Transcript AlanSprague_GuestLecture_Security

Network Security
Overview
Tales from the trenches
Why security?
increasingly hostile public network
cost of downtime
value of the information
Increasingly hostile public network
Increasingly hostile public network(2)
intruders are prepared and organized
Internet attacks are easy, low risk, and hard to trace
intruder tools are
- increasingly sophisticated
- easy to use, especially by novice intruders
- designed to support large-scale attacks
source code is not required to find vulnerabilities
the complexity of the Internet, protocols, and
applications are all increasing along with our
reliance on them
Increasingly hostile public network(3)
Cost of downtime
Value of the information
Large stores of Credit Card information
stored on DB servers
Intellectual property valued in the Millions
Basic Categories
Policy
Physical
IP based
Software/OS based
Holistic approach
Application
Security
Policy
IP Based
Physical
Policy
Email usage
External services allowed
Acceptable use
User and resource architecture
Virus response
IP based
Routers

Packet filtering
Firewalls


Packet inspection versus packet filter
Ability to build rulesets
Switches/VLAN

Isolating IP segments using VLANS
Software
Proxy servers
Software firewalls vs. hardware
OS security Unix/MS
Patches and updates
Patches and updates
Remote access
security versus usability

P: drive access
options for remote access




extranet
web access
VPN
Private dial up
Extranet
Secure web site with access to specific data
Requires login
Can provide access to all information available
“on site”
VPN
Virtual private network
Creates a Secure Tunnel between two points
on a network
All data traveling on the tunnel is encrypted
Should use encryption for tunnel creation
Physical security
Data center access
Multi-homed
Redundant utilities (power, HVAC)
Fire suppression