Network Security. Mike Trice, Network Engineer mtrice@asc.edu. Richard Trice, Systems Specialist rtrice@asc.edu. Alabama Supercomputer Authority

Similar documents
FIREWALLS & CBAC. philip.heimer@hh.se

Cisco ASA. Administrators

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

Achieving PCI-Compliance through Cyberoam

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

Lab Configuring Access Policies and DMZ Settings

SonicWALL PCI 1.1 Implementation Guide

Summer Webinar Series

How To Protect Your Firewall From Attack From A Malicious Computer Or Network Device

JK0-022 CompTIA Academic/E2C Security+ Certification Exam CompTIA

Recommended IP Telephony Architecture

CISCO IOS NETWORK SECURITY (IINS)

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security

Data Security Symposium. Network Security and Planning Ron Ternowski

Campus VPN. Version 1.0 September 22, 2008

Network Security Topologies. Chapter 11

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

G/On. Basic Best Practice Reference Guide Version 6. For Public Use. Make Connectivity Easy

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

Section 12 MUST BE COMPLETED BY: 4/22

Cisco Certified Security Professional (CCSP)

Firewall Configuration. Firewall Configuration. Solution Firewall Principles

74% 96 Action Items. Compliance

INTRUSION DETECTION SYSTEMS and Network Security

Chapter 1 Network Security

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

8. Firewall Design & Implementation

Chapter 7. Firewalls

Payment Card Industry Self-Assessment Questionnaire

RAP Installation - Updated

How To Protect Your Network From Attack From Outside From Inside And Outside

FileCloud Security FAQ

Security Technology: Firewalls and VPNs

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

IINS Implementing Cisco Network Security 3.0 (IINS)

Building Your Firewall Rulebase Lance Spitzner Last Modified: January 26, 2000

The Bomgar Appliance in the Network

Cisco ASA 5500-X Series ASA 5512-X, ASA 5515-X, ASA 5525-X, ASA 5545-X, and ASA 5555-X

Internet infrastructure. Prof. dr. ir. André Mariën

Network Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting

Firewall Architecture

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9

Introduction to Endpoint Security

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL

What is a Firewall? Computer Security. Firewalls. What is a Firewall? What is a Firewall?

What would you like to protect?

Network Security Guidelines. e-governance

Computer Networks. Secure Systems

Implementing Cisco IOS Network Security

ΕΠΛ 674: Εργαστήριο 5 Firewalls

How To Configure A Kiwi Ip Address On A Gbk (Networking) To Be A Static Ip Address (Network) On A Ip Address From A Ipad (Netware) On An Ipad Or Ipad 2 (

Network Security. Tampere Seminar 23rd October Overview Switch Security Firewalls Conclusion

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

WICKSoft Mobile Documents for the BlackBerry Security white paper mobile document access for the Enterprise

Security. TestOut Modules

NETASQ MIGRATING FROM V8 TO V9

Summary of Technical Information Security for Information Systems and Services Managed by NUIT (Newcastle University IT Service)

Firewalls (IPTABLES)

Developing Network Security Strategies

Lab Developing ACLs to Implement Firewall Rule Sets

Architecture. The DMZ is a portion of a network that separates a purely internal network from an external network.

Network Defense Tools

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

Cisco ASA 5500 Series Business Edition

White Paper. BD Assurity Linc Software Security. Overview

PCI Requirements Coverage Summary Table

Application Note. Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder )

Firewall Security. Presented by: Daminda Perera

Configuring User Identification via Active Directory

UNCLASSIFIED. BlackBerry Enterprise Server Isolation in a Microsoft Exchange Environment (ITSG-23)

Firewall, Mail and File server solution

Firewalls. Ahmad Almulhem March 10, 2012

Mapping EventTracker Reports and Alerts To The SANS 20 Critical Controls Consensus Audit Guidelines v3.1 Prism Microsystems, October 2012

March

Today s Topics. Protect - Detect - Respond A Security-First Strategy. HCCA Compliance Institute April 27, Concepts.

UCIT INFORMATION SECURITY STANDARDS

Network Infrastructure Security Good Practice Guide. August 2009

Professional Integrated SSL-VPN Appliance for Small and Medium-sized businesses

ΕΠΛ 475: Εργαστήριο 9 Firewalls Τοίχοι πυρασφάλειας. University of Cyprus Department of Computer Science

Networking for Caribbean Development

Using Ranch Networks for Internal LAN Security

Perimeter Firewalls. Brandon Napier Rick Archibald Pete Jamison HAL PC & HLUG 09/22/2007. brought to you by: in association with

Windows 7, Enterprise Desktop Support Technician

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

REDCENTRIC MANAGED FIREWALL SERVICE DEFINITION

Test Case 3 Active Directory Integration

Catapult PCI Compliance

Cisco Certified Network Expert (CCNE)

Firewalls, IDS and IPS

Chapter 9 Firewalls and Intrusion Prevention Systems

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

Brazosport College VPN Connection Installation and Setup Instructions. Draft 2 March 24, 2005

Network Security. Protective and Dependable. 52 Network Security. UTM Content Security Gateway CS-2000

Industrial Security Solutions

Transcription:

Network Security Mike Trice, Network Engineer mtrice@asc.edu Richard Trice, Systems Specialist rtrice@asc.edu Alabama Supercomputer Authority

What is Network Security Network security consists of the provisions made in an underlying computer network infrastructure, policies adopted by the network administrator to protect the network and the network-accessible resources from unauthorized access, and consistent and continuous monitoring and measurement of its effectiveness (or lack) combined together. - Wikipedia

Key Points Defining policies regarding acceptable use of IT Resources Controlling access to IT resources. Monitoring and measuring the effectiveness of those controls, and policies

Defining Policies First Step HAVE A POLICY Make the users aware of the policy Enforce the policy with external and internal controls

Controlling Access to Resources External Controls - Controls access between networks Firewall Content filter IDS & IPS Internal Controls Controls access within a network Authentication Anti-virus Anti-spyware Acceptable Use policy

Firewalls - Features Access Control List (ACL) Access Restrictions DeMilitarized Zone (DMZ) Segment Networks Virtual Local Area Network (VLAN) Segment Networks Network Address Translation (NAT) Content Filtering Virtual Private Network (VPN) Remote Access

Firewalls - ACL Control access between networks (permit or deny) 1. IP Address 2. Protocol 3. Port Number 4. Time of Day Can only control traffic passing through it Not a Content Filter Basic Rule: If you don t need it, turn it off.

Firewalls - DMZ Network Segments 1. Wireless (Internet Access Only) 2. Different Campuses 3. Labs (No Internet, Server Access Only) 4. Internet Servers (Web & Email Servers) 5. Private Servers (STI DB, SETS, McAleer) 6. etc Must be a separate subnet to force traffic through the firewall

Firewalls - VLAN VLANs are a switch technology to create multiple virtual switches out of one physical switch Useful with DMZs to provide extended range for network segments Same network segment reasons as DMZs Trunking VLANs across networks

Firewalls - NAT Several types of NAT 1. Many to One (Port Address Translation) 2. One to One 3. Policy NAT Security through obscurity Useful for Content Filtering requirements 1. Admins 2. Teachers 3. Students 4. Wireless

Firewalls - VPN Secure Remote Access to Local Resources Cisco IPSEC Client 1. NO VISTA SUPPORT!!! 2. Must download, install, and setup client WebVPN 1. Client-based (Anyconnect Client) Vista Support 2. Clientless (Browser-based) Authentication from local AD server or LDAP server] AD Server controls access restrictions

Content Filter Web Filter Must be CIPA Compliant Deny access to proxies almost impossible with home proxies Different filters for different levels of users Email spam and virus filters

IDS & IPS Intrusion Detection System (IDS) Monitors network traffic and identifies malicious traffic (ex. IP Audit Needs monitor port on central switch) Intrusion Prevention System (IPS) Builds on IDS, and after identifying malicious traffic, it then drops only the bad traffic off the network Could backfire on network admin with spoof attacks (releasing control of network from Admin)

Manageable Switches Basic Rule: If you don t need it, turn it off. That goes for individual ports as well Use VLANs to separate different networks

Server Configuration Authentication Unified Authentication Active Directory, OpenLDAP. Advantages and Disadvantages Unused Services Turned OFF!!!! IIS? Old Pop/IMAP? Telnet? UPnP? Software firewall Windows Firewall, iptables Password Policies Strong Passwords! Scheduled updates Anti-Virus Absolutely NOT used for surfing the web Encryption turned on where possible SSL (HTTPS, IMAPS, POP3S)

PC Configuration Strong Passwords Secure services where possible Not pop, but pop3s etc All services turned off that aren t needed. Antivirus/Anti Spyware/Auto updates Firefox/chrome In case of IE compromise USB devices Long talk. Laptops (nightmares)

Tools Unix Systems ps, top, rpm V, df, etc Windows Systems Sysinternals Tool sets = Win. http://technet.microsoft.com/en-us/sysinternals/bb896649.aspx File and Disk Utilities Networking Utilities Process Utilities Security Utilities (root kit revealer) Misc

Backups Security breaches *will* happen Disks *will* fail Users *will* accidentally delete important things Backup Exec, Rsync, etc.. Have them at the ready

Users I hate to use the word, but users are.. Bad passwords dangers Good passwords, easy to remember Downloading attachments Viruses/Spyware Clicking on pretty things Cross-site scripting Is it their fault? Sometimes. Human nature. Our job is to be prepared. Our job is to educate Our job is to secure.

Monitoring I call you, and say You re sending out spam. What do you do? Firewall capture What if it only sends out spam at night? Bandwidth monitors Outgoing traffic vs. Incoming traffic Ipaudit? Nagios? Netflow? Tools http://www.slac.stanford.edu/xorg/nmtf/nmtf-tools.html

Wrap up Key Points Firewall Separation of traffic Encryption Good Passwords Turn it off if it isn t needed Usage Policy Monitoring Questions?

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information