Devices
Chapter 9
docsity.com
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Guidelines and tips
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Understanding Network Security: Firewalls, Routers, Switches, and VPNs, Slides of Cryptography and System Security
An overview of network security, focusing on the role of firewalls, routers, switches, and vpns in securing computer systems and networks. Topics covered include the purpose of a network firewall, types of firewall technology, the role of routers, switches, and other networking hardware in security, and when vpn or ras technology is appropriate for providing a secure network connection. The document also discusses drafting a security policy, access control, and various types of attacks and security mechanisms.
Typology: Slides
2011/2012
1 / 63
This page cannot be seen from the preview
Don't miss anything!
Related documents
Partial preview of the text
Download Understanding Network Security: Firewalls, Routers, Switches, and VPNs and more Slides Cryptography and System Security in PDF only on Docsity!
Devices
Chapter 9
Learning Objectives
Understand the purpose of a networkfirewall and the kinds of firewalltechnology available on the market Understand the role of routers, switches,and other networking hardware in security Determine when VPN or RAS technologyworks to provide a secure networkconnection
Management Cycle for
Firewall Protection
Draft a written security policy
Design the firewall to implement the policy
Implement the design by installing selectedhardware and software
Test the firewall
Review new threats, requirements foradditional security, and updates to systems andsoftware; repeat process from first step
Drafting a Security Policy
What am I protecting? From whom? What services does my company need toaccess over the network? Who gets access to what resources? Who administers the network?
Who Gets Access to Which
Resources?
List employees or groups of employeesalong with files and file servers anddatabases and database servers they needto access List which employees need remote accessto the network
Designing the Firewall
to Implement the Policy
Select appropriate technology to deploy thefirewall
What Do Firewalls Protect Against?
Denial of service (DoS) Ping of death Teardrop or Raindrop attacks SYN flood LAND attack Brute force or smurf attacks IP spoofing
Network Address Translation (NAT)
Only technique used by basic firewalls Enables a LAN to use one set of IP addresses forinternal traffic and a second set for externaltraffic Each active connection requires a unique externaladdress for duration of communication Port address translation (PAT) Derivative of NAT Supports thousands of simultaneous connections on asingle public IP address
Basic Packet Filtering
Firewall system examines each packet that entersit and allows through only those packets thatmatch a predefined set of rules Can be configured to screen information based onmany data fields: Protocol type IP address TCP/UDP port Source routing information
Access Control Lists (ACL)
Rules built according to organizationalpolicy that defines who can access portionsof the network
Routers
Network management device that sitsbetween network segments and routestraffic from one network to another Allows networks to communicate with oneanother Allows Internet to function Act as digital traffic cop (with addition ofpacket filtering)
How a Router Moves Information
Beyond the Firewall
Demilitarized zone (DMZ) Bastion hosts (potentially)