know your enemy

Count the cost

Identify your assumptions

Control your secrets

Remember human factors

Know your weaknesses

Understanding Network security


  • Login