Network Security Auditing April 2015
|
|
- Madlyn Lee
- 8 years ago
- Views:
Transcription
1 Network Security Auditing
2 Agenda Objectives Concepts Definitions Key Review Areas Architecture Assessment Types Nipper Overview Firewall Configuration Review Case Study AlgoSec Overview Firewall Ruleset/Access Review Case Study 2
3 Objectives Explain key concepts and definitions pertaining to network security, device configuration reviews, and rule-set/access reviews. Provide high-level overview of network security practice offerings Explain technical and procedural processes for using the Nipper tool Explain technical and procedural processes for using the AlgoSec tool Discuss real world case studies to provide practical knowledge 3
4 Key Concepts Network Redundancy/Resiliency Resiliency is not needed at every layer, but should exist at critical points in the network, such as the internet presence. Resiliency can be achieved through redundant hardware, fault tolerant systems, virtualized platforms, etc.. DMZ We stole this term from the military just as we stole quarantining from the CDC. DMZs quarantine high-risk zones from all other networks. Segmentation provides an extra layer of security by isolating critical systems and applications. Segmentation is often executed through firewalls access controls and logical networks to restrict the flow of communication in and out of the zone. Two types of DMZs: External and Internal External DMZ: It is not to protect the external services in the DMZ. It is to protect the internal network from them. Internal DMZ: Protect critical applications and systems in the DMZ from everything else. 4
5 Definitions Hardware/Device Types: Routers: A device that routes network traffic along different networks. Firewalls: Inspects network traffic entering or leaving a network and accepts or rejects it based on defined access-control lists (firewall rules). Switches: Multi-port network bridge that processes and forwards data at the data link layer (layer 2) of the OSI model IDS: Device which performs an analysis of passing traffic on the entire subnet. Works in a promiscuous mode, and matches the traffic that is passed on the subnets to the library of knows attacks. IPS: Intrusion prevention is a preemptive approach to network security used to identify potential threats and respond to them swiftly. Web Proxy / Gateway : Devices used for monitoring and restricting unapproved inbound and outbound internet traffic. Network Access Control (NAC): Networking solution that uses a set of protocols to define and implement a policy that describes how to secure access to network nodes by devices when they initially attempt to access the network. 5
6 Definitions Routing: OSPF: "Open Shortest Path First." OSPF is a method of finding the shortest path from one router another in a local area network (LAN). As long as a network is IP-Based, the OSPF algorithm will calculate the most efficient way for data to be transmitted. BGP: Border Gateway Protocol, an exterior gateway routing protocol that enables groups of routers (called autonomous systems) to share routing information so that efficient, loop-free routes can be established Multi-Protocol Label Switching: Multiprotocol Label Switching is a mechanism primarily utilized in WAN architecture networks that directs data from one network node to the next based on short path labels rather than long network addresses 6
7 Definitions Authentication and Access Control: ACL: An Access Control Lists specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects RADIUS: Remote Authentication Dial-In User Service (RADIUS) is a client/server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service. TACAS : TACACS is an access control network protocol for routers, network access servers and other networked computing devices that allows a remote access server to forward a user's logon password to an authentication server to determine whether access can be allowed to a given system. 7
8 Internal Network Assessment An assessment of architecture, security, and resiliency within the internal, local area network at the Layer 3 level Routers Local Area Network Internal Network Internal Firewalls Switches 8
9 Key Review Areas Governance, Policies, Procedures Topology & Placement of Devices Review of Internal Firewall Ruleset/Access (Algosec) Review of internal device configurations (Nipper) Network Segmentation Inventory & Asset Classification Wireless Topology/Configuration Review (Nipper) (Cisco WAP Review Tool) Third Party Connectivity 9
10 Global Communications An assessment of architecture, security, and resiliency, of the network connecting multiple country offices located around the world Firewall CE/PE Router Global Comm. WAN Accelerator Local Area Network Over Wide Area Network 10
11 Key Review Areas Governance, Policies, Procedures Topology & Placement of Devices Review of MPLS Topology, Infrastructure, & Encryption Review of Country Office Firewalls & IPSEC Tunnels Review of Country Office Internet Connectivity Review of Router Configurations (Nipper) Review of WAN Optimization Device Configurations (Nipper) Review of Firewall & VPN Configuration (Nipper) 11
12 Perimeter Security An assessment of architecture, security, and resiliency of the network at the outer most logical layer the separation of external and internal Externally Facing Firewall Global Comm. Wide Area Network IDS/IPS ISP Connectivity 12
13 Key Review Areas Governance, Policies, Procedures Topology & Placement of Devices Configuration Review of Firewalls and Routers Review of Resiliency and DR capabilities Network Intrusion Identification & Response Logging & Monitoring of Firewalls, IDS, and Web-Proxy Devices 13
14 Governance Review Objective: To ensure processes have been established to govern the management of network security 14
15 Policy, Procedures, & Standards Review Objective: Policies, Procedures, & Standards are appropriately established to govern all devices, systems, applications, and users contributing to network security Device Hardening Logging & Monitoring Information Security Availability Security Monitoring Access Control BCP& DR Budget & Cost Share Resiliency & High Availability Third Party Governance Steering 15
16 Network Security Architecture Architecture - Ingress and Egress Filtering Internet (untrusted) Semi-Trusted Internal Network Slide 16
17 Network Security Architecture Architecture - Segmentation Internet (untrusted) Web Tier Application Tier Database Tier Internal Network Internal DMZ Slide 17
18 Key Technical Review Areas Application Layer Definition: This layer supports application and end-user processes Areas & Services: FTP (21) SSH (22) Telnet (23) Mail (25) TFTP (69) Finger (79) Kerberos (88) Microsoft ( , 445) POP3 (110) SUNRPC (111) CheckPoint (264) LDAP (389) Syslog (514) DB2 (523) IMAP (993) Lotus Notes (1352) MSSQL ( ) Oracle (1521, 66) MS-RDP (3389) pcanywhere (5631) VNC (5800, 5900) X Windows (6000, 6001) IRC ( ) 18
19 Key Review Areas Network Layer Definition: This layer provides switching and routing technologies, creating logical paths for transmitting data from node to node. Routing and forwarding are functions of this layer, as well as addressing, internetworking, error handling, congestion control and packet sequencing. Areas & Services: IPv4 ICMP Ipsec ARP Route Authentication Subnet Traffic Control Logical Physical Addressing External Routing Protocols Internal Routing Protocols 19
20 Key Review Areas Data Link Layer Definition: The Data Link layer is concerned with moving data across the physical links in the network. Areas & Services: ATM Frame Relay MPLS VPN Spoofing MAC Attacks DHCP Attacks VLAN Hopping 20
21 Key Review Areas - VLAN Hopping ATM Frame Relay MPLS VPN Spoofing MAC Attacks DHCP Attacks VLAN Hopping 21
22 Key Review Areas - VLAN Hopping Defense ATM Frame Relay MPLS VPN Spoofing MAC Attacks DHCP Attacks VLAN Hopping Configure the switch s edge ports to accept only untagged packets 22
23 Key Review Areas - Firewall Concepts Remark Purpose Administrator Date Modified/Reviewed Rule Ideal Firewall Rule ACL Permit/Deny Source Destination Service/Port Stateful Firewall - A dynamic or "stateful" packet inspection firewall maintains a table of active TCP sessions and UDP "pseudo" sessions. Each entry records the session's source and destination IP address and port numbers, and the current TCP sequence number. Page 23
24 Key Review Areas - Firewall Ruleset What to look for: - Weak filtering of source - Weak filtering of destination - Unnecessary or excessive services/ports - Inadequate logging of rules - Duplicate/deprecated/shadowed rules Slide 24
25 Key Technical Review Areas AAA EIGRP BGP Authentication Method for OSPF identifying users: logon, password RIPv2 Authorization Method for remote access control (RADIUS or TACAS+) Accounting Method for collecting and sending security server information for auditing and reporting OSPF/RIPv2 25
26 Key Review Areas - Logging and Monitoring What is the Level of logging enabled on the networking device? Is network latency and other network monitoring also enabled? Logging should be enabled on network devices. They should log successful and failed logins to the network. Logs must be audited for them to be useful. Auditing periodically can help find suspicious activity prior to a fully fledged attack takes place. They should send alerts when suspicious activity is noticed and admins should respond in a timely manner. Slide 26
27 Key Review Areas VPN Solutions VPN Services - Provides mechanism for staff to connect to local area network from Internet - Can also use to uplink vendors to key positions on network - Analysis includes: Verifying proper access control being performed Strong methods of authentication in place - Some workprograms exist, but depends on which solution selected - Two primary competing technology platforms (SSL vs. IPSec) Slide 27
28 Key Review Areas - VPN Overview Slide 28
29 Nipper 29
30 Nipper Overview How does Titatnia describe themselves? Security Audit Software - Tool that analyzes network devices native configurations and produces audit style reports How can benefit from Nipper Studio? As a tool to standardize the configuration review of multiple devices and platforms, allowing us to deliver consistent and credible analysis to the client How does utilize the capabilities and features of Nipper Studio? Network Device Configuration Review Firewall Configuration Review Router/Switch/WAP Configuration Review 30
31 Where is the value? Consistent Process: Allows to maintain a similar approach for each client engagement Efficiently streamlines work load Tool is designed to analyze the configuration files for network devices so that we can spend more time analyzing the results Identification of Issues Allows us to fully understand the types of issues the organization is facing (i.e. Patch Management, Access Control, Authentication, etc.) Provides us the platform to provide our value Any organization can purchase Nipper and run the tool They hire for our ability to determine the root causes or potential issues based upon our analysis of the findings 31
32 Prior Audits and Workprograms Workprogram detailing the controls, findings, and recommendations for issues discovered through scan. 32
33 Prior Audits and Workprograms Issues & Action Plan based upon the issues discovered through analysis of Nipper Report 33
34 Nipper Tool The home screen of Nipper Studio: New Report Settings Licenses Tutorials Help Supported Devices Local Area Network Key Takeaway: Very simple user interface with minimal amount of overhead 34
35 Nipper Tool Local Area Network Ways to add a configuration file: Add File / Add Directory / Add Network 35
36 Nipper Tool Local Area Network What kind of reports is Nipper able to produce? Security Audit Vulnerability Audit, STIG Compliance, SANS Policy Compliance, PCI Compliance Audit, Filtering Complexity, Configuration Report, Raw Configuration Appendix 36
37 Nipper Tool Report for Router/Switch Config Local Area Network What is the foundation for a Nipper report? Issue Finding Impact Ease - Recommendation Ratings: Critical/High/Medium/Low/Info: (Impact) Trivial/Easy/Moderate/Challenge/N/A (Ease) Involved/Planned/Quick (Fix) 37
38 Nipper Tool Local Area Network 38
39 Nipper Tool Local Area Network 39
40 Nipper Tool Local Area Network 40
41 DEMO! Local Area Network 41
42 What does this all mean for us? Nipper is an easy to use tool However this powerful tool allows us to build upon our service offerings and offer the client quality analysis and deliverables Increases our understanding of the client environment which can lead to additional client opportunities (i.e. Developing a patch management program) Increases your ability to understand and comprehend the issues that organizations face in safeguarding their networks and processes Finally, this is just one of the ways we are able to sell our brand and maintain/create new relationships with clients! 42
43 AlgoSec June
44 What is AlgoSec Firewall Analyzer? Analyzes firewall configurations and produces risk reports Maps out network topology Cross references results with compliance and risk issues Can monitor groups of firewalls in real time Server based June
45 Value added features - General benefits Consistency: can easily leverage the same process across multiple engagements Efficiency: using AlgoSec to analyze the configurations and relationships between the rules can bring issues to the analyst s attention quicker Increased visibility: it can provide us with insight into the client s network topology to leverage on other engagements June
46 Value added features - Deep risk analysis Maps network topology: AlgoSec builds an interactive map of the different networking devices Risk Based Analysis: Identifies and ranks threats based on industry leading practices Prioritization: findings are categorized according to risk when presenting them to the analyst Remediation: output contains proposed solutions and vendor-specific configuration changes June
47 Value added features network topology ex June
48 Value added features compliance reporting PCI-DSS SOX AlgoSec ISO 27000/1 J-SOXA Compliance Reports BASEL-II Internal Standards 48
49 Value added features compliance reporting ex. June
50 Value added features - Aware of tiering/hierarchy Analyzes group hierarchy: accounts for the relationship between firewalls and their relative positions on the network when determining the risk of a finding Firewall zoning: the user can define zones and trust relationships June
51 Value added features metrics/dashboard Dashboard tracks changes, connections, rules, etc. June
52 How does use it? Network Assessments Engagements Firewall Review Vulnerability Assessments June
53 How does use it? Prior Workprograms Spreadsheet detailing configuration findings June
54 How do clients use it? Operations testing and deployment Client Value Alert and monitoring Internal testing June
55 AlgoSec Firewall Analyzer Demo! June
56 Questions, Comments, Concerns, and Applause The information contained in this document is shared as a matter of courtesy and for information or interest only. has exercised reasonable professional care and diligence in the collection, processing, and reporting of this information. However, data used may be from third-party sources and has not independently verified, validated, or audited such data. does not warrant or assume any legal liability or responsibility for the accuracy, adequacy, completeness, availability and/or usefulness of any data, information, product, or process disclosed in this document; and is not responsible for any errors or omissions or for the results obtained from the use of such information. gives no express or implied warranties, including, but not limited to, warranties or merchantability or fitness for a particular purpose or use. In no event shall be liable for any indirect, special, or consequential damages in connection with use of this document or its content. Information presented herein by a third party is not authored, edited or reviewed by and is not endorsing third parties or their views. Reproduction of this document or recording of its presentation, in whole or in part, in any form, is prohibited except with the prior written permission of. Before making any decision or taking any action, you should consult a competent professional adviser PricewaterhouseCoopers LLP. All rights reserved. In this document, refers to PricewaterhouseCoopers LLP which is a member firm of PricewaterhouseCoopers International Limited, each member firm of which is a separate legal entity.
A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.
A firewall is a software- or hardware-based network security system that allows or denies network traffic according to a set of rules. Firewalls can be categorized by their location on the network: A network-based
More informationFirewalls and VPNs. Principles of Information Security, 5th Edition 1
Firewalls and VPNs Principles of Information Security, 5th Edition 1 Learning Objectives Upon completion of this material, you should be able to: Understand firewall technology and the various approaches
More informationSecurity Technology: Firewalls and VPNs
Security Technology: Firewalls and VPNs 1 Learning Objectives Understand firewall technology and the various approaches to firewall implementation Identify the various approaches to remote and dial-up
More informationImplementing Secured Converged Wide Area Networks (ISCW) Version 1.0
COURSE OVERVIEW Implementing Secure Converged Wide Area Networks (ISCW) v1.0 is an advanced instructor-led course that introduces techniques and features that enable or enhance WAN and remote access solutions.
More informationSonicWALL PCI 1.1 Implementation Guide
Compliance SonicWALL PCI 1.1 Implementation Guide A PCI Implementation Guide for SonicWALL SonicOS Standard In conjunction with ControlCase, LLC (PCI Council Approved Auditor) SonicWall SonicOS Standard
More information8. Firewall Design & Implementation
DMZ Networks The most common firewall environment implementation is known as a DMZ, or DeMilitarized Zone network. A DMZ network is created out of a network connecting two firewalls; i.e., when two or
More informationAchieving PCI-Compliance through Cyberoam
White paper Achieving PCI-Compliance through Cyberoam The Payment Card Industry (PCI) Data Security Standard (DSS) aims to assure cardholders that their card details are safe and secure when their debit
More informationREDSEAL NETWORKS SOLUTION BRIEF. Proactive Network Intelligence Solutions For PCI DSS Compliance
REDSEAL NETWORKS SOLUTION BRIEF Proactive Network Intelligence Solutions For PCI DSS Compliance Overview PCI DSS has become a global requirement for all entities handling cardholder data. A company processing,
More informationCisco ASA. Administrators
Cisco ASA for Accidental Administrators Version 1.1 Corrected Table of Contents i Contents PRELUDE CHAPTER 1: Understanding Firewall Fundamentals What Do Firewalls Do? 5 Types of Firewalls 6 Classification
More informationIP Networking. Overview. Networks Impact Daily Life. IP Networking - Part 1. How Networks Impact Daily Life. How Networks Impact Daily Life
Overview Dipl.-Ing. Peter Schrotter Institute of Communication Networks and Satellite Communications Graz University of Technology, Austria Fundamentals of Communicating over the Network Application Layer
More informationTECHNICAL NOTE 01/02 PROTECTING YOUR COMPUTER NETWORK
TECHNICAL NOTE 01/02 PROTECTING YOUR COMPUTER NETWORK 2002 This paper was previously published by the National Infrastructure Security Co-ordination Centre (NISCC) a predecessor organisation to the Centre
More informationLumeta IPsonar. Active Network Discovery, Mapping and Leak Detection for Large Distributed, Highly Complex & Sensitive Enterprise Networks
IPsonar provides visibility into every IP asset, host, node, and connection on the network, performing an active probe and mapping everything that's on the network, resulting in a comprehensive view of
More informationExecutive Summary and Purpose
ver,1.0 Hardening and Securing Opengear Devices Copyright Opengear Inc. 2013. All Rights Reserved. Information in this document is subject to change without notice and does not represent a commitment on
More informationRecommended IP Telephony Architecture
Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings
More informationFIREWALLS & CBAC. philip.heimer@hh.se
FIREWALLS & CBAC philip.heimer@hh.se Implementing a Firewall Personal software firewall a software that is installed on a single PC to protect only that PC All-in-one firewall can be a single device that
More informationCISCO IOS NETWORK SECURITY (IINS)
CISCO IOS NETWORK SECURITY (IINS) SEVENMENTOR TRAINING PVT.LTD [Type text] Exam Description The 640-553 Implementing Cisco IOS Network Security (IINS) exam is associated with the CCNA Security certification.
More informationComputer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1
Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls CS426 Fall 2010/Lecture 36 1 Announcements There will be a quiz on Wed There will be a guest lecture on Friday, by Prof. Chris Clifton
More informationCyber Essentials. Test Specification
Cyber Essentials Test Specification Contents Scope of the Audit...2 Assumptions...3 Success Criteria...3 External systems...4 Required tests...4 Test Details...4 Internal systems...7 Tester pre-requisites...8
More information642 523 Securing Networks with PIX and ASA
642 523 Securing Networks with PIX and ASA Course Number: 642 523 Length: 1 Day(s) Course Overview This course is part of the training for the Cisco Certified Security Professional and the Cisco Firewall
More information74% 96 Action Items. Compliance
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated
More informationNetwork Virtualization Network Admission Control Deployment Guide
Network Virtualization Network Admission Control Deployment Guide This document provides guidance for enterprises that want to deploy the Cisco Network Admission Control (NAC) Appliance for their campus
More informationFirewall Introduction Several Types of Firewall. Cisco PIX Firewall
Firewall Introduction Several Types of Firewall. Cisco PIX Firewall What is a Firewall? Non-computer industries: a wall that controls the spreading of a fire. Networks: a designed device that controls
More informationINTRODUCTION TO FIREWALL SECURITY
INTRODUCTION TO FIREWALL SECURITY SESSION 1 Agenda Introduction to Firewalls Types of Firewalls Modes and Deployments Key Features in a Firewall Emerging Trends 2 Printed in USA. What Is a Firewall DMZ
More informationFirewalls. CEN 448 Security and Internet Protocols Chapter 20 Firewalls
CEN 448 Security and Internet Protocols Chapter 20 Firewalls Dr. Mostafa Hassan Dahshan Computer Engineering Department College of Computer and Information Sciences King Saud University mdahshan@ccis.ksu.edu.sa
More informationGovernment of Canada Managed Security Service (GCMSS) Annex A-1: Statement of Work - Firewall
Government of Canada Managed Security Service (GCMSS) Date: July 12, 2012 TABLE OF CONTENTS 1 FIREWALL... 1 1.1 SECURITY...1 1.2 STANDARDS...1 1.3 FAILOVER...2 1.4 PERFORMANCE...3 1.5 REPORTING...3 1.6
More informationInternet Firewall CSIS 4222. Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS 4222. net15 1. Routers can implement packet filtering
Internet Firewall CSIS 4222 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 27: Internet Routing Ch 30: Packet filtering & firewalls
More informationIndustrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationChapter 1 The Principles of Auditing 1
Chapter 1 The Principles of Auditing 1 Security Fundamentals: The Five Pillars Assessment Prevention Detection Reaction Recovery Building a Security Program Policy Procedures Standards Security Controls
More informationINTRUSION DETECTION SYSTEMS and Network Security
INTRUSION DETECTION SYSTEMS and Network Security Intrusion Detection System IDS A layered network security approach starts with : A well secured system which starts with: Up-to-date application and OS
More informationPROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES
PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES Shirley Radack, Editor Computer Security Division Information Technology Laboratory National Institute
More informationFirewalls. Chapter 3
Firewalls Chapter 3 1 Border Firewall Passed Packet (Ingress) Passed Packet (Egress) Attack Packet Hardened Client PC Internet (Not Trusted) Hardened Server Dropped Packet (Ingress) Log File Internet Border
More informationThis chapter covers the following topics:
This chapter covers the following topics: Components of SAFE Small Network Design Corporate Internet Module Campus Module Branch Versus Headend/Standalone Considerations for Small Networks C H A P T E
More informationConsiderations In Developing Firewall Selection Criteria. Adeptech Systems, Inc.
Considerations In Developing Firewall Selection Criteria Adeptech Systems, Inc. Table of Contents Introduction... 1 Firewall s Function...1 Firewall Selection Considerations... 1 Firewall Types... 2 Packet
More informationFirewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA
Firewalls Securing Networks Chapter 3 Part 1 of 4 CA M S Mehta, FCA 1 Firewalls Learning Objectives Task Statements 1.3 Recognise function of Telecommunications and Network security including firewalls,..
More informationACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0
ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0 Module 1: Vulnerabilities, Threats, and Attacks 1.1 Introduction to Network Security
More informationOverview. Firewall Security. Perimeter Security Devices. Routers
Overview Firewall Security Chapter 8 Perimeter Security Devices H/W vs. S/W Packet Filtering vs. Stateful Inspection Firewall Topologies Firewall Rulebases Lecturer: Pei-yih Ting 1 2 Perimeter Security
More informationNEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus
NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus CSCI - 440 Network Security and Perimeter Protection 3-0-3 CATALOG DESCRIPTION This
More informationCornerstones of Security
Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to
More informationIntro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved.
Intro to NSX Network Virtualization 2014 VMware Inc. All rights reserved. Agenda Introduction NSX Overview Details: Microsegmentation NSX Operations More Information SDDC/Network Virtualization Security
More informationState of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD005.001. Effective Date: April 7, 2005
State of New Mexico Statewide Architectural Configuration Requirements Title: Network Security Standard S-STD005.001 Effective Date: April 7, 2005 1. Authority The Department of Information Technology
More informationCisco Certified Security Professional (CCSP)
529 Hahn Ave. Suite 101 Glendale CA 91203-1052 Tel 818.550.0770 Fax 818.550.8293 www.brandcollege.edu Cisco Certified Security Professional (CCSP) Program Summary This instructor- led program with a combination
More informationSecuring E-Commerce. Agenda. The Security Problem IC Security: Key Elements Designing and Implementing. 3203 1346_06_2000_c1_sec3
Securing E-Commerce 1 Agenda The Security Problem IC Security: Key Elements Designing and Implementing 2 The Security Dilemma Internet Business Value Internet Access Corporate Intranet Internet Presence
More informationNetwork Security Administrator
Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze
More informationAutomate PCI Compliance Monitoring, Investigation & Reporting
Automate PCI Compliance Monitoring, Investigation & Reporting Reducing Business Risk Standards and compliance are all about implementing procedures and technologies that reduce business risk and efficiently
More informationAppendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003
http://technet.microsoft.com/en-us/library/cc757501(ws.10).aspx Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003 Updated: October 7, 2005 Applies To: Windows Server 2003 with
More informationChapter 4: Security of the architecture, and lower layer security (network security) 1
Chapter 4: Security of the architecture, and lower layer security (network security) 1 Outline Security of the architecture Access control Lower layer security Data link layer VPN access Wireless access
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 6 Network Security Objectives List the different types of network security devices and explain how they can be used Define network
More informationMarch 2012 www.tufin.com
SecureTrack Supporting Compliance with PCI DSS 2.0 March 2012 www.tufin.com Table of Contents Introduction... 3 The Importance of Network Security Operations... 3 Supporting PCI DSS with Automated Solutions...
More informationPayment Card Industry (PCI) Data Security Standard ROC Reporting Instructions for PCI DSS v2.0
Payment Card Industry (PCI) Data Security Standard ROC Reporting Instructions for PCI DSS v2.0 September 2011 Changes Date September 2011 Version Description 1.0 To introduce PCI DSS ROC Reporting Instructions
More informationChapter 9 Firewalls and Intrusion Prevention Systems
Chapter 9 Firewalls and Intrusion Prevention Systems connectivity is essential However it creates a threat Effective means of protecting LANs Inserted between the premises network and the to establish
More informationNetworking Technology Online Course Outline
Networking Technology Online Course Outline Introduction Networking Technology Introduction Welcome to InfoComm University About InfoComm International About Networking Technology Network Technology Course
More informationNetwork Access Security. Lesson 10
Network Access Security Lesson 10 Objectives Exam Objective Matrix Technology Skill Covered Exam Objective Exam Objective Number Firewalls Given a scenario, install and configure routers and switches.
More information"Charting the Course...
Description "Charting the Course... Course Summary Interconnecting Cisco Networking Devices: Accelerated (CCNAX), is a course consisting of ICND1 and ICND2 content in its entirety, but with the content
More informationFIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.
1. Obtain previous workpapers/audit reports. FIREWALL CHECKLIST Pre Audit Checklist 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 3. Obtain current network diagrams
More informationDeveloping Network Security Strategies
NETE-4635 Computer Network Analysis and Design Developing Network Security Strategies NETE4635 - Computer Network Analysis and Design Slide 1 Network Security Design The 12 Step Program 1. Identify network
More information(d-5273) CCIE Security v3.0 Written Exam Topics
(d-5273) CCIE Security v3.0 Written Exam Topics CCIE Security v3.0 Written Exam Topics The topic areas listed are general guidelines for the type of content that is likely to appear on the exam. Please
More information642 552 Securing Cisco Network Devices (SND)
642 552 Securing Cisco Network Devices (SND) Course Number: 642 552 Length: 1 Day(s) Course Overview This course is part of the training for the Cisco Certified Security Professional, Cisco Firewall Specialist,
More informationThe Bomgar Appliance in the Network
The Bomgar Appliance in the Network The architecture of the Bomgar application environment relies on the Bomgar Appliance as a centralized routing point for all communications between application components.
More informationBest Practices for PCI DSS V3.0 Network Security Compliance
Best Practices for PCI DSS V3.0 Network Security Compliance January 2015 www.tufin.com Table of Contents Preparing for PCI DSS V3.0 Audit... 3 Protecting Cardholder Data with PCI DSS... 3 Complying with
More informationCCNA Security. IINS v2.0 Implementing Cisco IOS Network Security (640-554)
CCNA Security Öngereksinimler: CCNA http://www.cliguru.com/ccna Kurs Tanımı: CCNA Security network'ün temellerini anlamış olan katılımcılara network güvenliği hakkında temel bilgi sağlamaya yönelik hazırlanmış
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design Learning Objectives Identify common misconceptions about firewalls Explain why a firewall
More informationIBM. Vulnerability scanning and best practices
IBM Vulnerability scanning and best practices ii Vulnerability scanning and best practices Contents Vulnerability scanning strategy and best practices.............. 1 Scan types............... 2 Scan duration
More informationImplementing Cisco IOS Network Security
Implementing Cisco IOS Network Security IINS v3.0; 5 Days, Instructor-led Course Description Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles
More informationHow To Learn Cisco Cisco Ios And Cisco Vlan
Interconnecting Cisco Networking Devices: Accelerated Course CCNAX v2.0; 5 Days, Instructor-led Course Description Interconnecting Cisco Networking Devices: Accelerated (CCNAX) v2.0 is a 60-hour instructor-led
More informationLab 5.5.3 Developing ACLs to Implement Firewall Rule Sets
Lab 5.5.3 Developing ACLs to Implement Firewall Rule Sets All contents are Copyright 1992 2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 8 Device Interface
More informationCisco Certified Network Associate Exam. Operation of IP Data Networks. LAN Switching Technologies. IP addressing (IPv4 / IPv6)
Cisco Certified Network Associate Exam Exam Number 200-120 CCNA Associated Certifications CCNA Routing and Switching Operation of IP Data Networks Operation of IP Data Networks Recognize the purpose and
More informationCH ENSA EC-Council Network Security Administrator Detailed Course Outline
CH ENSA EC-Council Network Security Administrator Detailed Course Outline Summary Duration Vendor Audience 5 Days hands-on training EC-Council Security Professionals Level Technology Category Advance Ethical
More informationFirewalls. Test your Firewall knowledge. Test your Firewall knowledge (cont) (March 4, 2015)
s (March 4, 2015) Abdou Illia Spring 2015 Test your knowledge Which of the following is true about firewalls? a) A firewall is a hardware device b) A firewall is a software program c) s could be hardware
More informationWe will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall
Chapter 10 Firewall Firewalls are devices used to protect a local network from network based security threats while at the same time affording access to the wide area network and the internet. Basically,
More informationHow NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements
How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements I n t r o d u c t i o n The Payment Card Industry Data Security Standard (PCI DSS) was developed in 2004 by the PCI Security Standards
More informationENTERPRISE IT SECURITY ARCHITECTURE SECURITY ZONES: NETWORK SECURITY ZONE STANDARDS. Version 2.0
ENTERPRISE IT SECURITY ARCHITECTURE SECURITY ZONES: NETWORK SECURITY ZONE STANDARDS Version 2.0 July 20, 2012 Table of Contents 1 Foreword... 1 2 Introduction... 1 2.1 Classification... 1 3 Scope... 1
More informationOutline VLAN. Inter-VLAN communication. Layer-3 Switches. Spanning Tree Protocol Recap
Outline Network Virtualization and Data Center Networks 263-3825-00 DC Virtualization Basics Part 2 Qin Yin Fall Semester 2013 More words about VLAN Virtual Routing and Forwarding (VRF) The use of load
More informationLecture 23: Firewalls
Lecture 23: Firewalls Introduce several types of firewalls Discuss their advantages and disadvantages Compare their performances Demonstrate their applications C. Ding -- COMP581 -- L23 What is a Digital
More informationFirewall Defaults and Some Basic Rules
Firewall Defaults and Some Basic Rules ProSecure UTM Quick Start Guide This quick start guide provides the firewall defaults and explains how to configure some basic firewall rules for the ProSecure Unified
More informationGuideline on Firewall
CMSGu2014-02 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Firewall National Computer Board Mauritius Version 1.0 June
More informationEC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led
EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led Certification: ENSA Exam 312-38 Course Description This course looks at the network security in defensive view.
More informationREDCENTRIC MANAGED FIREWALL SERVICE DEFINITION
REDCENTRIC MANAGED FIREWALL SERVICE DEFINITION SD007 V4.1 Issue Date 04 July 2014 1) SERVICE OVERVIEW 1.1) SERVICE OVERVIEW Redcentric s managed firewall service (MFS) is based on a hardware firewall appliance
More informationNetwork Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting
Network Security: 30 Questions Every Manager Should Ask Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting Network Security: 30 Questions Every Manager/Executive Must Answer in Order
More informationJK0-022 CompTIA Academic/E2C Security+ Certification Exam CompTIA
JK0-022 CompTIA Academic/E2C Security+ Certification Exam CompTIA To purchase Full version of Practice exam click below; http://www.certshome.com/jk0-022-practice-test.html FOR CompTIA JK0-022 Exam Candidates
More information1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network
WP 1004HE Part 5 1. Cyber Security White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network Table of Contents 1. Cyber Security... 1 1.1 What
More informationSecure Networks for Process Control
Secure Networks for Process Control Leveraging a Simple Yet Effective Policy Framework to Secure the Modern Process Control Network An Enterasys Networks White Paper There is nothing more important than
More informationHow To Pass A Credit Course At Florida State College At Jacksonville
Form 2A, Page 1 FLORIDA STATE COLLEGE AT JACKSONVILLE COLLEGE CREDIT COURSE OUTLINE COURSE NUMBER: CTS 2658 COURSE TITLE: PREREQUISITE(S): COREQUISITE(S): Managing Network Security CNT 2210 with grade
More informationFirewall Security. Presented by: Daminda Perera
Firewall Security Presented by: Daminda Perera 1 Firewalls Improve network security Cannot completely eliminate threats and a=acks Responsible for screening traffic entering and/or leaving a computer network
More informationCCT vs. CCENT Skill Set Comparison
Operation of IP Data Networks Recognize the purpose and functions of various network devices such as Routers, Switches, Bridges and Hubs Select the components required to meet a given network specification
More informationHP VSR1000 Virtual Services Router Series
Data sheet HP VSR1000 Virtual Services Router Series Key features Virtualized enterprise-class x86 routing software Firewall, IPSec, and MPLS VPN security Agile deployments across the branch office, data
More informationBasic Network Configuration
Basic Network Configuration 2 Table of Contents Basic Network Configuration... 25 LAN (local area network) vs WAN (wide area network)... 25 Local Area Network... 25 Wide Area Network... 26 Accessing the
More informationWhat is a Firewall? Computer Security. Firewalls. What is a Firewall? What is a Firewall?
What is a Firewall? Computer Security Firewalls fire wall 1 : a wall constructed to prevent the spread of fire 2 usually firewall : a computer or computer software that prevents unauthorized access to
More informationConfiguring the Transparent or Routed Firewall
5 CHAPTER This chapter describes how to set the firewall mode to routed or transparent, as well as how the firewall works in each firewall mode. This chapter also includes information about customizing
More informationCisco Discovery 3: Introducing Routing and Switching in the Enterprise 157.8 hours teaching time
Essential Curriculum Computer Networking II Cisco Discovery 3: Introducing Routing and Switching in the Enterprise 157.8 hours teaching time Chapter 1 Networking in the Enterprise-------------------------------------------------
More informationCisco CCNP 642 825 Implementing Secure Converged Wide Area Networks (ISCW)
Cisco CCNP 642 825 Implementing Secure Converged Wide Area Networks (ISCW) Course Number: 642 825 Length: 5 Day(s) Certification Exam This course will help you prepare for the following exam: Cisco CCNP
More informationOLD DOMINION UNIVERSITY 4.3.4.1 - Firewall Best Practices (last updated: 20080303)
OLD DOMINION UNIVERSITY 4.3.4.1 - Firewall Best Practices (last updated: 20080303) Introduction One of the information technology priorities for Old Dominion University (ODU) is to provide and maintain
More informationInterconnecting Cisco Networking Devices Part 2
Interconnecting Cisco Networking Devices Part 2 Course Number: ICND2 Length: 5 Day(s) Certification Exam This course will help you prepare for the following exam: 640 816: ICND2 Course Overview This course
More informationFirewall Environments. Name
Complliiance Componentt DEEFFI INITION Description Rationale Firewall Environments Firewall Environment is a term used to describe the set of systems and components that are involved in providing or supporting
More informationBasics of Internet Security
Basics of Internet Security Premraj Jeyaprakash About Technowave, Inc. Technowave is a strategic and technical consulting group focused on bringing processes and technology into line with organizational
More informationNETWORK SECURITY (W/LAB) Course Syllabus
6111 E. Skelly Drive P. O. Box 477200 Tulsa, OK 74147-7200 NETWORK SECURITY (W/LAB) Course Syllabus Course Number: NTWK-0008 OHLAP Credit: Yes OCAS Code: 8131 Course Length: 130 Hours Career Cluster: Information
More informations@lm@n CompTIA Exam N10-006 CompTIA Network+ certification Version: 5.1 [ Total Questions: 1146 ]
s@lm@n CompTIA Exam N10-006 CompTIA Network+ certification Version: 5.1 [ Total Questions: 1146 ] Topic break down Topic No. of Questions Topic 1: Network Architecture 183 Topic 2: Network Operations 149
More informationHANDBOOK 8 NETWORK SECURITY Version 1.0
Australian Communications-Electronic Security Instruction 33 (ACSI 33) Point of Contact: Customer Services Team Phone: 02 6265 0197 Email: assist@dsd.gov.au HANDBOOK 8 NETWORK SECURITY Version 1.0 Objectives
More informationCS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013
CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access
More informationIINS Implementing Cisco Network Security 3.0 (IINS)
IINS Implementing Cisco Network Security 3.0 (IINS) COURSE OVERVIEW: Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles and technologies, using
More informationNetzwerkvirtualisierung? Aber mit Sicherheit!
Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction
More information