Download
network security overview n.
Skip this Video
Loading SlideShow in 5 Seconds..
Network Security Overview PowerPoint Presentation
Download Presentation
Network Security Overview

Network Security Overview

77 Views Download Presentation
Download Presentation

Network Security Overview

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Network Security Overview Tales from the trenches

  2. Why security? • increasingly hostile public network • cost of downtime • value of the information

  3. Increasingly hostile public network

  4. Increasingly hostile public network(2) • intruders are prepared and organized • Internet attacks are easy, low risk, and hard to trace • intruder tools are - increasingly sophisticated - easy to use, especially by novice intruders - designed to support large-scale attacks • source code is not required to find vulnerabilities • the complexity of the Internet, protocols, and applications are all increasing along with our reliance on them

  5. Increasingly hostile public network(3)

  6. Cost of downtime

  7. Value of the information • Large stores of Credit Card information stored on DB servers • Intellectual property valued in the Millions

  8. Basic Categories • Policy • Physical • IP based • Software/OS based

  9. Holistic approach

  10. Policy • Email usage • External services allowed • Acceptable use • User and resource architecture • Virus response

  11. IP based • Routers • Packet filtering • Firewalls • Packet inspection versus packet filter • Ability to build rulesets • Switches/VLAN • Isolating IP segments using VLANS

  12. Software • Proxy servers • Software firewalls vs. hardware • OS security Unix/MS • Patches and updates

  13. Patches and updates

  14. Remote access • security versus usability • P: drive access • options for remote access • extranet • web access • VPN • Private dial up

  15. Extranet • Secure web site with access to specific data • Requires login • Can provide access to all information available “on site”

  16. VPN • Virtual private network • Creates a Secure Tunnel between two points on a network • All data traveling on the tunnel is encrypted • Should use encryption for tunnel creation

  17. Physical security • Data center access • Multi-homed • Redundant utilities (power, HVAC) • Fire suppression