Osu enterprise firewall
Download
1 / 26

- PowerPoint PPT Presentation


  • 250 Views
  • Updated On :

OSU Enterprise Firewall. Information Services - Network Engineering http://www.net.oregonstate.edu [email protected] It is time for OSU to deploy a centrally supported firewall for those departments seeking greater Network Security for their workstations and servers. OSU Enterprise Firewall.

Related searches for

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about '' - Roberta


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Osu enterprise firewall l.jpg
OSU Enterprise Firewall

Information Services - Network Engineering

http://www.net.oregonstate.edu

[email protected]

  • It is time for OSU to deploy a centrally supported firewall for those departments seeking greater Network Security for their workstations and servers.


Osu enterprise firewall2 l.jpg
OSU Enterprise Firewall

  • What is Network Security

  • What are we trying to protect?

  • Common Network Security Practices

  • What about this Firewall?

  • What security problems are we seeing today.

  • Conclusion


Osu enterprise firewall3 l.jpg
OSU Enterprise Firewall

  • Network Security

    • The process of protecting networked data, resources, and infrastructure from:

      • Theft

      • Denial Of Service

      • Unauthorized use


What are we trying to protect l.jpg
What are we trying to protect?

  • Data

    • Research

    • Business

    • Student Information

    • Human Resources

    • Credit Card Information

    • Medical Records


What are we trying to protect5 l.jpg
What are we trying to protect?

  • Resources

    • Workstations

    • Servers

    • Analyzers

    • Environmental Control Systems

    • Bandwidth

    • Personnel Time


What are we trying to protect6 l.jpg
What are we trying to protect?

  • Network Infrastructure

    • Routers

    • Switches

    • Cable Plant


What are we trying to protect7 l.jpg
What are we trying to protect?

  • Our own public image

    • OSU’s high speed access to the Internet makes us an ideal place to launch a Denial of Service attack against another network.

    • Our servers or workstations could be used as as an intermediary to break into systems on other networks.

    • OSU servers could source Unsolicited Email.


Osu enterprise firewall8 l.jpg
OSU Enterprise Firewall

  • What is Network Security?

  • What are we trying to protect?

  • Common Network Security Practices and where we stand today.


Network security practices l.jpg
Network Security Practices

  • Ideally, Network Security consists of several security strategies layered on top of each other.

    • Border filtering (A)

    • Firewalls (Inc)

    • System Administration (B)

    • Physical security (C)

    • Intrusion Detection (B-)


Osu enterprise firewall10 l.jpg
OSU Enterprise Firewall

  • What is Network Security

  • What are we trying to protect?

  • Common Network Security Practice

  • What about this Firewall?


The firewall l.jpg
The Firewall

  • What is a Firewall?

    • A device that is inserted between physical and/or logical divisions of a network for the purpose of enforcing network access security policy.

      • For optimally managed hosts, a firewall may serve only as a back-up for enforcement of that host’s security policy.


The firewall12 l.jpg
The Firewall

  • Unfortunately, for many other servers and workstations, the firewall may serve as the only enforcement of security policy.

  • Departmental firewall

    • In addition to

    • In stead of


  • Osu enterprise firewall13 l.jpg
    OSU Enterprise Firewall

    Border

    Router

    NERO (Internet, I2)

    Backbone

    Switch

    Current Router Backbone

    All servers and workstations

    (including services subnet)


    Osu enterprise firewall14 l.jpg
    OSU Enterprise Firewall

    Border

    Router

    NERO (Internet, I2)

    Outside router backbone

    Backbone

    Switch

    Public Servers

    Firewall

    Inside (Trusted) router backbone


    The firewall15 l.jpg
    The Firewall

    • How might a firewall affect our campus network?

      • Assure that our extensive network resources are available to support the mission of OSU.

      • Guard against those same resources being used to attack the resources of someone else’s network.


    The firewall16 l.jpg
    The Firewall

    • Reduce the frequency of network security incidents.

    • More readily respond to new exploits.

    • Greater flexibility in enforcing security policy.


    The firewall17 l.jpg
    The Firewall

    • Implementation

      • The transition will be the most challenging

        • We anticipate this.

        • We will make changes in a way that can be readily backed out if necessary.

        • Network Engineering will be first, then other departments, one at a time.

      • We will learn as we add each new department.


    The firewall18 l.jpg
    The Firewall

    • What is the cost of this firewall?

      • The firewall itself is part of Network Engineering’s budget.

      • Participating departments will need to:

        • Separate public and private servers.

        • Change network addresses on most servers.

        • Become more network security conscious.


    The firewall19 l.jpg
    The Firewall

    • Firewall discussions to date.

      • ITCC

      • ITCC Security Working Group

      • DCA’s

      • Specific departments eager for greater network security.


    Osu enterprise firewall20 l.jpg
    OSU Enterprise Firewall

    • What is Network Security

    • What are we trying to protect?

    • Common Network Security Practice

    • What about this Firewall?

    • What security problems are we seeing today?


    Osu network security problems l.jpg
    OSU Network Security Problems

    • Common Security Incidents handled by Network Engineering.

      • Scans - A prelude to more serious intrusions.

      • Break-ins

      • Denial of Service

      • Unauthorized file servers

      • 51 Security incidents in Jan 03 including 11 hosts infected with the SQL worm.


    Osu network security problems22 l.jpg
    OSU Network Security Problems

    SQL Worm

    • Primarily a Denial of Service attack

    • OSU had 11 servers compromised

    • Could have been much worse

    • System Administration failure

    • Firewall could have minimized or prevented it.


    Osu enterprise firewall23 l.jpg
    OSU Enterprise Firewall

    • Conclusion

      • The goal of the firewall is to allow you to do your networking tasks while preventing others from gaining control of your network resources.

      • A firewall, no matter where or how it is deployed will have some effect on the old ways of doing business.


    Osu enterprise firewall24 l.jpg
    OSU Enterprise Firewall

    • Conclusion

      • What can you do?

        • Talk to your IT staff about network security.

        • Encourage them to put up departmental servers where staff can post their public data.

        • Use centrally supported servers where appropriate.


    Osu enterprise firewall25 l.jpg
    OSU Enterprise Firewall

    • Conclusion

      • What can you do?

        • Insist that servers be administered by professional administrators.

        • Get servers off of the desktops!


    Osu enterprise firewall26 l.jpg
    OSU Enterprise Firewall

    Thank you

    Bill Myers

    IS-Network Engineering

    [email protected]

    [email protected]


    ad