Download Network and Perimeter Security

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
Document related concepts

Net bias wikipedia , lookup

Computer security wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Computer network wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Remote Desktop Services wikipedia , lookup

Lag wikipedia , lookup

Wireless security wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Deep packet inspection wikipedia , lookup

Airborne Networking wikipedia , lookup

Network tap wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Distributed firewall wikipedia , lookup

Transcript 
Network and Perimeter
Security
Paula Kiernan
Senior Consultant
Ward Solutions
Session Overview
Network Perimeter Security
Protecting the Network
Virtual Private Networking
Purpose and Limitations of Perimeter Defenses
Properly configured firewalls and border routers are
the cornerstone for perimeter security
The Internet and mobility increase security risks
VPNs have exposed a destructive, pernicious entry
point for viruses and worms in many organizations
Traditional packet-filtering firewalls only block network
ports and computer addresses
Most modern attacks occur at the application layer
Securing the Network Perimeter:
What Are the Challenges?
Business partner
Main office
Challenges Include:
Determining proper firewall design
Internet
Access to resources for remote
users
Wireless
Effective monitoring and reporting
Need for enhanced packet
inspection
Security standards compliance
Remote user
Branch office
What Firewalls Do NOT Protect Against
Malicious traffic that is passed on open ports and not
inspected by the firewall
Any traffic that passes through an encrypted tunnel or
session
Attacks after a network has been penetrated
Traffic that appears legitimate
Users and administrators who intentionally or
accidentally install viruses
Administrators who use weak passwords
Securing the Network Perimeter:
What Are the Design Options?
Bastion host
Three-legged configuration
Internal network
Web server
Internal network
Perimeter
network
Back-to-back configuration
Internal network
Perimeter
network
Internet
Firewall Requirements: Multiple-Layer Filtering
Packet filtering:
Filters packets based on information in the network and transport
layer headers
Enables fast packet inspection, but cannot detect higher-level attacks
Stateful filtering:
Filters packets based on the TCP session information
Ensures that only packets that are part of a valid session are
accepted, but cannot inspect application data
Application filtering:
Filters packets based on the application payload in network packets
Can prevent malicious attacks and enforce user policies
Configuring ISA Server to Secure the
Network Perimeter
Use ISA Server to:
Provide firewall functionality
Publish internal resources such as Web or Exchange servers
Implement multilayer packet inspection and filtering
Provide VPN access for remote users and sites
Provide proxy and caching services
LAN
Web
Server
Web
Server
ISA
Server
VPN
Server
Internet
User
Exchange
Server
Remote User
Implementing Network Templates to
Configure ISA Server 2004
Bastion host
Internal network
Three-legged configuration
Internal network
Web server
Deploy the Edge
Firewall template
Internet
Perimeter
network
Deploy the 3-Leg
Perimeter template
Back-to-back configuration
Internal network
Deploy the
Front end
or Back end
template
Perimeter
network
Deploy the Single Network Adapter template for Web proxy and caching only
Session Overview
Network Perimeter Security
Protecting the Network
Virtual Private Networking
Protecting the Network:
What Are the Challenges?
Challenges related to protecting the network layer
include:
Balance between security and usability
Lack of network-based detection or monitoring
for attacks
Implementing Network-Based
Intrusion-Detection Systems
Network-based
intrusion-detection
system
Provides rapid detection and
reporting of external malware
attacks
Important points to note:
Network-based intrusion-detection systems are only
as good as the process that is followed once an
intrusion is detected
ISA Server 2004 provides network-based intrusiondetection abilities
Implementing Application Layer Filtering
Application layer filtering includes the following:
Web browsing and e-mail can be scanned to ensure that
content specific to each does not contain illegitimate data
Deep content analyses, including the ability to detect,
inspect, and validate traffic using any port and protocol
Protecting the Network: Best Practices
 Have a proactive antivirus response team monitoring
early warning sites such as antivirus vendor
Web sites
 Have an incident response plan
 Implement automated monitoring and report policies
 Implement ISA Server 2004 to provide intrusiondetection capabilities
Session Overview
Network Perimeter Security
Protecting the Network
Virtual Private Networking
Virtual Private Networking:
What Are the Challenges?
VPNs provide a secure option for communicating
across a public network
VPNS are used in two primary scenarios:
Network access for remote clients
Network access between sites
VPN quarantine control provides an additional level of
security by providing the ability to check the
configuration of the VPN client machines before allowing
them access to the organization’s network
Understanding Quarantine Networks
Standard features of a quarantine network include:
Typically restricted or blocked from gaining access to
internal resources
Provides a level of connectivity that allows temporary
visitors’ computers to work productively without risking
the security of the internal network
Currently only available for VPN remote access solutions
How Does Network Quarantine Work?
VPN
VPN Clients
clients network
Network
Domain
Controller
controller
Web
Server
server
Quarantine script
Quarantine remote
access policy
RQC.exe
Rqc.exe
ISA
Server
server
DNS
Server
server
File
Server
server
Quarantined
VPN Quarantine
VPN
Clients Network
Session Summary
configured firewalls and border routers are the cornerstone
 Properly
for perimeter security
 Use an appropriate firewall design
 Firewalls do not protect against bad security practices
 Implement a firewall that provides multiple layer filtering
 ISA Server 2004 provides network-based intrusion-detection abilities
 VPN quarantine control provides an additional level of security
Next Steps
Find additional security training events:
http://www.microsoft.com/seminar/events/security.mspx
Sign up for security communications:
http://www.microsoft.com/technet/security/signup/default.
mspx
Get additional security information on ISA Server:
http://www.microsoft.com/technet/security/prodtech/isa/
default.mspx
Questions and Answers
[email protected]
www.ward.ie
Related documents
BUS 352 Week 4 Discussion 2 (Security components)
BUS 352 Week 4 Discussion 2 (Security components)
Geometry Shapes and Formulas Triangle
Geometry Shapes and Formulas Triangle
Topic 11 Test - East Hanover Township School District
Topic 11 Test - East Hanover Township School District
security in the post-Internet era
security in the post-Internet era
Name: Date: Block:______ Geometry Test #3 Review Lesson 1.5
Name: Date: Block:______ Geometry Test #3 Review Lesson 1.5
Mullvad Barnprogram
Mullvad Barnprogram
Algebra!!! - msmandigo
Algebra!!! - msmandigo
0075_hsm11gmtr_0108.indd
0075_hsm11gmtr_0108.indd
Chapter 7 AYR
Chapter 7 AYR
Area and Perimeter Unit Organizer 4th Grade Siener/Ronen/Hersh
Area and Perimeter Unit Organizer 4th Grade Siener/Ronen/Hersh
Evaluate the Expression Vocabulary Area and Perimeter Solve
Evaluate the Expression Vocabulary Area and Perimeter Solve