Networks Security - PowerPoint PPT Presentation

1 / 25
About This Presentation
Title:

Networks Security

Description:

The Secure Network IP Layer. Tunnelling protocols ... The Secure Network IP Layer. Problems. Spoofing. Denial of service (the packet flood maneuver) ... – PowerPoint PPT presentation

Number of Views:20
Avg rating:3.0/5.0
Slides: 26
Provided by: thomash71
Category:

less

Transcript and Presenter's Notes

Title: Networks Security


1
Networks - Security
SecureGate Limited
Level 46, Nauru House 80 Collins Street Melbourne
VIC 3000 Phone 03 9662 2890 Fax 03 9654 8487
  • Penthouse, Level 13
  • 15 London Circuit
  • Canberra, ACT 2600
  • Phone 02 6262 9220
  • Fax 02 6262 9221

2
Introduction
  • A secure network?
  • Network security?
  • Cost benefit tradeoffs
  • How people interact with technology
  • Maintaining a balanced approach

3
The Secure Network Physical Layer
  • Functionality
  • Copper
  • Wireless
  • Fibre

4
The Secure Network Physical Layer
  • Problems
  • Tapping
  • Denial of service (the backhoe maneuver)
  • Man in the middle

5
The Secure Network Physical Layer
  • Possible solutions
  • Encryption
  • Physical protection
  • Monitoring

6
The Secure Network IP Layer
  • Functionality
  • Control protocols
  • Basically non authenticated
  • Potentially packets can be seen by anyone

7
The Secure Network IP Layer
  • Connection oriented protocols
  • Safer after filtering
  • May inspect protocol
  • May inspect content

8
The Secure Network IP Layer
  • Datagram protocols
  • Inherently less safe
  • But we base entire security infrastructure on DNS

9
The Secure Network IP Layer
  • Tunnelling protocols
  • Bypass filters except when used in gateway mode
  • Must keep ordinary and tunneled traffic separate

10
The Secure Network IP Layer
  • Problems
  • Spoofing
  • Denial of service (the packet flood maneuver)
  • Man in the middle

11
The Secure Network IP Layer
  • Possible solutions
  • Encryption
  • Logical protection
  • Monitoring

12
The Secure Network PKI Layer
  • Functionality
  • Authentication
  • Authorisation

13
The Secure Network PKI Layer
  • Problems
  • Spoofing
  • Denial of service (the directory maneuver)
  • Identity theft

14
The Secure Network PKI Layer
  • Possible solutions
  • Trust transitivity
  • Token protection
  • Monitoring

15
The Secure Network Encryption management
  • At what layer?
  • Techniques may differ, but process doesnt
  • Is most expensive operation on a secure network

16
The Secure Network
  • Attacking the end pointsServer end is generally
    better protected, so go after the client
  • At least 40 of home computers attached to high
    speed networks are open to the world
  • Many of them have trusted access into corporate
    networks
  • Home LANs are also of interest in securing a
    network

17
Network Security
  • The Function of evaluation
  • Not a silver bullet
  • Provides some degree of reassurance that quality
    control procedures are in place
  • Always must identify closely just what has been
    evaluated

18
Network Security
  • Risk assessment
  • Needs to address not only the technical aspects
    of the network connection
  • Starts with business need, rather than a
    solution.
  • What business function will the network
    connection achieve?
  • Then determine what sorts of risk business is
    willing to take
  • Then devise the solution

19
Network Security
  • Protection Profile
  • A generic description of the necessary security
    enforcing functions in a solution
  • It defines assumptions, threats, and security
    objectives
  • These are used to derive functional requirements
    for the security target

20
Network Security
  • Security Targets
  • The risk assessment and protection profile
    jointly drive the security target, which must
    include functional requirements for
    hardware/software platforms
  • Must also define the environment in which the
    platform will operate

21
Network Security
  • Policies, Practices, and Procedures
  • These are derived from the security target and
    protection profile
  • These enable a platform to operate in the way for
    which it was designed
  • Change control essential for managing security
    platform

22
Network Security
  • Personnel
  • Platform operators must be trustworthy so they
    must have background investigations
  • Separation of duties
  • Audit trailsExternal system and operations audit
    is required

23
Cost Benefit Tradeoffs
  • Process must examine risks and outcomes
  • Must be a continuing event
  • Environment is not static
  • Nor are desired outcomes

24
How people interact with technology
  • Want a tool to perform a task
  • Security widely seen as obstacle, not promoter
  • People are not good sources of randomness
  • If the secure way to perform a task is not
    easier, it never gets used

25
Maintaining a balanced approach
  • No use surrounding the kitchen with razor wire
    and guard dogs to protect a peanut butter
    sandwich
  • No use building a vault with the back wall
    missing
  • Particularly no use in building a better
    mousetrap when chasing hamsters
  • The only secure computer is an insured computer
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Networks Security" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!