Network%20Security%20and%20Firewalls - PowerPoint PPT Presentation

About This Presentation

Title:

Network%20Security%20and%20Firewalls

Description:

Bastion host. Operating system hardening. Screening and choke routers. DMZ. Creating ... (single-homed bastion) Screened host firewall (dual-homed bastion) ... – PowerPoint PPT presentation

Number of Views:489

Avg rating:3.0/5.0

Slides: 93

Provided by: johnes9

Category:

more less

Transcript and Presenter's Notes

Title: Network%20Security%20and%20Firewalls

1
Network Securityand Firewalls
2
Lesson 1What Is Security
3
Objectives

Define security
Explain the need for network security
Identify resources that need security
Identify the two general security threat types
List security standards and organizations

4
What Is Security?

LANs
WANs
VPNs
Network perimeters

5
Hacker Statistics

One of every five Internet sites has experienced
a security breach
Losses due to security breaches are estimated at
10 billion each year
Intrusions have increased an estimated 50 percent
in the past year

6
What Is the Risk?

Categorizing attacks
Countering attacks systematically

7
The Myth of 100-Percent Security

Security as balance
Security policies

8
Attributes of anEffective Security Matrix

Allows access control
Easy to use
Appropriate cost of ownership
Flexible and scalable
Superior alarming and reporting

9
What You AreTrying to Protect

End user resources
Network resources
Server resources
Information storage resources

10
Who Is the Threat?

Casual attackers
Determined attackers
Spies

11
Security Standards

Security services
Authentication
Access control
Data confidentiality
Data integrity
Nonrepudiation
Security mechanisms
The Orange Book

12
Summary

Define security
Explain the need for network security
Identify resources that need security
Identify the two general security threat types
List security standards and organizations

13
Lesson 2Elements of Security
14
Objectives

Formulate the basics of an effective security
policy
Identify the key user authentication methods
Explain the need for access control methods
Describe the function of an access control list

15
Objectives (contd)

List the three main encryption methods used in
internetworking
Explain the need for auditing

16
Elements of Security
Audit
Administration
Encryption
Access Control
User Authentication
Corporate Security Policy
17
The Security Policy

Classify systems
Prioritize resources
Assign risk factors
Define acceptable and unacceptable activities
Define measures to apply to resources
Define education standards
Assign policy administration

18
Encryption

Encryption categories
Symmetric
Asymmetric
Hash
Encryption strength

19
Authentication

Authentication methods
Proving what you know
Showing what you have
Demonstrating who you are
Identifying where you are

20
SpecificAuthentication Techniques

Kerberos
One-time passwords

21
Access Control

Access Control List
Objects
Execution Control List
Sandboxing

22
Auditing

Passive auditing
Active auditing

23
Security Tradeoffsand Drawbacks

Increased complexity
Slower system response time

24
Summary

Formulate the basics of an effective security
policy
Identify the key user authentication methods
Explain the need for access control methods
Describe the function of an access control list

25
Summary (contd)

List the three main encryption methods used in
internetworking
Explain the need for auditing

26
Lesson 3Applied Encryption
27
Objectives

Create a trust relationship using public-key
cryptography
List specific forms of symmetric, asymmetric, and
hash encryption
Deploy PGP in Windows 2000 and Linux

28
Creating Trust Relationships

Manually
Automatically

29
Rounds, Parallelizationand Strong Encryption

Round
Discrete part of the encryption process
Parallelization
Use of multiple processes, processors or machines
to work on cracking one encryption algorithm
Strong encryption
Use of any key longer than 128 bits

30
Symmetric-KeyEncryption

One key is used to encrypt and decrypt messages

31
SymmetricAlgorithms

Data encryption standard
Triple DES
Symmetric algorithms created by the RSA Security
Corporation
International Data Encryption Algorithm

Blowfish and Twofish
Skipjack
MARS
Rijndael and Serpent
Advanced Encryption Standard

32
Asymmetric Encryption

Asymmetric-key encryption elements
RSA
DSA
Diffie-Hellman

33
Hash Encryption

Signing
Hash algorithms
MD2, MD4, and MD5
Secure hash algorithm

34
AppliedEncryption Processes

E-mail
PGP and GPG
S-MIME
Encrypting drives
Web server encryption

35
Summary

Create a trust relationship using public-key
cryptography
List specific forms of symmetric, asymmetric, and
hash encryption
Deploy PGP in Windows 2000 and Linux

36
Lesson 4Types of Attacks
37
Objectives

Describe specific types of security attacks
Recognize specific attack incidents

38
Brute-Force andDictionary Attacks

Brute-force attack
Repeated access attempts
Dictionary attack
Customized version of brute-force attack

39
System Bugs and Back Doors

Buffer overflow
Trojans and root kits

40
Social Engineeringand Nondirect Attacks

Call and ask for the password
Fraudulent e-mail
DOS and DDOS attacks
Spoofing
Trojans
Information leakage
Hijacking and man-in-the-middle attacks

41
Summary

Describe specific types of security attacks
Recognize specific attack incidents

42
Lesson 5General Security Principles
43
Objectives

Describe the universal guidelines and principles
for effective network security
Use universal guidelines to create effective
specific solutions

44
CommonSecurity Principles

Be paranoid
Have a security policy
No system stands alone
Minimize the damage
Deploy companywide enforcement

Provide training
Integrate security strategies
Place equipment according to needs
Identify security business issues
Consider physical security

45
Summary

Describe the universal guidelines and principles
for effective network security
Use universal guidelines to create effective
specific solutions

46
Lesson 6Protocol Layersand Security
47
Objectives

List the protocols that pass through a firewall
Identify potential threats at different layers of
the TCP/IP stack

48
TCP/IP andNetwork Security

The Internet and TCP/IP were not designed around
strong security principles

49
The TCP/IP Suite andthe OSI Reference Model

Physical layer
Network layer
Transport layer
Application layer
Presentation layer
Session layer
Data link layer

50
TCP/IPPacket Construction
Application Message e-mail, FTP, Telnet
TCP Segment
Header Body
IP Datagram
Header Body
Ethernet Frames
Header Body Trailer
51
Summary

List the protocols that pass through a firewall
Identify potential threats at different layers of
the TCP/IP stack

52
Lesson 7Securing Resources
53
Objectives

Consistently apply security principles
Secure TCP/IP services
Describe the importance of testing and evaluating
systems and services
Discuss network security management applications

54
Implementing Security

Categorize resources and needs
Define a security policy
Secure each resource and service
Log, test, and evaluate
Repeat the process and keep current

55
Resources and Services

Protecting services
Protect against profiling
Coordinate methods and techniques
Protect services by changing default settings
Remove unnecessary services

56
ProtectingTCP/IP Services

The Web Server
CGI scripts
CGI and programming
Securing IIS
Additional HTTP servers
FTP servers
Access control

57
Simple MailTransfer Protocol

The Internet Worm
The Melissa virus
E-mail and virus scanning
Access control measures

58
Testing and Evaluating

Testing existing systems

59
Security Testing Software

Specific tools
Network scanners
Operating system add-ons
Logging and log analysis tools

60
Security and Repetition

Understanding the latest exploits

61
Summary

Consistently apply security principles
Secure TCP/IP services
Describe the importance of testing and evaluating
systems and services
Discuss network security management applications

62
Lesson 8Firewalls andVirtual Private Networks
63
Objectives

Describe the role a firewall plays in a companys
security policy
Define common firewall terms
Describe packet-filtering rules
Describe circuit-level gateways
Configure an application-level gateway
Explain PKI
Discuss public keys and VPNs

64
The Roleof a Firewall

Implement a companys security policy
Create a choke point
Log Internet activity
Limit network host exposure

65
FirewallTerminology

Packet filter
Proxy server
NAT
Bastion host
Operating system hardening
Screening and choke routers
DMZ

66
CreatingPacket Filter Rules

Process
Packet filters work at the network layer of the
OSI/RM
Rules and fields

67
Packet Filter Advantages and Disadvantages

Drawbacks
Stateful multi-layer inspection
Popular packet-filtering products
Using the ipchains and iptables commands in Linux

68
ConfiguringProxy Servers

Recommending a proxy-oriented firewall
Advantages and disadvantages
Authentication
Logging and alarming
Caching
Reverse proxies and proxy arrays
Client configuration
Speed

69
Remote Access andVirtual Private Networks

Virtual network perimeter
Tunneling protocols
IPsec
ESP
PPTP
L2TP

70
Public KeyInfrastructure (PKI)

Standards
Based on X.509 standard
Terminology
Certificates

71
Summary

Describe the role a firewall plays in a companys
security policy
Define common firewall terms
Describe packet-filtering rules
Describe circuit-level gateways
Configure an application-level gateway
Explain PKI
Discuss public keys and VPNs

72
Lesson 9Levels of Firewall Protection
73
Objectives

Plan a firewall system that incorporates several
levels of protection
Describe the four types of firewall systems
design and their degrees of security
Implement a packet-filtering firewall

74
FirewallStrategies and Goals

Resource placement
Physical access points
Site administration
Monitoring tools
Hardware

75
Building a Firewall

Design principles
Keep design simple
Make contingency plans

76
Types ofBastion Hosts

Single-homed bastion host
Dual-homed bastion host
Single-purpose bastion hosts
Internal bastion hosts

77
Hardware Issues

Operating system
Services
Daemons

78
CommonFirewall Designs

Screening routers
Screened host firewall (single-homed bastion)
Screened host firewall (dual-homed bastion)
Screened subnet firewall (demilitarized zone)

79
Summary

Plan a firewall system that incorporates several
levels of protection
Describe the four types of firewall systems
design and their degrees of security
Implement a packet-filtering firewall

80
Lesson 10Detecting andDistracting Hackers
81
Objectives

Customize your network to manage hacker activity
Implement proactive detection
Distract hackers and contain their activity
Set traps
Deploy Tripwire for Linux

82
Proactive Detection

Automated security scans
Login scripts
Automated audit analysis
Checksum analysis

83
Distractingthe Hacker

Dummy accounts
Dummy files
Dummy password files
Tripwires and automated checksums
Jails

84
Punishingthe Hacker

Methods
Tools

85
Summary

Customize your network to manage hacker activity
Implement proactive detection
Distract hackers and contain their activity
Set traps
Deploy Tripwire for Linux

86
Lesson 11Incident Response
87
Objectives

Respond appropriately to a security breach
Identify some of the security organizations that
can help you in case your system is attacked
Subscribe to respected security alerting
organizations

88
DecideAhead of Time

Itemize a detailed list of procedures
Include the list in a written policy
Be sure all employees have a copy

89
Incident Response

Do not panic
Document everything
Assess the situation
Stop or contain the activity
Execute the response plan
Analyze and learn

90
Summary

Respond appropriately to a security breach
Identify some of the security organizations that
can help you in case your system is attacked
Subscribe to respected security alerting
organizations

91
NetworkSecurity and Firewalls