1 / 24

Network Security

This document outlines the key objectives and components of network security, focusing on understanding issues and protective measures. It delves into the OSI model layers—network, host, and application—while detailing hardware components such as routers, switches, and firewalls. Current work includes secure mail systems and VPN configurations, alongside tools for port scanning and security analysis. The emphasis is on maintaining security across all layers and staying informed on evolving threats to ensure consistent protection for systems.

adrian-hahn
Download Presentation

Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Security CHRISTOPHER D. CONEWAY under the direction of Dr. Foorood Amirmadhifor theCASS/CREST STARS Program Tennessee State University

  2. Agenda • Objective • Basic Network Components • The Lab Systems • Securing the Network • Current Work • Conclusion

  3. Objective • Our objective is to better understand Network Security issues, and means to protect it. • Our goals are as follows: • Network Layer • Host Layer • Application Layer

  4. OSI Model

  5. A Conceptual Packet Structure Control Source Destination Protocol Data

  6. Basic Network Components • PCs • Router • Switch • Hub • Firewall

  7. The Lab Systems • Hardware components • Switch, Hub, PC’s • Operating Systems • Unix: Sun Os 5.5 • Linux: Red Hat 9.0, SuSE 8.2 • Windows: 2000, 2000 Server, NT4.0

  8. Network Diagram Internet Hub Router Firewall NG NAT Network Address Translator Firewall Network 1 Private Class-C: Address Network 2 Private Class-C: Address Hub Switch UNIX BOX W2K server Linux SUSE/W2K W2K/REDHAT W2K/REDHAT W2K/SUSE W2K-WS1/REDHAT SUSE

  9. Firewall • Firewall –Hardware or software that examines and controls the traffic between two or more networks (i,e; Internal, and Internet) • Firewall policies are a collection rules: internet

  10. Policies-Firewall

  11. Securing the Network:Security Tools • Port Scanner (Protocol holes) • Security Analyzer (Application Holes) • Network Analyzer/Sniffer (Decoding)

  12. Security Analyzer Report Sample

  13. Port Analysis Section

  14. Current Works • Secure Mail • Microsoft Active Directory • VPN (Virtual Private Network) • Unix systems

  15. Secure Mail • Virus protection - Server based virus protection using your existing antivirus software. • Spam filtering - Checks to see if the computer which sent a message is blacklisted on the major RBL lists. Quarantines or deletes any such messages. • Content filtering -. Check for unacceptable language. • Attachment filtering - Part of the content filtering. Removes unwanted types of file attachment before they reach the end user. • IMAP (Internet Message Access Protocol)support - Store all message folders centrally, allowing side by side access from a mail client or web-mail. • Web-based mail client - Provide users with web-based access to their e-mail. • Web-based administration - Remotely administer mail using a web browser. • Http-s- An extension to the http protocol to support sending data securely over the web.

  16. Secure Mail Diagram Mail Server Client Computers

  17. Active Directory • Microsoft Active Directory • Domain Name Service • User and Group account management • Organizational units and resources management

  18. Active Directory Diagram

  19. VPN (Virtual Private Network) • VPN (Virtual Private Network) • Checkpoint VPN (CP2000, CPNG) • Data integrity and confidentiality are protected through authentication and encryption • Data can be securely transmitted between two locations across the Internet or be encrypted between a server and a client within a Local Area Network

  20. VPN Diagram

  21. VPN Client Connected to Private COE-Lab Network

  22. Unix Systems • Unix systems • Internet services (web, mail, proxy, etc..) • Redhat & Suse, Sun system platforms

  23. Conclusions • Security in All Layers Required • Be Up-to-date in New Security Issues • Consistency in the process of securing systems

  24. Questions

More Related