Network Security and Firewalls - PowerPoint PPT Presentation

aspen
network security and firewalls n.
Skip this Video
Loading SlideShow in 5 Seconds..
Network Security and Firewalls PowerPoint Presentation
Download Presentation
Network Security and Firewalls

play fullscreen
1 / 92
Download Presentation
Network Security and Firewalls
328 Views
Download Presentation

Network Security and Firewalls

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Network Securityand Firewalls

  2. Lesson 1:What Is Security

  3. Objectives • Define security • Explain the need for network security • Identify resources that need security • Identify the two general security threat types • List security standards and organizations

  4. What Is Security? • LANs • WANs • VPNs • Network perimeters

  5. Hacker Statistics • One of every five Internet sites has experienced a security breach • Losses due to security breaches are estimated at $10 billion each year • Intrusions have increased an estimated 50 percent in the past year

  6. What Is the Risk? • Categorizing attacks • Countering attacks systematically

  7. The Myth of 100-Percent Security • Security as balance • Security policies

  8. Attributes of anEffective Security Matrix • Allows access control • Easy to use • Appropriate cost of ownership • Flexible and scalable • Superior alarming and reporting

  9. What You AreTrying to Protect • End user resources • Network resources • Server resources • Information storage resources

  10. Who Is the Threat? • Casual attackers • Determined attackers • Spies

  11. Security Standards • Security services • Authentication • Access control • Data confidentiality • Data integrity • Nonrepudiation • Security mechanisms • The Orange Book

  12. Summary • Define security • Explain the need for network security • Identify resources that need security • Identify the two general security threat types • List security standards and organizations

  13. Lesson 2:Elements of Security

  14. Objectives • Formulate the basics of an effective security policy • Identify the key user authentication methods • Explain the need for access control methods • Describe the function of an access control list

  15. Objectives (cont’d) • List the three main encryption methods used in internetworking • Explain the need for auditing

  16. Elements of Security Audit Administration Encryption Access Control User Authentication Corporate Security Policy

  17. The Security Policy • Classify systems • Prioritize resources • Assign risk factors • Define acceptable and unacceptable activities • Define measures to apply to resources • Define education standards • Assign policy administration

  18. Encryption • Encryption categories • Symmetric • Asymmetric • Hash • Encryption strength

  19. Authentication • Authentication methods • Proving what you know • Showing what you have • Demonstrating who you are • Identifying where you are

  20. SpecificAuthentication Techniques • Kerberos • One-time passwords

  21. Access Control • Access Control List • Objects • Execution Control List • Sandboxing

  22. Auditing • Passive auditing • Active auditing

  23. Security Tradeoffsand Drawbacks • Increased complexity • Slower system response time

  24. Summary • Formulate the basics of an effective security policy • Identify the key user authentication methods • Explain the need for access control methods • Describe the function of an access control list

  25. Summary (cont’d) • List the three main encryption methods used in internetworking • Explain the need for auditing

  26. Lesson 3:Applied Encryption

  27. Objectives • Create a trust relationship using public-key cryptography • List specific forms of symmetric, asymmetric, and hash encryption • Deploy PGP in Windows 2000 and Linux

  28. Creating Trust Relationships • Manually • Automatically

  29. Rounds, Parallelizationand Strong Encryption • Round • Discrete part of the encryption process • Parallelization • Use of multiple processes, processors or machines to work on cracking one encryption algorithm • Strong encryption • Use of any key longer than 128 bits

  30. Symmetric-KeyEncryption • One key is used to encrypt and decrypt messages

  31. Data encryption standard Triple DES Symmetric algorithms created by RSA Security Corporation International Data Encryption Algorithm Blowfish Twofish Skipjack MARS Rijndael Serpent Advanced Encryption Standard SymmetricAlgorithms

  32. Asymmetric Encryption • Asymmetric-key encryption elements • RSA • DSA • Diffie-Hellman

  33. Hash Encryption • Signing • Hash algorithms • MD2, MD4, and MD5 • Secure hash algorithm

  34. AppliedEncryption Processes • E-mail • PGP and GPG • S-MIME • Encrypting drives • Web server encryption

  35. Summary • Create a trust relationship using public-key cryptography • List specific forms of symmetric, asymmetric, and hash encryption • Deploy PGP in Windows 2000 and Linux

  36. Lesson 4:Types of Attacks

  37. Objectives • Describe specific types of security attacks • Recognize specific attack incidents

  38. Brute-Force andDictionary Attacks • Brute-force attack • Repeated access attempts • Dictionary attack • Customized version of brute-force attack

  39. System Bugs and Back Doors • Buffer overflow • Trojans and root kits

  40. Social Engineeringand Nondirect Attacks • Call and ask for the password • Fraudulent e-mail • DOS and DDOS attacks • Spoofing • Trojans • Information leakage • Hijacking and man-in-the-middle attacks

  41. Summary • Describe specific types of security attacks • Recognize specific attack incidents

  42. Lesson 5:General Security Principles

  43. Objectives • Describe the universal guidelines and principles for effective network security • Use universal guidelines to create effective specific solutions

  44. Be paranoid Have a security policy No system stands alone Minimize damage Deploy company-wide enforcement Provide training Integrate security strategies Place equipment according to needs Identify security business issues Consider physical security CommonSecurity Principles

  45. Summary • Describe the universal guidelines and principles for effective network security • Use universal guidelines to create effective specific solutions

  46. Lesson 6:Protocol Layersand Security

  47. Objectives • List the protocols that pass through a firewall • Identify potential threats at different layers of the TCP/IP stack

  48. TCP/IP andNetwork Security • The Internet and TCP/IP were not designed around strong security principles

  49. The TCP/IP Suite andthe OSI Reference Model • Physical layer • Network layer • Transport layer • Application layer • Presentation layer • Session layer • Data link layer

  50. TCP/IPPacket Construction Application Message: e-mail, FTP, Telnet TCP Segment Header Body IP Datagram Header Body Ethernet Frames Header Body Trailer