Security Technologies - PowerPoint PPT Presentation

1 / 26

About This Presentation

Title:

Security Technologies

Description:

Require passwords to timeout to be periodically changed. Limit password re-use ... IDS, IPS and AntiVirus Protection. Lines are blurring. Antivirus software ... – PowerPoint PPT presentation

Number of Views:82

Avg rating:3.0/5.0

Slides: 27

Provided by: markmc82

Category:

more less

Transcript and Presenter's Notes

Title: Security Technologies

1
Security Technologies

By
Bob Larson

2
Just a Thought
3
Overview

Passwords (User Identity)
Firewalls
Intrusion Detection Systems (IDS)
Intrusion Protection Systems (IPS)
Network Monitoring
Virtual Private Networks (VPNs)
All-In-One Devices

4
User Identity

Mechanisms for proving who you are
Both people and devices can be authenticated
Three authentication attributes
Something you know
Something you have
Something you are
Common approaches to Identity
Passwords
Tokens
PKI (Digital Certificates)
Biometrics

5
Password Attacks Mitigation

Require passwords to timeout to be periodically
changed
Limit password re-use
Do not allow users to use the same password on
multiple systems
Disable accounts after a certain number of
unsuccessful login attempts
Do not use plain text passwords
OTP (One Time use) or cryptographic password is
recommended.
Use strong passwords
At least eight characters long
Contain
Uppercase letters
Lowercase letters
Numbers
Special characters

6
What is a Firewall?
Most firewalls use NAT to hide internal addresses
from the outside.
7
Firewall Types

Appliance-based firewalls
Hardware platforms
Designed specifically as dedicated firewalls
May support other secondary functions
Intrusion Protection, VPNs
Server-based firewalls
UNIX, Linux, Windows or Novell
Warning Vulnerabilities and resource use of the
O/S must be considered
Integrated firewalls
Adding firewall functionality to an existing
device

8
Personal Firewalls
Built into VPN Client
9
IDS, IPS and Network Monitoring
10
IDS, IPS and AntiVirus Protection

Lines are blurring
Antivirus software
Attempts to identify, thwart and eliminate
viruses and malicious software (malware)
Examines files looking for known viruses
signatures
Matching signatures to definitions in a virus
dictionary
Intrusion Detection System (IDS)
Inspects all inbound and outbound network
activity
Identifies suspicious patterns that may indicate
an attack
Sends alarm to monitoring system Admin can
instigate action
Intrusion Prevention System (IPS)
Can act on suspected intrusion traffic
Break the connection and refuse re-connection
Often described as combination IDS and firewall
system
Today often includes centralized SPAM and Virus
protection
All are typically a subscription service

11
Attack Signatures Designations

Info Reconnaissance
Info Atomic
Info Compound
Attack Data manipulation, destruction or DOS
Attack Atomic
Attack Compound
Atomic single packet can indicate threat
Compound series of legitimate frames being used
in a malicious way

12
Monitor, Manage, and Audit
13
VPNs
14
Virtual Private Network (VPN)

Secure connection between two parts of a private
network, or two private networks, that uses a
public network such as the Internet to reduce
costs
Data confidentiality
Encrypting packets before transmitting
Even if intercepted the data is useless
Data integrity
Is what was received exactly what was sent?
Receiver authenticates packets to ensure that the
data has not been altered during transmission
Data origin authentication
Is the sender who they claim to be?
Receiver authenticates the source of the packets
sent
Dependent upon the data integrity service
Anti-replay
Receiver detects and rejects replayed packets

15
Three Main Types of VPNs

Access VPNs
Used to connect mobile users, telecommuters and
branch offices
Remote (on-demand) access to an enterprise
intranet or extranet
Can use telephone connections, cable Internet,
DSL, mobile IP
Intranet VPNs
Link enterprise headquarters, remote offices, and
branch offices to an internal network using
dedicated connections
Differ from extranet VPNs only allow access to
the enterprise employees
Extranet VPNs
Link outside customers, suppliers, partners or
communities of interest to an enterprise network
using dedicated connections
Differ from intranet VPNs allow access to users
outside the enterprise

16
Virtual Private Networks
Internet
17
VPN Tunnels Through Internet
Router-to-Router

VPNs can create secure encrypted tunnels through
the Internet
Run from perimeter to perimeter device
Run from user PC to perimeter device
Run from user PC to a server
Encryption provides the security
Not a physical tunnel
Analogies limousine or foreign language in
public

Firewall-to-Firewall
18
Traffic Over VPN Tunnels

At sending tunnel device
Original packet is encrypted
Scrambled to make unusable
New header added only identifies the tunnel
ends
Conceals the real source and destination
email from Microsoft to Berkshire Group
Interesting
email from Bill Gates to Warren Buffett
Priceless
At receiving tunnel device
New header removed
Payload is decrypted yielding original packet

19
Symmetrical Encryption
Cornerstone to security lies in the secrecy of
the key used to encrypt data!
Key is never transmitted
20
Asymmetric Encryption
Public Key Encryption
Key is never transmitted
21
Three Encryption Algorithms