Chapter 9
This presentation is the property of its rightful owner.
Sponsored Links
1 / 34

SECURING NETWORK COMMUNICATION PowerPoint PPT Presentation


  • 64 Views
  • Uploaded on
  • Presentation posted in: General

Chapter 9. SECURING NETWORK COMMUNICATION. OVERVIEW. List the major threats to network communications. Describe the functions of Internet Protocol Security (IPSec). Understand the functions and architecture of the IPSec protocols.

Download Presentation

SECURING NETWORK COMMUNICATION

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Chapter 9

Chapter 9

SECURINGNETWORK COMMUNICATION


Overview

Chapter 9: SECURING NETWORK COMMUNICATION

OVERVIEW

  • List the major threats to network communications.

  • Describe the functions of Internet Protocol Security (IPSec).

  • Understand the functions and architecture of the IPSec protocols.

  • List the components of a Microsoft Windows Server 2003 IPSec implementation.

  • List the default IPSec policies included in Windows Server 2003 and their applications.


Overview continued

Chapter 9: SECURING NETWORK COMMUNICATION

OVERVIEW (CONTINUED)

  • Understand the functions of an IPSec policy’s components.

  • Use the IP Security Policies snap-in to manage IPSec policies.

  • List the standards that define common wireless local area network (WLAN) technologies.

  • Describe the security problems inherent in wireless networking.

  • List the mechanisms that WLANs running IEEE 802.11 based on the Microsoft Windows operating system can use to authenticate clients and encrypt transmitted data.


Planning an ipsec implementation

Chapter 9: SECURING NETWORK COMMUNICATION

PLANNING AN IPSec IMPLEMENTATION

  • Network traffic normally traverses the network unencrypted.

  • If someone captures traffic from the network, it can be easily viewed.

  • IPSec extensions are a means of securing the actual network communications.


Potential threats

Chapter 9: SECURING NETWORK COMMUNICATION

POTENTIAL THREATS


Introducing network security protocols

Chapter 9: SECURING NETWORK COMMUNICATION

INTRODUCING NETWORKSECURITY PROTOCOLS


Protecting data with ipsec

Chapter 9: SECURING NETWORK COMMUNICATION

PROTECTING DATA WITH IPSec

  • IPSec protects data by digitally signing and encrypting it before transmission.

  • IPSec operates as an extension to Internet Protocol (IP) and provides end-to-end encryption.

  • IPSec can encrypt any traffic that takes the form of IP datagrams, no matter what kind of information is inside them.


Ipsec functions

Chapter 9: SECURING NETWORK COMMUNICATION

IPSec FUNCTIONS

  • IPSec performs a number of security functions, including key generation, cryptographic checksums, mutual authentication, replay prevention, and IP packet filtering.

  • Using IPSec prevents viewing, changing, or deleting data in a packet.

  • IPSec also prevents IP address spoofing.


Ipsec protocols

Chapter 9: SECURING NETWORK COMMUNICATION

IPSec PROTOCOLS

The IPSec standards define two protocols:

  • IP Authentication Header (AH)

  • IP Encapsulating Security Payload (ESP)


Ip authentication header

Chapter 9: SECURING NETWORK COMMUNICATION

IP AUTHENTICATION HEADER

IP Authentication Header protocol:

  • Does not encrypt the data in IP packets, but it does provide authentication, anti-replay, and integrity services

  • Ensures that no one has modified the packets en route, and that the packets did actually originate at the system identified by the packet’s source IP address


Ip encapsulating security payload

Chapter 9: SECURING NETWORK COMMUNICATION

IP ENCAPSULATING SECURITY PAYLOAD:

  • IP Encapsulating Security Payload

    • Prevents unauthorized people from being able to read information in packets by encrypting the data

    • Provides authentication, integrity, and antireplay services

  • Although AH and ESP perform some of the same functions, using both protocols provides the maximum possible security for a data transmission.


Transport mode and tunnel mode

Chapter 9: SECURING NETWORK COMMUNICATION

TRANSPORT MODE AND TUNNEL MODE

  • IPSec can operate in two modes: transport mode andtunnel mode.

  • Transport mode is used between IPSec-enabled computers.

  • Tunnel mode is used between IPSec-enabled routers.


Deploying ipsec

Chapter 9: SECURING NETWORK COMMUNICATION

DEPLOYING IPSec

  • All versions of the Windows operating system since Windows 2000 support IPSec.

  • IPSec policiesdefine when and how systems should use IPSec.

  • IPSec implementations on Windows Server 2003 should be compatible with IPSec implementations on other operating systems that conform to Internet Engineering Task Force (IETF) standards.


Ipsec components

Chapter 9: SECURING NETWORK COMMUNICATION

IPSec COMPONENTS

IPSec in Windows Server 2003 consists of the following components:

  • IPSec policy agent

  • Internet Key Exchange (IKE)

  • IPSec driver


Planning an ipsec deployment

Chapter 9: SECURING NETWORK COMMUNICATION

PLANNING AN IPSec DEPLOYMENT

  • Using IPSec creates additional network traffic.

  • Processor overhead associated with network communications also increases with IPSec deployment.

  • Backward compatibility must be considered because operating systems earlier than Windows 2000 do not support IPSec without the addition of third-party software.


Working with ipsec policies

Chapter 9: SECURING NETWORK COMMUNICATION

WORKING WITH IPSec POLICIES

  • IPSec policies are administered through the IP Security Policies Microsoft Management Console (MMC) snap-in.

  • IPSec policies define which traffic must be secured and which actions are performed on traffic that does or does not meet criteria.

  • Three IPSec policies are created by default. More can be created as required.


Using the default ipsec policies

Chapter 9: SECURING NETWORK COMMUNICATION

USING THE DEFAULT IPSec POLICIES


Modifying ipsec policies

Chapter 9: SECURING NETWORK COMMUNICATION

MODIFYING IPSec POLICIES

IPSec policies consist of three elements:

  • Rules

  • IP filter lists

  • Filter actions


Command line tools

Chapter 9: SECURING NETWORK COMMUNICATION

COMMAND-LINE TOOLS

  • Netsh.exe

  • Netdiag.exe


Troubleshooting ipsec

Chapter 9: SECURING NETWORK COMMUNICATION

TROUBLESHOOTING IPSec

There are two ways to ensure that IPSec is functioning:

  • Perform a packet capture of the network traffic.

  • Check the statistics node of the IPSec monitor.


The ip security monitor

Chapter 9: SECURING NETWORK COMMUNICATION

THE IP SECURITY MONITOR


Troubleshoot ipsec authentication

Chapter 9: SECURING NETWORK COMMUNICATION

TROUBLESHOOT IPSec AUTHENTICATION

There are three methods used toauthenticate an IPSec connection:

  • Preshared key authentication

  • Kerberos authentication

  • Certificate-based authentication


Securing a wireless network

Chapter 9: SECURING NETWORK COMMUNICATION

SECURING A WIRELESS NETWORK

  • Wireless networks are becoming increasingly popular.

  • Related hardware is becoming more affordable.

  • Wireless networks present more and different security challenges than their wired counterparts.


Understanding wireless networking standards

Chapter 9: SECURING NETWORK COMMUNICATION

UNDERSTANDING WIRELESS NETWORKING STANDARDS

  • Wireless networking standards are developed and ratified by the Institute of Electrical and Electronics Engineers (IEEE).

  • Three standards have been defined:

    • 802.11b: Offers speeds up to 11 megabits per second (Mbps)

    • 802.11a: In development. Uses different frequency ranges than 802.11b. Offers speeds up to 54 Mbps

    • 802.11g: Uses the same frequency ranges as 802.11b. Offers speeds up to 54 Mbps


Wireless networking topologies

Chapter 9: SECURING NETWORK COMMUNICATION

WIRELESS NETWORKING TOPOLOGIES


Understanding wireless network security

Chapter 9: SECURING NETWORK COMMUNICATION

UNDERSTANDING WIRELESS NETWORK SECURITY

  • Wireless networks present security risks that are not present when using traditional wired networks.

  • Logical security becomes of paramount concern because physical security measures are not necessarily preventative.

  • Two main concerns when using wireless networks are unauthorized access and data interception.


Controlling wireless access using group policies

Chapter 9: SECURING NETWORK COMMUNICATION

CONTROLLING WIRELESS ACCESS USING GROUP POLICIES


Authenticating users

Chapter 9: SECURING NETWORK COMMUNICATION

AUTHENTICATING USERS

  • Open System authentication

  • Shared Key authentication

  • IEEE 802.1x authentication


Open system authentication

Chapter 9: SECURING NETWORK COMMUNICATION

OPEN SYSTEM AUTHENTICATION

  • Open System authentication is the default authentication method used by IEEE 802.11 devices.

  • Despite the name, it offers no actual authentication.

  • A device configured to use Open System authentication will not refuse authentication to another device.


Shared key authentication

Chapter 9: SECURING NETWORK COMMUNICATION

SHARED KEY AUTHENTICATION

  • Devices authenticate each other using a secret key that both possess.

  • The key is shared before authentication using a secure channel.

  • All the computers in the same basic service set (BSS) must possess the same key.


Ieee 802 1 x authentication

Chapter 9: SECURING NETWORK COMMUNICATION

IEEE 802.1x AUTHENTICATION

  • The IEEE 802.1x standard defines a method of authenticating and authorizing users on any 802 local area network (LAN).

  • Most IEEE 802.1x implementations useRemote Authentication Dial-In User Service(RADIUS) servers.

  • RADIUS typically uses one of the following two authentication protocols:

    • Extensible Authentication Protocol-Transport Layer Security (EAP-TLS)

    • Protected EAP-Microsoft Challenge Handshake Authentication Protocol version 2 (PEAP-MS-CHAP v2)


Encrypting wireless traffic

Chapter 9: SECURING NETWORK COMMUNICATION

ENCRYPTING WIRELESS TRAFFIC

  • The IEEE 802.11 standard uses an encryption mechanism called WEP to secure data while in transit.

  • WEP uses the RC4 cryptographic algorithm developed by RSA Security Inc.

  • WEP allows the key length, as well as the frequency with which the computers generate new keys, to be configured.


Summary

Chapter 9: SECURING NETWORK COMMUNICATION

SUMMARY

  • IPSec is a set of extensions to IP that provide protection for data as it is transmitted over the network.

  • IPSec can operate in transport mode or tunnel mode.

  • The IPSec implementation in Windows Server 2003 consists of the IPSec policy agent, IKE, and the IPSec driver.

  • Windows Server 2003 IPSec has three default policies. You can use these policies or create your own.

  • IPSec policies consist of rules, IP filter lists, and filter actions. A rule is a combination of an IP filter list and a filter action.


Summary continued

Chapter 9: SECURING NETWORK COMMUNICATION

SUMMARY (CONTINUED)

  • Incompatible configuration settings are a common cause of IPSec communication problems.

  • Most WLANs in use today are based on the 802.11 standards published by the IEEE.

  • To secure a wireless network, you must authenticate clients before they are granted network access and encrypt all packets transmitted over the wireless link.

  • To authenticate IEEE 802.11 wireless network clients, you can use Open System authentication, Shared Key authentication, or IEEE 802.1x.

  • To encrypt transmitted packets, the IEEE 802.11 standard defines the WEP mechanism.


  • Login