Transcript Network Security

NETWORK SECURITY
Presented by: Brent Vignola
MATERIAL OVERVIEW…

Basic security components that exist in all
networks






Authentication
Firewall
Intrusion prevention system
Antivirus program
Honeypots
General locations where networks exist, the
security required in each, and how to manage
each





Homes
Small businesses
Large businesses
Schools
Government
BASIC SECURITY COMPONENTS:
AUTHENTICATION
Establish as genuine
 Authorize
 Validate
 Usually in the form of an ID and password
 Example:


Ecom user name and password to log on to university
computers
BASIC SECURITY COMPONENTS:
FIREWALL
Prevents unauthorized access to and from a
network
 Considered to be the first line of defense in
protecting information on the network
 Different methods of a firewall:





Packet-filter: examines every packet that enters and
leaves the network
Application gateway: security directly to an
application such as FTP
Circuit-level gateway: used while a connection is
being established
Proxy server: improves network performance by
filtering requests; all requests go through proxy
before reaching the real network
BASIC SECURITY COMPONENTS:
INTRUSION PREVENTION
SYSTEM


Detection of malware that has entered the network and of
suspicious activity on the network
Network-based IPS:
 Designed to examine, identify, and report
 For example: the IPS…
 Examines the network
 Identifies a worm on the network
 Reports the finding to the user
 Three types of the network-based IPS:
 Content-based: examines each packet entering the network
for any unique areas (called signatures)
 Protocol analysis: decodes the protocol to find anything out
of the norm
 Rate-based: prevents Denial of Service attacks
 DoS: malicious attack that is designed to bog-down the
traffic
BASIC SECURITY COMPONENTS:
ANTIVIRUS PROGRAM



Scans the files on the computer for viruses and malware
Two ways to scan:
 Virus dictionary approach: keeps a database of
known viruses
 Suspicious behavior approach: monitors the
performance of all programs
Once scan is complete there are 3 options to fix files:
 Repair the file: removes the virus portion of the file
 Remove the file: removing the file completely if
repairing cannot be done
 Quarantine the file: “cover” the file so the virus
cannot spread to other files and so the file cannot be
accessed by other programs
BASIC SECURITY COMPONENTS:
HONEYPOT
Decoy on the network
 Used to distract attackers from the actual
network
 May look like the actual network
 May “appear” to have valuable information
 Most of the time it is a computer


But may be:
An unused IP address
 Files
 Data records


Two types:
Production: help alleviate the risk to a business
 Research: learn how and why attackers enter the
network

NETWORK LOCATIONS:
HOMES
 Simplest
network
 Lowest level of security
 Basic firewall
 Basic Antivirus program
 Strong password for wireless connection

Wireless connection should be set to at least
WPA or WPA2
NETWORK LOCATIONS:
SMALL BUSINESSES




More complex than home networks
Higher level of security than home networks
Stronger firewall and Antivirus program than home
networks
Similarity with home network:


Strong password for wireless connection
Strong authentication method:
ID and password for employees
 Password should be updated on a monthly basis


Packet analyzer should be implemented:


Examines each packet that enters the network and
analyzes its content
Increase employee awareness of physical security:

Log-off computers; shut-down computers; lock office doors
NETWORK LOCATIONS:
LARGE BUSINESSES

Similarities with small business networks:





Strong firewall and Antivirus program
Strong password for authentication and wireless
devices
Implementation of packet analyzer
Increase employee awareness of physical security
Additional security:
Proxy server: implemented to improve performance
by filtering requests
 Authentication: passwords should be updated biweekly
 Physical security:

install cameras around premises
 Place fire extinguishers are sensitive material
 Hire security guards

NETWORK LOCATIONS:
SCHOOLS
Network is unique because students need to be
able to access it both on-campus and offcampus
 Strong, but flexible firewall and proxy
 Schools’ faculty should have responsibility of
supervising the access of indecent websites
 Children’s Internet Protection Act (CIPA)
signed into law in December 2000:

protect students from viewing inappropriate content
on the internet such as pornography
 Filtering software on the internet browser


One similarity with other networks:

strong Antivirus program
NETWORK LOCATIONS:
GOVERNMENT
Highest security and most complex
 Strongest: Firewall; Proxy; Antivirus program
 Strong encryption:

usually 256 bit key
 Hides the information with a key
 Example: used by military for covert operations


Wireless connection:
Only selected people can access the network
(President)
 Area should be limited to the government property
(White House)


Network should be invisible to the outside
THE END
Any Questions?