osu enterprise firewall l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
OSU Enterprise Firewall PowerPoint Presentation
Download Presentation
OSU Enterprise Firewall

Loading in 2 Seconds...

play fullscreen
1 / 26

OSU Enterprise Firewall - PowerPoint PPT Presentation


  • 253 Views
  • Uploaded on

OSU Enterprise Firewall. Information Services - Network Engineering http://www.net.oregonstate.edu net@oregonstate.edu It is time for OSU to deploy a centrally supported firewall for those departments seeking greater Network Security for their workstations and servers. OSU Enterprise Firewall.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'OSU Enterprise Firewall' - Roberta


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
osu enterprise firewall
OSU Enterprise Firewall

Information Services - Network Engineering

http://www.net.oregonstate.edu

net@oregonstate.edu

  • It is time for OSU to deploy a centrally supported firewall for those departments seeking greater Network Security for their workstations and servers.
osu enterprise firewall2
OSU Enterprise Firewall
  • What is Network Security
  • What are we trying to protect?
  • Common Network Security Practices
  • What about this Firewall?
  • What security problems are we seeing today.
  • Conclusion
osu enterprise firewall3
OSU Enterprise Firewall
  • Network Security
    • The process of protecting networked data, resources, and infrastructure from:
      • Theft
      • Denial Of Service
      • Unauthorized use
what are we trying to protect
What are we trying to protect?
  • Data
    • Research
    • Business
    • Student Information
    • Human Resources
    • Credit Card Information
    • Medical Records
what are we trying to protect5
What are we trying to protect?
  • Resources
    • Workstations
    • Servers
    • Analyzers
    • Environmental Control Systems
    • Bandwidth
    • Personnel Time
what are we trying to protect6
What are we trying to protect?
  • Network Infrastructure
    • Routers
    • Switches
    • Cable Plant
what are we trying to protect7
What are we trying to protect?
  • Our own public image
    • OSU’s high speed access to the Internet makes us an ideal place to launch a Denial of Service attack against another network.
    • Our servers or workstations could be used as as an intermediary to break into systems on other networks.
    • OSU servers could source Unsolicited Email.
osu enterprise firewall8
OSU Enterprise Firewall
  • What is Network Security?
  • What are we trying to protect?
  • Common Network Security Practices and where we stand today.
network security practices
Network Security Practices
  • Ideally, Network Security consists of several security strategies layered on top of each other.
    • Border filtering (A)
    • Firewalls (Inc)
    • System Administration (B)
    • Physical security (C)
    • Intrusion Detection (B-)
osu enterprise firewall10
OSU Enterprise Firewall
  • What is Network Security
  • What are we trying to protect?
  • Common Network Security Practice
  • What about this Firewall?
the firewall
The Firewall
  • What is a Firewall?
    • A device that is inserted between physical and/or logical divisions of a network for the purpose of enforcing network access security policy.
      • For optimally managed hosts, a firewall may serve only as a back-up for enforcement of that host’s security policy.
the firewall12
The Firewall
    • Unfortunately, for many other servers and workstations, the firewall may serve as the only enforcement of security policy.
  • Departmental firewall
    • In addition to
    • In stead of
osu enterprise firewall13
OSU Enterprise Firewall

Border

Router

NERO (Internet, I2)

Backbone

Switch

Current Router Backbone

All servers and workstations

(including services subnet)

osu enterprise firewall14
OSU Enterprise Firewall

Border

Router

NERO (Internet, I2)

Outside router backbone

Backbone

Switch

Public Servers

Firewall

Inside (Trusted) router backbone

the firewall15
The Firewall
  • How might a firewall affect our campus network?
    • Assure that our extensive network resources are available to support the mission of OSU.
    • Guard against those same resources being used to attack the resources of someone else’s network.
the firewall16
The Firewall
  • Reduce the frequency of network security incidents.
  • More readily respond to new exploits.
  • Greater flexibility in enforcing security policy.
the firewall17
The Firewall
  • Implementation
    • The transition will be the most challenging
      • We anticipate this.
      • We will make changes in a way that can be readily backed out if necessary.
      • Network Engineering will be first, then other departments, one at a time.
    • We will learn as we add each new department.
the firewall18
The Firewall
  • What is the cost of this firewall?
    • The firewall itself is part of Network Engineering’s budget.
    • Participating departments will need to:
      • Separate public and private servers.
      • Change network addresses on most servers.
      • Become more network security conscious.
the firewall19
The Firewall
  • Firewall discussions to date.
    • ITCC
    • ITCC Security Working Group
    • DCA’s
    • Specific departments eager for greater network security.
osu enterprise firewall20
OSU Enterprise Firewall
  • What is Network Security
  • What are we trying to protect?
  • Common Network Security Practice
  • What about this Firewall?
  • What security problems are we seeing today?
osu network security problems
OSU Network Security Problems
  • Common Security Incidents handled by Network Engineering.
    • Scans - A prelude to more serious intrusions.
    • Break-ins
    • Denial of Service
    • Unauthorized file servers
    • 51 Security incidents in Jan 03 including 11 hosts infected with the SQL worm.
osu network security problems22
OSU Network Security Problems

SQL Worm

  • Primarily a Denial of Service attack
  • OSU had 11 servers compromised
  • Could have been much worse
  • System Administration failure
  • Firewall could have minimized or prevented it.
osu enterprise firewall23
OSU Enterprise Firewall
  • Conclusion
    • The goal of the firewall is to allow you to do your networking tasks while preventing others from gaining control of your network resources.
    • A firewall, no matter where or how it is deployed will have some effect on the old ways of doing business.
osu enterprise firewall24
OSU Enterprise Firewall
  • Conclusion
    • What can you do?
      • Talk to your IT staff about network security.
      • Encourage them to put up departmental servers where staff can post their public data.
      • Use centrally supported servers where appropriate.
osu enterprise firewall25
OSU Enterprise Firewall
  • Conclusion
    • What can you do?
      • Insist that servers be administered by professional administrators.
      • Get servers off of the desktops!
osu enterprise firewall26
OSU Enterprise Firewall

Thank you

Bill Myers

IS-Network Engineering

myers@net.oregonstate.edu

net@oregonstate.edu