Download Network Security

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
Document related concepts
no text concepts found
Transcript 
Network Security
Introduction
Security technologies
protect mission-critical
networks from corruption
and intrusion. Network
security enables new
business applications by
reducing risk, and
providing a foundation
for expanding your
business with Intranet,
extranet, and electronic
commerce applications.
Reasons choosing Network Security
as Topic

Protection from “Crackers”

Cooperate with NT
(NT is not enough security)

Learning for my own compnay use

Trying to get the contract from Government in Taiwan
for building security system
Network Security
•Internet Security - From Infrastructure to
Network to Computer
•Wide-Area Network Security - Bridge and
Router Packet Filtering
•Local-Area Network Security - Tape Backup
and LAN Admin.
•Computer Security - Power Protection and
Special Mounting & Fastening
Devices to Secure Computer Equipmen
Improving Network Security By Means of Secure
Gateways (or Firewall)


Internet sites often use the TCP/IP protocol suite and UNIX
for local area networking purposes, UNIX and TCP/IP offer
methods for centralizing the management of users and
resources.
But. Crackers often roam the Internet searching for
unprotected sites; misconfigured systems as well as use of
insecure protocols that make the cracker's job much easier.

Two of the TCP/IP services most often used in local area
networking, NIS (Network Information Services) and NFS
(Network File System), are easily exploited; crackers can use
weaknesses in NIS and NFS to read and write files, learn user
information, capture passwords, and gain privileged access.

Kerberos and Secure RPC are effective means for reducing
risks and vulnerabilities on local area TCP/IP networks,
however they suffer from the disadvantages of requiring
modified network daemon programs on all participating hosts.

For many sites, the most practical method for securing access
to systems and use of inherently vulnerable services is to use a
Secure Gateway, or firewall system.
Examples of Firewalls

Packet-filtering-only
firewall (is perhaps most common
and easiest to employ.)

Dual-homed gateway(are
often the least-expensive option for
many sites and, if used mainly as an
application gateway, can be quite
secure.)


Choke-gate firewall (would
handle ftp and telnet traffic using
group accounts . The choke-gate
firewall is more flexible than the dualhomed firewall, however, and more
secure.)
Screened-subnet firewall.
The telnet/ftp and e-mail gateways
could be the only systems accessible
from the Internet. providing a high
level of security and offering more
flexibility for internal systems that
need to connect to the Internet
Typical Firewall Architecture

In this architecture, the router that is connected to the
Internet (exterior router) forces all incoming traffic to go to
the application gateway. The router that is connected to the
internal network (interior router) accepts packets only from
the application gateway.

The application gateway institutes per-application and peruser policies. In effect, the gateway controls the delivery of
network-based services both into and from the internal
network. For example, only certain users might be allowed to
communicate with the Internet, or only certain applications
are permitted to establish connections between an interior
and exterior host.
IP security
Why do we need IP security:

Loss of privacy

Loss of Data Integrity

Identity spoofing

Denial of services
Addressing the Threat



Confidentiality
Integrity
Authentication
are key services used to protect
against the threats by way of :


Encryption of data in transit
Network-layer encryption
Intranet VPNs
Intranet VPNs link
corporate headquarters,
remote and branch
offices through
dedicated connections
Extranet VPNs

Extranet VPNs
connect customers,
partners other
interest parties to
corporate intranets
over dedicated
connections
Understanding Network
security






Know your enemy
Count the cost
Identify your
assumptions
Control your secrets
Remember human
factors
Know your
weaknesses





Limit the scope of
access
Understand your
environment
Limit your trust
Remember your
physical security
Security is pervasive
(everywhere)
Related documents
Firewall Configuration
Firewall Configuration
Assignment # 3 - UNT Class Server
Assignment # 3 - UNT Class Server
Read more
Read more
homework 8
homework 8
9. the internet: electronic commerce, electronic business
9. the internet: electronic commerce, electronic business
9. THE INTERNET: ELECTRONIC COMMERCE, ELECTRONIC
9. THE INTERNET: ELECTRONIC COMMERCE, ELECTRONIC
Cisco Discovery 1 Module 08 Quiz Picture Descriptions
Cisco Discovery 1 Module 08 Quiz Picture Descriptions
Document 62752
Document 62752
Security - CS Course Webpages
Security - CS Course Webpages
Microsoft Word - Firewall change request form1
Microsoft Word - Firewall change request form1
Assignment 3 Network Components Johnson
Assignment 3 Network Components Johnson
Chapter 24 - William Stallings, Data and Computer
Chapter 24 - William Stallings, Data and Computer
Assignment 3 - Network Components
Assignment 3 - Network Components
Firewalls
Firewalls
Networking Components
Networking Components
What is a Network
What is a Network
Assignment-3
Assignment-3
I get the error message “An error occurred while
I get the error message “An error occurred while
Assignment3-LeonardEhalt
Assignment3-LeonardEhalt
Malwares – Types & Defense
Malwares – Types & Defense
Internet, Intranet and Extranets
Internet, Intranet and Extranets
How Client/Server Networks Work
How Client/Server Networks Work