1 Fundamentals of Network Security Graphic Symbols
3 Router Figure 1: IOS Router icon and photos A Router is an internetworking device which operates at OSI Layer 3. A Router interconnects network segments or entire networks and passes data packets between networks based on Layer 3 information. The router, by default, is an open device. Services must be turned off or secured. Routing hardware provides everything from high-end routing platforms for building IP optimized backbones, to Ethernet LANs to WANs for the enterprise, medium and small businesses, and home offices. Cisco router models include: 12000, 10000, and 7000 series for enterprise and service provider 3600, 2600, 2500, 1700 series for medium business and branch offices 70, 90, and 800 series for small business and home office
4 Switch Figure 1: Switch icon and photos Switches connect LAN segments, use a table of MAC addresses to determine the segment on which a datagram needs to be transmitted, and reduce traffic. Switches, which typically operate at Layer 2, can be categorized as stackable or chassis based. The workgroup switch is typically a stackable switch and is placed in IDFs to provide LAN access to end device. In small networks, these switches can also be used for the core and distribution levels in addition to the access level. Switches can be configured via menu, command line, or web browser interfaces. Stackable switch models include the Catalyst 1900, 2900 and 3500 series. Chassis based switches include the Catalyst 4000, 5000, 6000, 8000, and 9000 series.
5 Hub Figure 1: Hub icon and photos Hubs, or multiport repeaters, are legacy devices which combine connectivity with the amplifying and re-timing properties of repeaters. Hubs operate at Layer one of the OSI. It is typical to see 4, 8, 12, and up to 24, ports on multiport repeaters. This allows many devices to be cheaply and easily interconnected. Hubs have limited scalability due to shared bandwidth and high collision rates. Hubs are typically used for small office and home office environments. Cisco offers the 1538 Hub series. Other network vendors provide a larger selection of Hub models and port configurations. Network Access Server Figure 1: Network access server icon Network Access Servers (NAS), such as a 2509 and 2511 router series, terminate remote access dial users for small and medium networks. Analog Modem Network Modules such as the NM-8AM and NM-16M can be used in 2600, 3600 and 3700 series routers to provide remote dial access as well.
6 The AS5300, AS5400, and AS5800 series are typically used in service provider and enterprise networks to provide the following services to users: Long Distance Prepaid Calling Local Access Hosted IP Telephony ASP Hosting and Termination Unified Communications Access VPN Dial Access Hardware-based Firewall Figure 1: Firewall icon and photo Hardware-based firewalls, or dedicated firewalls, are devices that have the software preinstalled on a specialized hardware platform. A firewall provides a single point of defense between two networks to protect one network from the other. Usually, a firewall protects the private network of a company from the public or shared networks to which it is connected. A dedicated firewall provides maximum configuration flexibility within a network. The primary function of a firewall is to filter traffic based on Layer 4 connections. Many firewalls also provide encryption services to protect traffic, creating a secure Virtual Private Network (VPN). The PIX Security Appliance, by default, is a closed device. Services must be turned on to allow traffic to pass. PIX Models, which scale from home office to service provider level, include the 501, 506E, 515E, 525, and 535.
7 IOS Firewall Figure 1: IOS Firewall icon and photos The Cisco IOS Firewall, provides robust, integrated firewall, intrusion detection, and VPN functionality for every perimeter of the network. The Firewall Feature Set is available for most Cisco routers including the 800, 1600, 1700, 2500, 2600, 3600, 7100, and 7200 series routers, however some features may not be available on low end and legacy router models. An integrated firewall provides greater interoperability within the existing network. Either IOS Firewall or Firewall Router icon can be used to represent the Cisco IOS Firewall.
8 Firewall Services Module Figure 1: Firewall Services Module icon and photo Cisco Firewall Services Module (FWSM) is a high-speed, integrated firewall module for Cisco Catalyst 6500 switches and Cisco 7600 Series routers, and provides a 5 Gbps throughput, 100,000 connections per second, and one million concurrent connections. Up to four FWSMs can be installed in a single chassis providing scalability to 20 Gbps per chassis. Based on Cisco PIX Firewall technology, the FWSM provides large enterprises and service providers with unmatched security, reliability, and performance within a switch chassis. The traditional role of firewalls has changed. Firewalls now do more than protect a corporate network from unauthorized external access. They can also prevent unauthorized users from accessing a particular subnet, workgroup or LAN within a corporate network.
9 VPN 300 Series Concentrator Figure: VPN 300 Series Concentrator icon and photo Cisco VPN 3000 Series Concentrators is a family of purpose-built, remote access Virtual Private Network (VPN) platforms and client software that incorporates high availability, high performance and scalability with the most advanced encryption and authentication techniques available today. Cisco VPN 3000 Series Concentrators include models to support a range of enterprise customers, from small businesses with 100 or fewer remote access users to large organizations with up to 10,000 simultaneous remote users. The models include the 3005, 3015, 3030, 3060, and the Directory Server Figure 1: Director server icon A directory server allows organizations to centrally manage and share information on network resources and users while acting as the central authentication point for the network. It is a central storage location for information assets such as users, applications, servers, computers, files, and printers. In large corporations, a directory server must maintain information on thousands of users, computers, servers, and files. Some examples include Lightweight Directory Access Protocol (LDAP) servers, Microsoft Active Directory (AD) servers, and Novell Directory Services (NDS) servers.
10 Certificate Authority Server Figure 1: CA Server icon A Certificate Authority (CA) Server issues digital certificates to network devices. Digital certificates are used to authenticate devices and users when creating a VPN connection or tunnel. There are several CA vendors that interoperate with Cisco IOS software on Cisco routers. They include Entrust, VeriSign, Baltimore, and Microsoft. Several CA vendors support the simple certificate enrollment protocol (SCEP) for enrolling Cisco routers and PIX Security Appliances. Virtual Private Network Tunnel Figure 1: VPN tunnel A Virtual Private Network (VPN) tunnel is created between two network devices. The devices can include servers, software clients, VPN routers, concentrators, and PIX Security Appliances. The tunnel can be created using various technologies including: Generic Router Encapsulation (GRE) IP Security (IPSec) Layer 2 Tunneling Protocol (L2TP) Point-to-Point Tunneling Protocol (PPTP) Multi-Protocol Label Switching (MPLS) VPN tunnels can provide confidentiality, integrity, and authenticity between two devices depending on the technology utilized to create the tunnel.
11 Policy Manager or Policy Director Figure 1: Policy manager or director icon One of the greatest challenges of network security is management and monitoring of hundreds or thousands of VPNs, routers, firewalls, and intrusion detection sensors. A policy manager or director server is used to manage enterprise level security for medium to large networks. Cisco provides two director platforms: Cisco Secure Policy Manger (CSPM) VPN Management Solution (VMS) Catalyst 6500 Series Intrusion Detection System Services Module Figure 1: Catalyst 6500 Series Intrusion Detection System Services Module icon and photo The Cisco Catalyst 6500 Series Intrusion Detection System (IDSM) Services Module is a key network based intrusion protection solution for safeguarding organizations from costly and debilitating network breaches such as malicious Internet worms, Denial of Service attacks, and application attacks.
12 The second generation Cisco IDSM-2 is designed to protect switched environments by integrating full-featured IDS functionality directly into the network infrastructure through the widely deployed Cisco Catalyst 6500 Series chassis. This integration allows the user to monitor traffic directly off the switch back-plane - a logical platform for additional services such as firewall, virtual private network (VPN) and IDS services. The Cisco IDSM-2 is works in concert with other components to increase the operating efficiency of intrusion protection to secure data infrastructure. IDS Sensor Figure 1: IDS Sensor A IDS Sensor is a network appliance which monitors traffic flowing across a network segment. IDS Sensors respond to any attacks in real time by resetting any traffic which matches an attack signature, and sending alarms to a central monitoring server. IDS Sensors are purpose-built, high-performance network security appliances that protect against unauthorized, malicious activity traversing the network, such as attacks by hackers. The Cisco IDS 4200 Series of appliance sensors includes three products: the Cisco IDS 4210, the Cisco IDS 4235, and the Cisco IDS Each appliance sensor addresses the bandwidth requirements at one of a variety of performance marks, from 45 Mbps to 1 Gbps.
13 Host Intrusion Detection Agent Figure 1: Host intrusion detection agent icon Figure 2: Component object model Host based intrusion detection software should be installed on mission critical desktops and servers. Most of the attacks today are targeted towards public servers. Cisco provides host based intrusion detection using the Cisco Security Agent, which resides between the applications and the kernel. The agent intercepts all system calls to file, network, and registry sources, as well as to dynamic, run-time resources such as memory pages, shared library modules, and Component Object Model (COM) objects. The agent correlates behaviors of these system calls, based on rules that define appropriate or acceptable behavior for a specific application. Then the software permits
14 or denies the action and sends an alarm to a central monitoring server or agent manager when an attack is detected. Laptops Figure 1: Laptop icon and photo Laptops are present on almost every network today. They are becoming standard desktop replacements in many corporations. Users can work at the office, from home, or any other location with Internet access. Two trends which greatly increased the use of laptops include wireless LANs and VPNs. Both are critical productivity factors, however these must be securely implemented to avoid network breaches. Laptop theft is also a big problem which must be considered as well. Many anti-theft hardware and software solutions are available. Viruses, Trojan horses, hostile applets, and worms pose a great problem to laptop computers and network systems. Anti-virus software should be installed on laptops. Furthermore, operating systems must be continually updated with security patches and fixes to remain as secure as possible.
15 Server Figure 1: Server icon and photo In most networks, servers are the brains of the operation while networking devices provides the nervous system of the business. It is very important that these resources are protected against attacks. Some of the common server platforms include: Microsoft Windows NT and 2000 Server Sun Solaris LiNux Servers provide critical functions including: File, and Web Services Print Services Storage Voice Call Management Database Services Directory Services
16 Personal Computer Figure 1: PC icon and photo The Personal Computer (PC) has only been around for 25 years and has greatly changed the world. Functionality, performance, and storage have greatly increased. With the advent of the Internet, PCs have become commonplace in governments, businesses, schools, and homes. Unfortunately, with increased capabilities and connectivity, security vulnerabilities in applications and operating systems are a big problem. It is these vulnerabilities, which are exploited by hackers today. With broadband services such as DSL and Cable, the attacks have increased dramatically. Viruses, Trojan horses, hostile applets, and worms pose a great problem to computers and network systems. Anti-virus software is very important in a networked world. Furthermore, operating systems must be continually updated with security patches and fixes to remain as secure as possible.
17 VPN Client Software Figure 1: VPN Client software VPN Client software, which is installed on a PC or laptop, enables users to create a secure tunnel to the corporate intranet. This allows telecommuters the ability to access internal corporate resources such as , voice, video, web, and file services which are not available to the public. Simple to deploy and operate, the Cisco VPN Client enables a secure, end-to-end encrypted tunnel. This software client can be terminated on several VPN products including the VPN router, PIX Security Appliance, and the Cisco VPN 3000 Series Concentrator. There are other VPN clients available including the native Microsoft VPN client and other 3rd party clients. Mobile Worker Figure 1: Mobile worker icon Mobile workers can include staff within a company. Virtually every occupation and business has workers who are mobile. For many years, the challenge was connectivity to the corporate network, especially when dial-up access was the only way to connect. Today, users can connect by way of
18 56K dial-up, ISDN, DSL, Cable, and any LAN connected to the Internet. Connectivity is no longer a big concern. Security is. Wireless LANs have also created a new workplace where workers can move around the office as needed and maintain connectivity. With wireless LANs, people can easily access the Internet while at home, in a hotel, at the airport, at the coffee shop, and in many public areas. Unfortunately, without security measures in place, hackers have access as well. End User Figure 1: End user icon End users are workers who are connected to the network through a PC, laptop, or other mobile devices. Users are what drive the business. Without people, a business cannot survive. Unfortunately, they also can be responsible for security breaches. Some users carelessly use easy to guess passwords, write them on a note near the computer, or simple give their passwords when asked. Users also inadvertently download viruses, Trojans horses, and hostile java and active-x code from various web sites. Many users delete files accidentally or may confidential information without thinking twice. And on occasion, some users connect a wireless access point on the corporate network without and security mechanism in place. End User or Attacker Figure 1: End user or attacker icon At one point, some end users can become the attacker. Many times, there is a fine line between network use and hacking, for example, a user in the marketing department accessing confidential data in the human resources department. Almost 75 percent of the network attacks come from inside the network.
19 Attacker Figure 1: Attacker An attacker, also know as a hacker, is an end user who is attempting to: Discover the network Access the network Damage the network Attackers access the network either internally or externally. Remember that 75 percent of the attacks come from within the network. Attackers can be curious users, corporate spies, government operatives, careless users, disgruntled employees, or elite hackers. Corporate Headquarter Figure 1: Corporate headquarter icon The Corporate Headquarter (HQ) is where the primary network resides. The HQ is a central point of connection between branch offices, business partners, remote users, and the Internet. Devices located at the HQ are most critical to protect.
20 Home Office Figure 1: Home office icon The Home Office has become an extension to the corporate network. More and more users are working remotely from home. This has greatly increased worker productivity and reduced corporate overhead. Home offices can be connected through various WAN technologies such as dial-up, ISDN, DSL, Cellular, Satellite, and Cable. In many instances, the Internet connection is always on. This increases the chances that the devices connected within the home office become targets of attack. In some cases, these devices become launch points of attacks without the end users knowledge. Many homes now have small networks including multiple PCs, a router, and a switch. Wireless LAN devices are becoming very popular connection methods for home offices. Without proper security attackers easily breach home networks. CallManager Figure: CallManager icon Cisco CallManager is the software-based call-processing component of the Cisco IP telephony solution, part of Cisco AVVID (Architecture for Voice, Video and Integrated Data). The software extends enterprise telephony features and functions to packet telephony network devices such as IP phones, media processing devices, voice-over-ip (VoIP) gateways, and multimedia applications. Additional data, voice, and video services such as unified messaging, multimedia conferencing, collaborative contact centers, and interactive multimedia response systems interact with the IP telephony solution through Cisco CallManager`s open telephony application programming interface (API). Cisco CallManager is installed on the Cisco Media Convergence Server (MCS).
21 IP Phone Figure 1: IP phone icon IP Phones provides voice communication systems over the data network. IP Phones are designed to enhance productivity and leverage the existing data network. The Cisco IP Phones 7960G and 7940G feature a large, pixel-based LCD display and can support additional information services including Extensible Markup Language (XML) capabilities. XML-based services can be customized to provide users with access to a array of information such as stock quotes, employee extension numbers, or any Web-based content. Models including the 7960G, 7940G, 7910G and 7910G + SW, can accept inline power from a card integrated with a Catalyst switch or a Catalyst in-line power patch panel. IP Phones must have a central control server called a Call Manager Server to operate on a data network. Ethernet Link Figure 1: Ethernet link Ethernet Links provide connectivity for the entire network. These links interconnect routers, switches, printers, PCs, laptops, servers, and other end devices. Current Ethernet links operate at from 10Mbps to 10Gbps. Ethernet can run over fiber and copper. Other common LAN link options include access via a, b, and g wireless technologies. WAN Link Figure 1: WAN link
22 WAN Links provide connectivity to the Internet. WAN technologies can be classified as packet switched, circuit switched or cell switched. Technologies include dial-up, ISDN, X.25, xdsl, Satellite, Cellular, Cable, Frame Relay, SMDS, ATM, SONET. Speeds range from 28Kbps to 10Gbps. Network Cloud Figure 1: Network cloud The Network Cloud represents a wide area network (WAN) or the Internet. Network traffic can traverse private and public links depending on the established service and connections. Also, data can traverse a single Internet service provider (ISP) or multiple ISPs. Modem Figure 1: Modem A modem is a device which provides connectivity to the ISPs network access server. A modem can terminate dial-up connections, xdsl, or Cable connections. A device, which terminates a permanent circuit such as a T1 or T3, is usually called a CSU/DSU.
Network Security Graphic Icons Overview Router Figure 1: IOS Router icon and photos A Router is an internetworking device which operates at OSI Layer 3. A Router interconnects network segments or entire
Table of Contents Which VPN Solution is Right for You?...1 Introduction...1 Before You Begin...1 Conventions...1 Prerequisites...1 Components Used...1 NAT...2 Generic Routing Encapsulation Tunneling...2
VPN Date: 4/15/2004 By: Heena Patel Email:firstname.lastname@example.org What is VPN? A VPN (virtual private network) is a private data network that uses public telecommunicating infrastructure (Internet), maintaining
Using a Firewall General Configuration Guide Page 1 1 Contents There are no satellite-specific configuration issues that need to be addressed when installing a firewall and so this document looks instead
CHAPTER 2 Case Study for Layer 3 Authentication and Encryption This chapter explains the basic tasks for configuring a multi-service, extranet Virtual Private Network (VPN) between a Cisco Secure VPN Client
Lecture 10: Virtual LANs (VLAN) and Virtual Private Networks (VPN) Prof. Shervin Shirmohammadi SITE, University of Ottawa Prof. Shervin Shirmohammadi CEG 4185 10-1 Virtual LANs Description: Group of devices
CHAPTER 1 Introducing Cisco Unified Communications Express Cisco Unified Communications Express is an award-winning communications solution that is provided with the Cisco Integrated Services Router portfolio.
CTS2134 Introduction to Networking Module 07: Wide Area Networks WAN cloud Central Office (CO) Local loop WAN components Demarcation point (demarc) Consumer Premises Equipment (CPE) Channel Service Unit/Data
A Performance Analysis of Gateway-to-Gateway VPN on the Linux Platform Peter Dulany, Chang Soo Kim, and James T. Yu PeteDulany@yahoo.com, ChangSooKim@yahoo.com, email@example.com School of Computer Science,
Firewalls and VPNs Principles of Information Security, 5th Edition 1 Learning Objectives Upon completion of this material, you should be able to: Understand firewall technology and the various approaches
Network+ Guide to Networks, Fourth Edition Chapter 7 WANs, Internet Access, and Remote Connectivity Objectives Identify a variety of uses for WANs Explain different WAN topologies, including their advantages
CISCO CERTIFIED NETWORK ASSOCIATE (CCNA) TRAINING Objective: This training is aimed to give a foundation in and apprenticeship of networking to your Company's Computer Administrators and Support Staff.
Question: 1 Which network security strategy element refers to the deployment of products that identify a potential intruder who makes several failed logon attempts? A. test the system B. secure the network
LF Case Study Overview Introduction This case study describes how one Internet service provider (ISP) plans, designs, and implements an access virtual private network (VPN) by using Layer Forwarding (LF)
Security Frameworks An Enterprise Approach to Security Robert Belka Frazier, CISSP firstname.lastname@example.org Security Security is recognized as essential to protect vital processes and the systems that provide those
Network Virtualization Network Admission Control Deployment Guide This document provides guidance for enterprises that want to deploy the Cisco Network Admission Control (NAC) Appliance for their campus
Deploying Firewalls Throughout Your Organization Avoiding break-ins requires firewall filtering at multiple external and internal network perimeters. Firewalls have long provided the first line of defense
Whitepaper WAN Traffic Management with PowerLink Pro100 Overview In today s Internet marketplace, optimizing online presence is crucial for business success. Wan/ISP link failover and traffic management
Data Sheet Cisco IPsec and SSL VPN Solutions Portfolio Cisco ASA 5500 Series Adaptive Security Appliances, Cisco Routers, and Cisco Catalyst 6500 Series Switches VPNs allow organizations to securely connect
Chapter 15: Advanced Networks IT Essentials: PC Hardware and Software v4.0 1 Determine a Network Topology A site survey is a physical inspection of the building that will help determine a basic logical
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 6 Network Security Objectives List the different types of network security devices and explain how they can be used Define network
COURSE OVERVIEW Implementing Secure Converged Wide Area Networks (ISCW) v1.0 is an advanced instructor-led course that introduces techniques and features that enable or enhance WAN and remote access solutions.
Building Remote Access VPNs 124 Grove Street, Suite 309 Franklin, MA 02038 877-4-ALTIGA www.altiga.com Building Remote Access VPNs: Harnessing the Power of the Internet to Reduce Costs and Boost Performance
Network System Design Lesson Unit 1: INTRODUCTION TO NETWORK DESIGN Assignment Customer Needs and Goals Identify the purpose and parts of a good customer needs report. Gather information to identify network
. Q&A Cisco Virtual Office Express Overview Q. What is Cisco Virtual Office Express? A. Cisco Virtual Office Express is a solution that provides secure, rich network services to workers at locations outside
Abstract Virtual Private Networks (VPNs) are today becoming the most universal method for remote access. They enable Service Provider to take advantage of the power of the Internet by providing a private
Virtual Private Networks Solutions for Secure Remote Access White Paper Copyright Decipher Information Systems, 2005. All rights reserved. The information in this publication is furnished for information
Technical Glossary from Frontier A Analogue Lines: Single Analogue lines are generally usually used for faxes, single phone lines, modems, alarm lines or PDQ machines and are generally not connected to
http://technet.microsoft.com/en-us/library/cc757501(ws.10).aspx Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003 Updated: October 7, 2005 Applies To: Windows Server 2003 with
SSL-VPN Combined With Network Security Introducing A popular feature of the SonicWALL Aventail SSL VPN appliances is called End Point Control (EPC). This allows the administrator to define specific criteria
Solution Overview Managed 4G LTE WAN: Provide Cost-Effective Wireless Broadband Service What You Will Learn With the arrival of the fourth-generation (4G) or Long Term Evolution (LTE) cellular wireless
CCNA 1 Module 2 1. What was the first type of microcomputer network to be implemented? A. MAN B. WAN C. LAN D. PAN 2. Using modem connections, how many modems would it take to allow connections from ten
Meeting the Security Needs of the Broadband Internet May 2001 A White Paper by NetScreen Technologies, Inc. The Emergence of the Broadband Internet The proliferation of Internet Protocol (IP) and the availability
WATCHGUARD FIREBOX SOHO 6TC AND SOHO 6 FIREWALL AND VPN APPLIANCES FOR SMALL BUSINESSES AND BRANCH OFFICES Today, complete Internet security goes beyond a firewall. Firebox SOHO 6tc and SOHO 6 are dedicated
Truffle Broadband Bonding Network Appliance Reliable high throughput data connections with low-cost & diverse transport technologies PART I Truffle in standalone installation for a single office. Executive
Connecting Remote Users to Your Network with Windows Server 2003 Microsoft Corporation Published: March 2003 Abstract Business professionals today require access to information on their network from anywhere
Cisco IOS Advanced Firewall Integrated Threat Control for Router Security Solutions http://www.cisco.com/go/iosfirewall Presentation_ID 2007 Cisco Systems, Inc. All rights reserved. 1 All-in-One Security
SOLUTION BRIEF Enterprise Data Center Interconnectivity Increase Simplicity and Improve Reliability with VPLS on the Routers Challenge As enterprises improve business continuity by enabling resource allocation
Tech Brief Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks Introduction In today s era of increasing mobile computing, one of the greatest challenges
Evolving Your Network with Metro Ethernet and MPLS VPNs Change is a constant in enterprise networking and the axiom definitely holds true when considering wide-area connectivity options. Experienced IT
Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings
How Virtual Private Networks Work by Jeff Tyson This article has been reprinted from http://computer.howstuffworks.com/ Please note that the web site includes two animated diagrams which explain in greater
Ethernet Wide Area Networking, Routers or Switches and Making the Right Choice The Road To Ethernet WAN Various industry sources show trends in globalization and distribution, of employees moving towards
3951 Westerre Parkway, Suite 350 Richmond, VA 23233 804.747.4771 Phone 804.747.5204 FAX Niagara IT Manager s Guide A White Paper An IT Manager s Guide to Niagara This document addresses some of the common
INTRODUCTION TO FIREWALL SECURITY SESSION 1 Agenda Introduction to Firewalls Types of Firewalls Modes and Deployments Key Features in a Firewall Emerging Trends 2 Printed in USA. What Is a Firewall DMZ
The Cisco ASA 5500 as a Superior Firewall Solution The Cisco ASA 5500 Series Adaptive Security Appliance provides leading-edge firewall capabilities and expands to support other security services. Firewalls
As Internet becomes essential for business, the crucial solution to prevent your Internet connection from failure is to have more than one connection. PLANET is a ideal to help the SMBs increase the broadband
Avaya IP Office Converged Communications Streamlining and simplifying communications by bringing your voice, data and Internet all together IP Telephony Contact Centres Unified Communication Services Simplicity
Course Overview Security Threats VPNs and IPSec AAA and Security Servers PIX and IOS Router s IPSec 3002 IKE 515 CA s Intrusion Detection Systems 4210 VPNs Routers 2 The security threats section will cover
A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better,
DSL-2600U User Manual V 1.0 CONTENTS 1. OVERVIEW...3 1.1 ABOUT ADSL...3 1.2 ABOUT ADSL2/2+...3 1.3 FEATURES...3 2 SPECIFICATION...4 2.1 INDICATOR AND INTERFACE...4 2.2 HARDWARE CONNECTION...4 2.3 LED STATUS
Advanced Higher Computing Computer Networks Homework Sheets Topic : Network Protocols and Standards. Name the organisation responsible for setting international standards and explain why network standards
WAN Data Link Protocols In addition to Physical layer devices, WANs require Data Link layer protocols to establish the link across the communication line from the sending to the receiving device. 1 Data
MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file
Key Term Quiz Answers The Internet Use the Key Terms list to complete the sentences that follow. Not all terms will be used. 1. The time it takes for a packet to travel to its destination and back is called
Experiment # 6 Remote Access Services 7-1 : Introduction Businesses today want access to their information anywhere, at any time. Whether on the road with customers or working from home, employees need
Cisco Easy VPN on Cisco IOS Software-Based Routers Cisco Easy VPN Solution Overview The Cisco Easy VPN solution (Figure 1) offers flexibility, scalability, and ease of use for site-to-site and remoteaccess
Voice over IP Technologies Voice Over IP Overview VoIP is an emerging technology that allows voice calls to be made over an IP network. Vendors have been pushing VoIP for a few years, but many potential
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
HughesNet Broadband VPN End-to-End Security Using the Cisco 87x HughesNet Managed Broadband Services includes a high level of end-to-end security features based on a robust architecture designed to meet
Creating a VPN Using Windows 2003 Server and XP Professional Recommended Instructor Preparation for Learning Activity Instructor Notes: There are two main types of VPNs: User-to-Network This type of VPN
Ethical Hacking and Countermeasures Version 6 Module LX Firewall Technologies News Source: http://www.internetnews.com/ Module Objective This module will familiarize i you with: Firewalls Hardware Firewalls
Optimizing Networks for NASPI Scott Pelton, CISSP National Director AT&T Enterprise Network Architecture Center 2008 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks
APPENDIX B This appendix introduces the concepts of Internet Security Protocol (IPSec), virtual private networks (VPNs), and firewalls, as they apply to monitoring with Performance Monitor: Overview: IPSec
Contents: The Case for Frame Relay The Case for IP VPNs Conclusion Frame Relay vs. IP VPNs 2002 Contents: Table of Contents Introduction 2 Definition of Terms 2 Virtual Privacy and 3 the Value of Shared
McAfee.com Personal Firewall 1 Table of Contents Table of Contents...2 Installing Personal Firewall...3 Configuring Personal Firewall and Completing the Installation...3 Configuring Personal Firewall...
Guide Cisco Virtual Office Unified Contact Center Architecture Contents Scope of Document... 1 Introduction... 1 Platforms and Images... 2 Deployment Options for Cisco Unified Contact Center with Cisco
WAN Failover Scenarios Using Digi Wireless WAN Routers This document discusses several methods for using a Digi wireless WAN gateway to provide WAN failover for IP connections in conjunction with another
Universal Network Access Policy Purpose Poynton Workmens Club makes extensive use of network ed Information Technology resources to support its research and administration functions and provides a variety
WAN Technologies Based on CCNA 4 v3.1 Slides Compiled & modified by C. Pham 1 Wide-area Networks (WANs) 2 Metropolitan-Area Network (MANs) 3 Path Determination 4 Internetworking Any internetwork must include
Edgewater Routers User Guide For use with 8x8 Service Version 1.0, March 2011 Table of Contents EdgeMarc 200AE1-10 Router Overview...3 EdgeMarc 4550-15 Router Overview...4 Basic Setup of the 200AE1 and
Executive Summary: Virtual Leased Line (VLL) for high throughput and high reliability Enterprise Branch Office Communications The Truffle Broadband Bonding Network Appliance enables enterprise branch offices
WAN Technology Heng Sovannarith email@example.com Introduction A WAN is a data communications network that covers a relatively broad geographic area and often uses transmission facilities provided