Network Architecture & Topology



Similar documents
Where do you Install Cyber Predator on your Network so you can collect all the data packets?

SE 4C03 Winter 2005 An Introduction of Firewall Architectures and Functions. Kevin Law 26 th March,

Active Defense and Prevention

CMPT 471 Networking II

What would you like to protect?

Nuclear Plant Information Security A Management Overview

Chapter 20 Firewalls. Cryptography and Network Security Chapter 22. What is a Firewall? Introduction 4/19/2010

Enabling NAT and Routing in DGW v2.0 June 6, 2012

Lab Developing ACLs to Implement Firewall Rule Sets

Chapter 11 Cloud Application Development

Firewalls CSCI 454/554

IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT

Polycom. RealPresence Ready Firewall Traversal Tips

ISERink Overview. Version 1.1. February 1, 2015

HOSTED VOICE Bring Your Own Bandwidth & Remote Worker. Install and Best Practices Guide

12. Firewalls Content

FIREWALLS & CBAC. philip.heimer@hh.se

How To Extend Security Policies To Public Clouds

Vocia MS-1 Network Considerations for VoIP. Vocia MS-1 and Network Port Configuration. VoIP Network Switch. Control Network Switch

Firewalls. Mahalingam Ramkumar

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Hosted Voice. Best Practice Recommendations for VoIP Deployments

Overview. Firewall Security. Perimeter Security Devices. Routers

Internet Security Firewalls

Extending Networking to Fit the Cloud

Implementing VoIP monitoring solutions. Deployment note

Using Remote Desktop Software with the LAN-Cell

Planning for Information Network

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

The Network Layer Functions: Congestion Control

Troubleshooting and Maintaining Cisco IP Networks Volume 1

Computer Networking. Definitions. Introduction

Firewall Environments. Name

CompTIA Exam N CompTIA Network+ certification Version: 5.1 [ Total Questions: 1146 ]

SYMETRIX SOLUTIONS: TECH TIP April 2014

Lab Configuring Access Policies and DMZ Settings

Internet Security Firewalls

Firewalls. ITS335: IT Security. Sirindhorn International Institute of Technology Thammasat University ITS335. Firewalls. Characteristics.

Firewalls. Contents. ITS335: IT Security. Firewall Characteristics. Types of Firewalls. Firewall Locations. Summary

Configuration Example

Configuring DHCP Snooping

ICS 351: Today's plan. IP addresses Network Address Translation Dynamic Host Configuration Protocol Small Office / Home Office configuration

Deploying Firewalls Throughout Your Organization

8. Firewall Design & Implementation

SIP, Security and Session Border Controllers

COMPUTER NETWORKS - LAN Interconnection

NComputing L-Series LAN Deployment

White Paper Copyright 2011 Nomadix, Inc. All Rights Reserved. Thursday, January 05, 2012

Vladimir Yordanov Director of Technology F5 Networks, Asia Pacific Developments in Web Application and Cloud Security

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

ForeScout CounterACT. Device Host and Detection Methods. Technology Brief

SETTING UP REMOTE ACCESS ON EYEMAX PC BASED DVR.

Cisco AnyConnect Secure Mobility Solution Guide

Com.X IP PBX The complete communications solution in a box

Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme. Firewall

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

Basic Networking Concepts. 1. Introduction 2. Protocols 3. Protocol Layers 4. Network Interconnection/Internet

packet retransmitting based on dynamic route table technology, as shown in fig. 2 and 3.

White Paper How to Remotely Access Ethernet I/O Over the Internet

Understanding VLAN Translation/Rewrites using Switches and Routers

Cisco Which VPN Solution is Right for You?

Linux firewall. Need of firewall Single connection between network Allows restricted traffic between networks Denies un authorized users

Tech-Note Bridges Vs Routers Version /06/2009. Bridges Vs Routers

2.0 Dual WAN Select Dual-WAN, you will see the following screen shot, Figure 0.1(Dual-WAN Screen Shot) Figure 0.1(Dual-WAN Screen Shot)

Chapter 3 Security and Firewall Protection

DEPLOYMENT GUIDE Version 1.1. DNS Traffic Management using the BIG-IP Local Traffic Manager

CSCI Firewalls and Packet Filtering

Figure 41-1 IP Filter Rules

Firewalls. Ahmad Almulhem March 10, 2012

SECURITY POLICY MANAGEMENT ACROSS THE NEXT GENERATION DATA CENTER

5.0 Network Architecture. 5.1 Internet vs. Intranet 5.2 NAT 5.3 Mobile Network

Enterprise VoIP Services over Mobile Ad-Hoc Technologies

Configuring the Transparent or Routed Firewall

LinkProof And VPN Load Balancing

FTP e TFTP. File transfer protocols PSA1

2. What is the maximum value of each octet in an IP address? A. 28 B. 255 C. 256 D. None of the above

Computer Security: Principles and Practice

Distributed Systems. Firewalls: Defending the Network. Paul Krzyzanowski

Security appliances with integrated switch- Even more secure and more cost effective

Using VDOMs to host two FortiOS instances on a single FortiGate unit

Chapter 9 Firewalls and Intrusion Prevention Systems

PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES

Computer Security DD2395

Understand SIP trunk and registration in DWG gateway Version: 1.0 Dinstar Technologies Co., Ltd. Date:

Network Services Internet VPN

MikroTik Training Module Understanding VLAN Translation/Rewrites using Switches and Routers

Endpoint Based Policy Management: The Road Ahead

Remote Desktop Gateway. Accessing a Campus Managed Device (Windows Only) from home.

Multi-Homing Security Gateway

Securing Virtualization with Check Point and Consolidation with Virtualized Security

1:1 NAT in ZeroShell. Requirements. Overview. Network Setup

The Internet of Things (IoT) and Industrial Networks. Guy Denis Rockwell Automation Alliance Manager Europe 2015

REMOTE ASSISTANCE SOLUTIONS Private Server

Overview - Using ADAMS With a Firewall

Introduction. What is a Remote Console? What is the Server Service? A Remote Control Enabled (RCE) Console

Overview - Using ADAMS With a Firewall

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

Knowledgebase Solution

Configuring Personal Firewalls and Understanding IDS. Securing Networks Chapter 3 Part 2 of 4 CA M S Mehta, FCA

Transcription:

Network Architecture & Topology Coleman Kane Coleman.Kane@ge.com August 25, 2014 Cyber Defense Overview Network Architecture & Topology 1 / 12

For the sake of this course, we will focus on switched (or bridged) networksdesigned to the "Star" topology. 99% of networks you will encounter are Star-topology networks, and this course is intended to be an overview of cyber defense principles to apply in design and analysis of networks. Cyber Defense Overview Network Architecture & Topology 2 / 12

Key device terms to be used in this course Bridge Interconnects multiple devices, enabling them to communicate directly with one another on a common network. Router "A router is used to route data packets between two networks."[2] Firewall "Firewalls are mainly used as a means to protect an organization s internal network from those on the outside (internet)." "Firewalls are also used to limit the access of individuals on the internal network to services on the internet along with keeping track of what is done through the firewall."[1] Cyber Defense Overview Network Architecture & Topology 3 / 12

Key device terms to be used in this course Server A device installed on the network which is providing resources to users with access to that network Gateway "A gateway can translate information between different network data formats or network architectures"[2] Endpoint Used to describe a computer, typically a PC, on the network which is regularly connecting a user to the network, and possibly the Internet. Cyber Defense Overview Network Architecture & Topology 4 / 12

In a switched network, everyone connected to the same switch (a bridge) can identify everyone else connected to it, but only endpoints of a coversation may observe the content of that traffic. The switch will negotiate with each device physically connected to the switch to determine what host addresses are accessible on the connected port, and the switch will retain a record of these. This enables multiple switches to maintain internal pictures of the network, when interconnected. Cyber Defense Overview Network Architecture & Topology 5 / 12

A "primary" corporate network. A1 can talk to A3, without A2 or A4 being able to see the content. Cyber Defense Overview Network Architecture & Topology 6 / 12

A "remote", secondary corporate network. B2 can talk to B1 directly. Cyber Defense Overview Network Architecture & Topology 7 / 12

Join networks via a Router Router can observe all traffic from any host in one network communicating with any host in another network Architectural "choke point" & partitioning tool Architectural "visibility" enforcement tool While a firewall is a separate concept, modern routers typicall incorporate firewalls within the same box Cyber Defense Overview Network Architecture & Topology 8 / 12

Join example to so that users on each network may communicate with one another. Still two partitioned networks, but we ve added functionality to "route" certain traffic types to each one. Cyber Defense Overview Network Architecture & Topology 9 / 12

Firewalls can perform traffic inspection to determine if certain traffic should even be routed to the remote network, and vice-versa. There are now 4 partitions to the network, after the addition of firewalling points. Cyber Defense Overview Network Architecture & Topology 10 / 12

This course is intended as a broad overview, with some advanced proficiency in networking expected. Further research on the details of Internet technology, networking data structures, and general networking topics: http://www.freesoft.org/cie/topics/index.htm http://www.comptechdoc.org/independent/networking/guide/ Cyber Defense Overview Network Architecture & Topology 11 / 12

[1] Mark Allen. The ctdp networking guide, firewalls section. http://www.comptechdoc.org/independent/networking/guide/netfirewall.html. [2] Mark Allen. The ctdp networking guide, network devices section. http://www.comptechdoc.org/independent/networking/guide/netdevices.html. [3] Mark Allen. The ctdp networking guide, network protocol levels section. http://www.comptechdoc.org/independent/networking/guide/netstandards.html. Cyber Defense Overview Network Architecture & Topology 12 / 12

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information