NETWORK SECURITY. Protecting NSU Technological Assets. Andrea Di Fabio – Information Security Officer. Agenda. Security Internet Connection Network Devices Wireless Devices Firewall and Port Filtering Encryption and VPN IDS and IPS Web Administration Latest Threats and Attacks Logs
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
NETWORK SECURITY Protecting NSU Technological Assets Andrea Di Fabio – Information Security Officer
Agenda • Security • Internet Connection • Network Devices • Wireless Devices • Firewall and Port Filtering • Encryption and VPN • IDS and IPS • Web Administration • Latest Threats and Attacks • Logs • Physical Security • Security Demo • IPS Console • Firewall Management & Logs • Authentication and Users Tracking • Supercomputing and Clusters • A Cluster Demo
Securing Technological Assets MISSION • Secure and Safeguard NSU Technological assets from unauthorized use. • Insure conformity to NSU policies • Proactively prevent system intrusion and misuse • Investigate and respond to threats
Securing from Outside Attacks FIREWALL • Nokia IP 530 w/ Checkpoint NG AI R55 • 507 Mbps Firewall Throughput • 115 Mbps VPN Throughput • 155 Mbps Internet Connection (OC3)
Securing from All Attacks Intrusion Prevention System (IPS) • TippingPoint UnityOne 2400 • #1 IPS System in the market • 2 Gbps Wire Speed Throughput • ~11,000 Attacks/Exploits Prevention • Extensive Reporting
Securing from Outside Attacks SPAM and EMAIL VIRUS PROTECTION • Spam is: Unsolicited Bulk Email (UBE) • Unsolicited means that the recipient has not granted verifiable permission for the message to be sent. • Bulk means that the message is sent as part of a larger collection of messages, all having substantively identical content. • A message is Spam only if it is both Unsolicited and Bulk. • How do we Protect from Spam? • BrightMail (a Microsoft Partner) • BL and WL • Content Filtering
Securing from Outside Attacks • A web access is initiated from the LAN • A content engine examines the request for policy compliance. • If the request is valid it forwards it to the cache • If the request is invalid it returns a message to the user. • The Web Cache intercepts the request • HIT - If the request is in cache it is served from the cache • MISS - If the request is not in cache it is forwarded to the internet
Securing from Outside Attacks Web Administration and Caching BEFORE AFTER
Securing from Inside Attacks Latest Threats and Attacks • Computer Viruses and Worms • Adware, Spyware, Malware, Phishing, Pharming • Bots, Botnets and Rootkits • Buffer Overflows … attacking the stack • Secure yourself … the power of knowledge.
Securing from Inside Attacks IP CAMERAS
Site Survey by Elandia Solutions, Inc. Wireless Coverage
Wireless Security 802.1X PEAP Authentication with Dynamic VLAN Assignment
Security for the End User Windows and Office Updates • http://windowsupdate.microsoft.com • http://office.microsoft.com/en-us/officeupdate Free Antivirus • Avast - http://www.avast.com • Avg - http://free.grisoft.com Free Spyware / Malware Removal • MS Anti-Spyware (Beta) - http://www.microsoft.com • Adaware - http://www.lavasoftusa.com • Spybot S&D - http://www.safer-networking.org
Future Enhancements Previous Wish-List • Physical Security • Biometrics? • IP Cameras • Access Control • Network Security • Network Admission Control (NAC) • Virtual Private Network (VPN) • Network Intrusion Detection System (NIDS) Current Wish-List • Physical Security • Biometrics? • Network Security • Network Admission Control (NAC) • Automatic Policy Enforcement • The power of Agents • Virtual Private Network (VPN) • Actively Being tested • 2- Factor Authentication
The Human Factor • 70% of all threats come from within • Tailgating • Hot Plug • Dialup and VPN • Shoulder Surfing • Unsecured Wireless • Social Engineering • Viruses exploit vulnerable programs, Social engineering exploits Vulnerable People.
Super Computing • Reminder • WHEN: 12pm to 1pm • WHERE: Room 131 (Same Room) • WHO: • Kevin Holman Blackboard System Support Coordinator • Andrea Di Fabio Information Security Officer and Supercomputing Technology Coordinator • WHAT: • Super Computers • Clusters • The Grid • Live Cluster Computing Demo • Live examples of applications running on the cluster