AGAINST OUTSIDE THREATS
|
|
- Betty O’Neal’
- 8 years ago
- Views:
Transcription
1 SECURING CONTROL NETWORKS AGAINST OUTSIDE THREATS MARK BUCKLAND MAY Echelon Corporation
2 IzoT PLATFORM PILLARS Full Monitoring and Control over IP Legacy Co-Existence and Evolution Industrial-strength Reliability Hardened Security
3 IzoT PLATFORM PILLARS Hardened Security
4 SECURITY FOR THE INDUSTRIAL INTERNET OF THINGS
5 KEY SECURITY CONCERNS Privacy Authentication/authorization Transport encryption Secure Web interface Cross-site scripting Poor session management Weak default credentials Secure firmware updates
6 KEY SECURITY GOALS End-to-end Transparent Integrated Balance Security and Convenience
7 360º SECURITY
8 LONTALK/IP PROTOCOL STACK SECURITY
9 IzoT SECURITY TODAY Authentication Duplicate Transaction Detection Security
10 DUPLICATE TRANSACTION DETECTION Avoid double execution of commands Guarantee correct message acknowledgment For Repeated Acknowledged message service Receive transaction database msg content + source address + selector + service type + msg code + trans id LonTalk/IP Compatibility Mode and classic LON: 4- bit transaction ID LonTalk/IP Enhanced Mode: 16-bit transaction ID Integrated into LonTalk/IP protocol stack
11 IzoT SECURITY TODAY Authentication Duplicate Transaction Detection Security
12 IzoT SECURITY TODAY Authentication Duplicate Transaction Detection Security
13 AUTHENTICATION Necessary to avoid man-in-the-middle middle attacks Used to authenticate Control messages Most network management commands Firmware updates Integrated into ISO Protocol layers 4/5 Shared 48-bit or 96-bit authentication key 8-bytes random challenge Per-message authentication
14 AUTHENTICATION Sender ON Challenge Response ACK Receiver
15 IzoT SECURITY TODAY Authentication Duplicate Transaction Detection Security
16 IzoT SECURITY NEXT GENERATION LONTALK/IP ENHANCED SECURITY (ES) Authentication Duplicate Transaction Detection Encryption Security
17 ENCRYPTION LONTALK/IP ES Encryption for NV updates and application messages Network management messages Firmware uploads via the network End-end encryption Integrated into LonTalk/IP ES protocol stacks Application-specific BYOE (bring your own pp p ( g y encryption)
18 ENCRYPTION (AND AUTHENTICATION) LONTALK/IP ES NIST Suite B algorithms highest level for civilian use Interoperable with virtually all OS platforms ECC for asymmetric key encryption and authentication AES-GCM for symmetric encryption and authentication Record/playback attack resistance Multicast encryption and authentication Can be certified compliant to FIPS by NIST Can be verified by an independent security lab
19 THE SECURITY LIFE CYCLE 1/3 Step 1: LonTalk/IP ES chip or module is manufactured Manufacturer root key pair is used to sign each DAKP Each of 3 DAKPs are stored in the private OTP - Used for mutual authentication during the enrollment process which creates the DMAKP - Individual DAKPs can be deleted in the field if the DAKP itself or the root key pair are compromised. DAKP Device Asymmetric Key Pair OTP One Time Programmable memory DMAKP Domain Asymmetric Key Pair
20 THE SECURITY LIFE CYCLE 2/3 Step 2: LonTalk/IP ES chip or module is integrated into a product using one of 2 security policies Enrollment and DMAKP generation happens at system integration time - Device is vulnerable to tampering until system integration Enrollment and DMAKP generation happens at device manufacture time - Device is protected from the time it leaves the factory - System integrator will need the (private portion of the) DMAKP to use the device. This is communicated out of band
21 THE SECURITY LIFE CYCLE 3/3 Step 3: Devices get a common DSK for peer-to-peer secure communication from the TMC DAKP and DMAKP are used to generate a shared secret using the ECDH algorithm. The shared secret is used to authenticate and encrypt during the DSK propagation process. To meet the requirements of AES-GCM, the TMC will periodically need to change the DSK Same process as above is used to change the DSK DSK Device Symmetric Key TMC Trusted Management Console. The network manager for the security subsystem. Responsible for generation and management of the DMAKP, DSK and re-keying the DSK.
22 I ot INFRASTRUCTURE SECURITY IzoT INFRASTRUCTURE SECURITY NO MORE GATEWAYS
23 IP LEVEL SECURITY PAYLOAD System security is as week as its weakest link IP compression allows for encrypted payload to be untouched until destination End-end encryption from field device to remote server No gateways must be used IzoT platform natively supports IP wired and wireless links 6LowPAN for links IPv4 with compression for wired twisted pair links IPv4 for WiFi and Ethernett links Infrastructure devices must support secure WAN connectivity HTTPS and secure login Authenticated SOAP messages At least MD5 authentication
24 END-END ENCRYPTION IP over Ethernet IzoT Device on Eth /2/30 -/2/31 IzoT Device on Eth IzoT Router /1/23 -/1/25 IP over FT (compressed) -/2/30 -/2/31 IzoT Devices on FT
25 IzoT SECURITY SUMMARY Authentication and encryption engine Security primitives integrated in protocol stack End end encrypted End-end encrypted payload
26 Q&A
27 THANK YOU
Security Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2
BlackBerry Enterprise Service 10 BlackBerry Device Service Solution Version: 10.2 Security Technical Overview Published: 2014-09-10 SWD-20140908123239883 Contents 1 About BlackBerry Device Service solution
More informationNetwork Security Part II: Standards
Network Security Part II: Standards Raj Jain Washington University Saint Louis, MO 63131 Jain@cse.wustl.edu These slides are available on-line at: http://www.cse.wustl.edu/~jain/cse473-05/ 18-1 Overview
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationTLS and SRTP for Skype Connect. Technical Datasheet
TLS and SRTP for Skype Connect Technical Datasheet Copyright Skype Limited 2011 Introducing TLS and SRTP Protocols help protect enterprise communications Skype Connect now provides Transport Layer Security
More informationLecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References
Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions
More informationSecurity Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)
Security Protocols Security Protocols Necessary to communicate securely across untrusted network Provide integrity, confidentiality, authenticity of communications Based on previously discussed cryptographic
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationImplementing and Managing Security for Network Communications
3 Implementing and Managing Security for Network Communications............................................... Terms you ll need to understand: Internet Protocol Security (IPSec) Authentication Authentication
More informationChapter 4 Virtual Private Networking
Chapter 4 Virtual Private Networking This chapter describes how to use the virtual private networking (VPN) features of the FVL328 Firewall. VPN tunnels provide secure, encrypted communications between
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationLab 8.3.1.2 Configure Basic AP Security through IOS CLI
Lab 8.3.1.2 Configure Basic AP Security through IOS CLI Estimated Time: 30 minutes Number of Team Members: Students will work in teams of two. Objective In this lab, the student will learn the following
More informationChapter 17. Transport-Level Security
Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics
More informationCS 356 Lecture 27 Internet Security Protocols. Spring 2013
CS 356 Lecture 27 Internet Security Protocols Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationSync Security and Privacy Brief
Introduction Security and privacy are two of the leading issues for users when transferring important files. Keeping data on-premises makes business and IT leaders feel more secure, but comes with technical
More informationITL BULLETIN FOR JANUARY 2011
ITL BULLETIN FOR JANUARY 2011 INTERNET PROTOCOL VERSION 6 (IPv6): NIST GUIDELINES HELP ORGANIZATIONS MANAGE THE SECURE DEPLOYMENT OF THE NEW NETWORK PROTOCOL Shirley Radack, Editor Computer Security Division
More informationBlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
More informationWHITE PAPER COMBATANT COMMAND (COCOM) NEXT-GENERATION SECURITY ARCHITECTURE USING NSA SUITE B
COMBATANT COMMAND () NEXT-GENERATION SECURITY ARCHITECTURE USING NSA SUITE B TABLE OF CONTENTS COMBATANT COMMAND () NEXT-GENERATION SECURITY ARCHITECTURE USING NSA SUITE B NSA COMMERCIAL SOLUTION FOR CLASSIFIED
More informationInformation Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100
Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100 Course Description: Introduction to Cybersecurity is designed to provide students the basic concepts and terminology
More informationTable of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example
Table of Contents Wi Fi Protected Access 2 (WPA 2) Configuration Example...1 Document ID: 67134...1 Introduction...1 Prerequisites...1 Requirements...1 Components Used...2 Conventions...2 Background Information...2
More informationData Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment
White Paper Data Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment Cisco Connected Analytics for Network Deployment (CAND) is Cisco hosted, subscription-based
More informationChapter 5. Data Communication And Internet Technology
Chapter 5 Data Communication And Internet Technology Purpose Understand the fundamental networking concepts Agenda Network Concepts Communication Protocol TCP/IP-OSI Architecture Network Types LAN WAN
More informationSingle Sign-On Secure Authentication Password Mechanism
Single Sign-On Secure Authentication Password Mechanism Deepali M. Devkate, N.D.Kale ME Student, Department of CE, PVPIT, Bavdhan, SavitribaiPhule University Pune, Maharashtra,India. Assistant Professor,
More informationBBM Protected: Secure enterprise- GrAde MoBIle MeSSAGING
BBM Protected: Secure ENTERPRISE- GRADE mobile messaging All the benefits of BBM with the security of enterprise-grade encryption BBM Protected allows employees to take advantage of the speed, reliability
More informationAPNIC elearning: IPSec Basics. Contact: training@apnic.net. esec03_v1.0
APNIC elearning: IPSec Basics Contact: training@apnic.net esec03_v1.0 Overview Virtual Private Networks What is IPsec? Benefits of IPsec Tunnel and Transport Mode IPsec Architecture Security Associations
More informationNetwork Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide
Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead
More informationEMC DATA DOMAIN ENCRYPTION A Detailed Review
White Paper EMC DATA DOMAIN ENCRYPTION A Detailed Review Abstract The proliferation of publicized data loss, coupled with new governance and compliance regulations, is driving the need for customers to
More informationSSL A discussion of the Secure Socket Layer
www.harmonysecurity.com info@harmonysecurity.com SSL A discussion of the Secure Socket Layer By Stephen Fewer Contents 1 Introduction 2 2 Encryption Techniques 3 3 Protocol Overview 3 3.1 The SSL Record
More informationRELEASE NOTES. Table of Contents. Scope of the Document. [Latest Official] ADYTON Release 2.12.9 - corrections. ADYTON Release 2.12.
Table of Contents Scope of the Document... 1 [Latest Official] ADYTON Release 2.12.9... 1 ADYTON Release 2.12.4... 1 ADYTON Release 2.9.3... 3 ADYTON Release 2.7.7... 3 ADYTON Release 2.6.2... 4 ADYTON
More informationThe Secure Sockets Layer (SSL)
Due to the fact that nearly all businesses have websites (as well as government agencies and individuals) a large enthusiasm exists for setting up facilities on the Web for electronic commerce. Of course
More informationKey Management Interoperability Protocol (KMIP)
www.oasis-open.org Management Interoperability Protocol (KMIP) Storage Developer s Introduction SNIA Fall 2009 Gordon Arnold, garnold@us.ibm.com Chair, Storage Security Industry Forum 1 2009 Insert Copyright
More informationLBSEC. http://www.liveboxcloud.com
2014 LBSEC http://www.liveboxcloud.com LiveBox Srl does not release declarations or guarantee regarding this documentation and its use and declines any expressed or implied commercial or suitability guarantee
More informationTLS/SSL in distributed systems. Eugen Babinciuc
TLS/SSL in distributed systems Eugen Babinciuc Contents 1. Introduction to TLS/SSL 2. A quick review of cryptography 3. TLS/SSL in distributed systems 4. Conclusions Introduction to TLS/SSL TLS/SSL History
More informationQuestion How do I access the router s web-based setup page? Answer
http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=3676 Question How do I access the router s web-based setup page? Answer All Linksys routers have a built-in web-based setup
More informationDRAFT Standard Statement Encryption
DRAFT Standard Statement Encryption Title: Encryption Standard Document Number: SS-70-006 Effective Date: x/x/2010 Published by: Department of Information Systems 1. Purpose Sensitive information held
More informationSecurity vulnerabilities in the Internet and possible solutions
Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in
More informationSonicWALL PCI 1.1 Implementation Guide
Compliance SonicWALL PCI 1.1 Implementation Guide A PCI Implementation Guide for SonicWALL SonicOS Standard In conjunction with ControlCase, LLC (PCI Council Approved Auditor) SonicWall SonicOS Standard
More informationExecutive Summary and Purpose
ver,1.0 Hardening and Securing Opengear Devices Copyright Opengear Inc. 2013. All Rights Reserved. Information in this document is subject to change without notice and does not represent a commitment on
More informationVantage RADIUS 50. Quick Start Guide Version 1.0 3/2005
Vantage RADIUS 50 Quick Start Guide Version 1.0 3/2005 1 Introducing Vantage RADIUS 50 The Vantage RADIUS (Remote Authentication Dial-In User Service) 50 (referred to in this guide as Vantage RADIUS)
More informationE-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)
E-Commerce Security An e-commerce security system has four fronts: LECTURE 7 (SECURITY) Web Client Security Data Transport Security Web Server Security Operating System Security A safe e-commerce system
More informationUsing a VPN with Niagara Systems. v0.3 6, July 2013
v0.3 6, July 2013 What is a VPN? Virtual Private Network or VPN is a mechanism to extend a private network across a public network such as the Internet. A VPN creates a point to point connection or tunnel
More informationFileCloud Security FAQ
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
More informationCiphermail Gateway PDF Encryption Setup Guide
CIPHERMAIL EMAIL ENCRYPTION Ciphermail Gateway PDF Encryption Setup Guide March 6, 2014, Rev: 5454 Copyright c 2008-2014, ciphermail.com. CONTENTS CONTENTS Contents 1 Introduction 4 2 Portal 4 3 PDF encryption
More informationAn Overview of ZigBee Networks
An Overview of ZigBee Networks A guide for implementers and security testers Matt Hillman Contents 1. What is ZigBee?... 3 1.1 ZigBee Versions... 3 2. How Does ZigBee Operate?... 3 2.1 The ZigBee Stack...
More informationCase Study for Layer 3 Authentication and Encryption
CHAPTER 2 Case Study for Layer 3 Authentication and Encryption This chapter explains the basic tasks for configuring a multi-service, extranet Virtual Private Network (VPN) between a Cisco Secure VPN Client
More informationSSL/TLS: The Ugly Truth
SSL/TLS: The Ugly Truth Examining the flaws in SSL/TLS protocols, and the use of certificate authorities. Adrian Hayter CNS Hut 3 Team adrian.hayter@cnsuk.co.uk Contents Introduction to SSL/TLS Cryptography
More informationSecuring Data on Microsoft SQL Server 2012
Securing Data on Microsoft SQL Server 2012 Course 55096 The goal of this two-day instructor-led course is to provide students with the database and SQL server security knowledge and skills necessary to
More informationCrashPlan Security SECURITY CONTEXT TECHNOLOGY
TECHNICAL SPECIFICATIONS CrashPlan Security CrashPlan is a continuous, multi-destination solution engineered to back up mission-critical data whenever and wherever it is created. Because mobile laptops
More informationEXAM questions for the course TTM4135 - Information Security May 2013. Part 1
EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question
More informationUsing etoken for SSL Web Authentication. SSL V3.0 Overview
Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents
More informationSecurity in Wireless Local Area Network
Fourth LACCEI International Latin American and Caribbean Conference for Engineering and Technology (LACCET 2006) Breaking Frontiers and Barriers in Engineering: Education, Research and Practice 21-23 June
More informationSecurity Guide. BlackBerry 10 Device
Security Guide BlackBerry 10 Device Published: 2016-01-29 SWD-20160129121335350 Contents Introduction... 5 Secure device management... 6 Hardware root of trust...7 The BlackBerry 10 OS... 8 The file system...8
More informationOutline. INF3510 Information Security. Lecture 10: Communications Security. Communication Security Analogy. Network Security Concepts
Outline INF3510 Information Security Lecture 10: Communications Security Network security concepts Communication security Perimeter security Protocol architecture and security services Example security
More informationGigaset IP and IP-PRO Phones Provisioning / Remote Management. last modifications by J. Stahl, Bocholt, January the 18 th 2011
Gigaset IP and IP-PRO Phones Provisioning / Remote Management last modifications by J. Stahl, Bocholt, January the 18 th 2011 Agenda Provisioning / Remote Management for Gigaset IP phones Introduction
More informationIoT Security. Introduction. Threat Model
IoT Security Introduction In this 1248 white paper we summarise the various aspects of security which need to be considered when designing connected products for the Internet of Things. We give a general
More informationSecuring IP Networks with Implementation of IPv6
Securing IP Networks with Implementation of IPv6 R.M.Agarwal DDG(SA), TEC Security Threats in IP Networks Packet sniffing IP Spoofing Connection Hijacking Denial of Service (DoS) Attacks Man in the Middle
More informationU.S. Federal Information Processing Standard (FIPS) and Secure File Transfer
IPSWITCH FILE TRANSFER WHITE PAPER U.S. Federal Information Processing Standard (FIPS) and Secure File Transfer www.ipswitchft.com FIPS 140-2 is a standard first published in 2001 by the U.S. National
More informationKey Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards
White Paper Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards By Dr. Wen-Ping Ying, Director of Software Development, February 2002 Introduction Wireless LAN networking allows the
More informationVLANs. Application Note
VLANs Application Note Table of Contents Background... 3 Benefits... 3 Theory of Operation... 4 IEEE 802.1Q Packet... 4 Frame Size... 5 Supported VLAN Modes... 5 Bridged Mode... 5 Static SSID to Static
More informationModule 8. Network Security. Version 2 CSE IIT, Kharagpur
Module 8 Network Security Lesson 2 Secured Communication Specific Instructional Objectives On completion of this lesson, the student will be able to: State various services needed for secured communication
More informationWeb Security Considerations
CEN 448 Security and Internet Protocols Chapter 17 Web Security Dr. Mostafa Hassan Dahshan Computer Engineering Department College of Computer and Information Sciences King Saud University mdahshan@ccis.ksu.edu.sa
More informationChapter 8 Virtual Private Networking
Chapter 8 Virtual Private Networking This chapter describes how to use the virtual private networking (VPN) features of the FWG114P v2 Wireless Firewall/Print Server. VPN tunnels provide secure, encrypted
More informationChapter 7 Transport-Level Security
Cryptography and Network Security Chapter 7 Transport-Level Security Lectured by Nguyễn Đức Thái Outline Web Security Issues Security Socket Layer (SSL) Transport Layer Security (TLS) HTTPS Secure Shell
More informationMS-55096: Securing Data on Microsoft SQL Server 2012
MS-55096: Securing Data on Microsoft SQL Server 2012 Description The goal of this two-day instructor-led course is to provide students with the database and SQL server security knowledge and skills necessary
More informationSecurity Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0
Security Guide BlackBerry Enterprise Service 12 for ios, Android, and Windows Phone Version 12.0 Published: 2015-02-06 SWD-20150206130210406 Contents About this guide... 6 What is BES12?... 7 Key features
More informationClient Server Registration Protocol
Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
More informationUsing a VPN with CentraLine AX Systems
Using a VPN with CentraLine AX Systems User Guide TABLE OF CONTENTS Introduction 2 What Is a VPN? 2 Why Use a VPN? 2 How Can I Set Up a VPN? 2 Important 2 Network Diagrams 2 Network Set-Up with a VPN 2
More informationCSCI 454/554 Computer and Network Security. Topic 8.1 IPsec
CSCI 454/554 Computer and Network Security Topic 8.1 IPsec Outline IPsec Objectives IPsec architecture & concepts IPsec authentication header IPsec encapsulating security payload 2 IPsec Objectives Why
More informationBit Chat: A Peer-to-Peer Instant Messenger
Bit Chat: A Peer-to-Peer Instant Messenger Shreyas Zare shreyas@technitium.com https://technitium.com December 20, 2015 Abstract. Bit Chat is a peer-to-peer instant messaging concept, allowing one-to-one
More informationCloud Security. Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs. peterjopling. 2011 IBM Corporation
Cloud Security Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs peterjopling 2011 IBM Corporation Cloud computing impacts the implementation of security in fundamentally new ways
More informationComputer Networks: DNS a2acks CS 1951e - Computer Systems Security: Principles and Prac>ce. Domain Name System
Computer Networks: DNS a2acks CS 1951e - Computer Systems Security: Principles and Prac>ce 18/02/15 Networks: DNS attacks 1 Domain Name System The domain name system (DNS) is an applica>on- layer protocol
More informationAuthentication Application
Authentication Application KERBEROS In an open distributed environment servers to be able to restrict access to authorized users to be able to authenticate requests for service a workstation cannot be
More informationConfiguring the WT-4 for ftp (Ad-hoc Mode)
En Configuring the WT-4 for ftp (Ad-hoc Mode) Mac OS X Introduction This document provides basic instructions on configuring the WT-4 wireless transmitter and a Mac OS X (10.5.2) ftp server for transmission
More informationUsing Entrust certificates with VPN
Entrust Managed Services PKI Using Entrust certificates with VPN Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust is a trademark or a registered trademark
More informationIoT Security Platform
IoT Security Platform 2 Introduction Wars begin when the costs of attack are low, the benefits for a victor are high, and there is an inability to enforce law. The same is true in cyberwars. Today there
More information9243060 Issue 1 EN. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation
9243060 Issue 1 EN Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation Nokia 9300i Configuring connection settings Nokia 9300i Configuring connection settings Legal Notice
More informationPlatform Compatibility... 1 Key Features... 2 Known Issues... 4 Upgrading SonicOS Image Procedures... 6 Related Technical Documentation...
SonicOS SonicOS Enhanced 5.6.5.0 Early Field Trial Release Notes Contents Platform Compatibility... 1 Key Features... 2 Known Issues... 4 Upgrading SonicOS Image Procedures... 6 Related Technical Documentation...
More informationSecurity: Focus of Control. Authentication
Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized
More information1. Introduction to DirectAccess. 2. Technical Introduction. 3. Technical Details within Demo. 4. Summary
1. Introduction to DirectAccess 2. Technical Introduction 3. Technical Details within Demo 4. Summary Section 2: Technical Introduction Solution Overview Compliant Client Compliant Client Internet
More informationAbstract. Avaya Solution & Interoperability Test Lab
Avaya Solution & Interoperability Test Lab Application Notes for Configuring Enterasys Wireless Access Point 3000 (RBT3K-AG) to Support Avaya IP Office, Avaya IP Wireless Telephones and Avaya Phone Manager
More informationThe Trivial Cisco IP Phones Compromise
Security analysis of the implications of deploying Cisco Systems SIP-based IP Phones model 7960 Ofir Arkin Founder The Sys-Security Group ofir@sys-security.com http://www.sys-security.com September 2002
More informationImplementing Secured Converged Wide Area Networks (ISCW) Version 1.0
COURSE OVERVIEW Implementing Secure Converged Wide Area Networks (ISCW) v1.0 is an advanced instructor-led course that introduces techniques and features that enable or enhance WAN and remote access solutions.
More informationCPA SECURITY CHARACTERISTIC SECURE VOIP CLIENT
26579500 CPA SECURITY CHARACTERISTIC SECURE VOIP CLIENT Version 2.0 Crown Copyright 2013 All Rights Reserved UNCLASSIFIED Page 1 About this document This document describes the features, testing and deployment
More informationInternetwork Security
Internetwork Security Why Network Security Layers? Fundamentals of Encryption Network Security Layer Overview PGP Security on Internet Layer IPSec IPv6-GCAs SSL/TLS Lower Layers 1 Prof. Dr. Thomas Schmidt
More informationLecture 10: Communications Security
INF3510 Information Security Lecture 10: Communications Security Audun Jøsang University of Oslo Spring 2015 Outline Network security concepts Communication security Perimeter security Protocol architecture
More informationInterconnecting Cisco Network Devices 1 Course, Class Outline
www.etidaho.com (208) 327-0768 Interconnecting Cisco Network Devices 1 Course, Class Outline 5 Days Interconnecting Cisco Networking Devices, Part 1 (ICND1) v2.0 is a five-day, instructorled training course
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
More informationIndustrial Networks & Databases
Industrial Networks & Databases LONWORKS KNX 1 HVAC and BEMS HVAC - Heating, Ventilation & Air Conditioning BEMS - Building & Energy Management Systems 2 3 4 LONWORKS (Local Operating Networks) Open solution
More informationCyberoam Configuration Guide for VPNC Interoperability Testing using DES Encryption Algorithm
Cyberoam Configuration Guide for VPNC Interoperability Testing using DES Encryption Algorithm Document Version:2.0-12/07/2007 IMPORTANT NOTICE Elitecore has supplied this Information believing it to be
More informationObjectives. Remote Connection Options. Teleworking. Connecting Teleworkers to the Corporate WAN. Providing Teleworker Services
ITE I Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1 Objectives Providing Teleworker Services Describe the enterprise requirements for providing teleworker services Explain how
More informationSecure Network Communications FIPS 140 2 Non Proprietary Security Policy
Secure Network Communications FIPS 140 2 Non Proprietary Security Policy 21 June 2010 Table of Contents Introduction Module Specification Ports and Interfaces Approved Algorithms Test Environment Roles
More informationMySQL Security: Best Practices
MySQL Security: Best Practices Sastry Vedantam sastry.vedantam@oracle.com Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes
More informationNokia E61i Configuring connection settings
Nokia E61i Configuring connection settings Nokia E61i Configuring connection settings Legal Notice Copyright Nokia 2007. All rights reserved. Reproduction, transfer, distribution or storage of part or
More informationINTERCONNECTING CISCO NETWORK DEVICES PART 1 V2.0 (ICND 1)
INTERCONNECTING CISCO NETWORK DEVICES PART 1 V2.0 (ICND 1) COURSE OVERVIEW: Interconnecting Cisco Networking Devices, Part 1 (ICND1) v2.0 is a five-day, instructor-led training course that teaches learners
More informationFirewall Introduction Several Types of Firewall. Cisco PIX Firewall
Firewall Introduction Several Types of Firewall. Cisco PIX Firewall What is a Firewall? Non-computer industries: a wall that controls the spreading of a fire. Networks: a designed device that controls
More information000-609. IBM WebSphere Data Power SOA Applicances V3.8.1 Solution IMP. Version: Demo. Page <<1/10>>
000-609 IBM WebSphere Data Power SOA Applicances V3.8.1 Solution IMP Version: Demo Page 1. Which of the following is an advantage of using WS-Security instead of SSL? A. Provides assured message
More informationETHERNET WAN ENCRYPTION SOLUTIONS COMPARED
HERN WAN ENCRYPTION SOLUTIONS COMPARED KEY WORDS AND TERMS MACsec, WAN security, WAN data protection, MACsec encryption, network data protection, network data security, high-speed encryption, Senetas,
More informationConfiguring connection settings
Configuring connection settings Nokia E90 Communicator Configuring connection settings Nokia E90 Communicator Configuring connection settings Legal Notice Nokia, Nokia Connecting People, Eseries and E90
More informationSSL BEST PRACTICES OVERVIEW
SSL BEST PRACTICES OVERVIEW THESE PROBLEMS ARE PERVASIVE 77.9% 5.2% 19.2% 42.3% 77.9% of sites are HTTP 5.2% have an incomplete chain 19.2% support weak/insecure cipher suites 42.3% support SSL 3.0 83.1%
More informationINF3510 Information Security University of Oslo Spring 2011. Lecture 9 Communication Security. Audun Jøsang
INF3510 Information Security University of Oslo Spring 2011 Lecture 9 Communication Security Audun Jøsang Outline Network security concepts Communication security Perimeter security Protocol architecture
More informationSecuring an IP SAN. Application Brief
Securing an IP SAN Application Brief All trademark names are the property of their respective companies. This publication contains opinions of StoneFly, Inc., which are subject to change from time to time.
More information