Security Protocols - PowerPoint PPT Presentation

1 / 30
About This Presentation
Title:

Security Protocols

Description:

Proxy Servers ... you need to use a proxy server, which is sometimes called a ... Proxy servers are often preferred over firewalls because they fully prevent ... – PowerPoint PPT presentation

Number of Views:265
Avg rating:3.0/5.0
Slides: 31
Provided by: ettc6
Category:

less

Transcript and Presenter's Notes

Title: Security Protocols


1
Chapter 8
  • Security Protocols

2
Types of Attacks
  • Altering data
  • Eavesdropping
  • IP address spoofing
  • Password pilfering
  • Denial of service
  • Virus
  • See Table 8-1

3
IPSec
  • IP version 4.0 doesnt include a native security
    method, so IPSec was created.
  • Not only is IPSec considered an addition to IPv4,
    it also has been incorporated into the IPv6
    protocol.

4
IPSec
  • Based on cryptography, Internet Protocol
    Security, or IPSec, ensures the privacy of
    network traffic as well as its authentication.
  • IPSec is used for peer-to-peer and client-server
    communications across a private or public
    network secure LAN-to-LAN communications across
    a WAN and remote access transmissions via either
    dialup or virtual private network (VPN).
  • IPSec functions at the Network layer.

5
IPSec
  • An IPSec session is initiated when the IP
    protocol receives data from upper layers. IPSec
    works with the destination computer to agree upon
    the shared key and then encrypts the data at the
    sending host.
  • This process ensures that the data packets are
    unreadable while en route to their destination,
    where they are then decrypted using the shared
    key.

6
IPSec
  • IPSec supports two types of encryption
    modestransport and tunnel.
  • The transport mode encrypts only the data part of
    the packet, not the header.
  • Tunnel mode encrypts the entire header and data.
  • IPSec is used with L2TP to create a tunnel.
  • IPSec offers the tunnel an authentication and
    encryption method.

7
VPN Protocols
  • Virtual private networking is a system of
    creating a private network connection that
    travels through a public network.
  • Even though the VPN exists within a public
    network, the connection is intended to be as safe
    as a private network.
  • Reduces costs!

8
L2TP
  • L2TP is a VPN protocol used along with IPSec to
    ensure confidentiality of the data transmission.
  • L2TP grew out of the combination of two prior
    protocolsPoint-to-Point Tunneling Protocol
    (PPTP) courtesy of Microsoft and Ciscos Layer 2
    Forwarding (L2F) protocol.
  • L2TP borrows many of the qualities of PPTP,
    especially in that it extends the Point-to-Point
    Protocol (PPP) used for remote access.

9
L2TP
10
Why Use L2TP Instead of PPTP?
  • The main reason that an administrator would
    consider using L2TP over L2F is that the L2TP
    client is included in Windows 2000 and later
    operating systems.
  • PPTP is supported by Windows servers only, while
    L2TP was developed to be a standard that is
    already natively supported by Cisco routers and
    Windows 2000 servers.
  • Because L2TP is usually implemented along with
    IPSec to create a true VPN, it offers a much
    higher level of security than PPTP.
  • L2TP offers a wider variety of protocols than
    PPTPsupporting not only TCP/IP but also IPX/SPX
    and Systems Network Architecture (SNA), which is
    used by mainframe computers, and other types of
    computers.

11
Secure Sockets Layer (SSL)
  • SSL is the abbreviation for Secure Sockets Layer,
    but users will likely be more familiar with its
    manifestation as the HTTPS// that precedes the
    URL of a secure Web site.
  • SSL is a protocol that uses a public key to
    encrypt the data transmitted across the Internet.
  • It is commonly used to provide privacy for
    sensitive information such as credit card numbers.

12
Secure Sockets Layer (SSL)
13
Secure Sockets Layer (SSL)
14
Kerberos
  • When an entity attempts to access a
    Kerberos-protected resource and provides correct
    authentication information, Kerberos issues a
    ticket to it.
  • This method does not require a password for
    transmission across the network.
  • The ticket is actually a temporary certificate
    with the information required to identify the
    entity to the network.

15
Kerberos
  • The entity uses this Kerberos ticket to request
    further Kerberos tickets to allow it to access
    subsequent services on the network.
  • Each process requires a complex mutual
    authentication, but this is completely
    transparent to the user.

16
Kerberos Trust Relationships
  • Kerberos enables trusts to be established between
    two different UNIX realms, between two Windows
    2000 domains, or even between a UNIX realm and a
    Windows 2000 domain.
  • Trust relationships are established using
    Kerberos so that authentication credentials can
    be passed on to network resources in trusted
    domains or realms.

17
Kerberos Trust Relationships
  • Kerberos trust relationships are typically
    transitive and bidirectional in nature.
  • Transitive means that if domain A trusts domain
    B, and domain B trusts domain C, domain A is
    understood to trust domain C.
  • Bidirectional means that when domain A trusts
    domain B, domain B automatically trusts domain A.

18
Smart Cards
  • Smart cards are able to provide an interactive
    logon, secure e-mail messages, and authenticate
    access to network services.
  • When a user needs to access a resource, the user
    inserts the smart card into a reader attached to
    the network.
  • Smart cards require Public Key Infrastructure
    (PKI), a method of distributing encryption keys
    and certificates.

19
Firewalls
  • Typically a router with two interfacesone
    leading to the public network and the other to
    the private network
  • One of the methods a firewall uses to secure the
    network is packet filtering.
  • This is the process of receiving data packets
    from one interface and examining them to see
    which packets meet the rules.
  • For packets that meet firewall rules, they are
    either permitted or blocked, depending on how the
    rule is implemented.

20
Firewalls
  • Firewalls provide packet filtering based on the
    permit and deny commands found in access control
    lists.
  • Traffic can be filtered based on its source or
    destination address, as well as its source or
    destination ports.

21
Firewalls
22
Demilitarized Zones
  • A demilitarized zone (DMZ) is an offshoot from a
    firewall that is not considered part of the
    Internet, nor is it considered part of the
    private network.
  • This configuration places the DMZ between two
    firewalls.

23
Demilitarized Zones
24
Demilitarized Zones
  • DMZ can be an offshoot area in which the firewall
    has three interfaces, one that connects to the
    Internet, a second that connects to the DMZ, and
    a third that connects to the private network.
  • This configuration is driven solely by access
    control lists in which the DMZ access is relaxed
    compared to that of the private network.

25
Demilitarized Zones
26
Demilitarized Zones
  • One reason to create a DMZ is to provide access
    to certain servers, such as a Web server or
    e-mail server, yet still protect the rest of the
    network from those types of traffic.

27
Proxy Servers
  • The traditional firewall acts at the network
    layer, filtering packets from one interface to
    the other.
  • This type of firewall will make all permit/deny
    decisions based on the source or destination
    addresses, domain names, or ports, which are all
    in the IP packet header.
  • For a more sophisticated and secure method of
    blocking and permitting traffic, you need to use
    a proxy server, which is sometimes called a
    dual-homed gateway.

28
Proxy Servers
  • A proxy server doesnt permit traffic to pass
    through it between networks.
  • It does, however, examine each packet up to the
    application layer and reassemble a new packet for
    the other network.
  • Because each piece of data is so thoroughly
    examined, the proxy server is able to log traffic
    and perform audits.

29
Proxy Servers
30
Proxy Servers
  • Proxy servers are often preferred over firewalls
    because they fully prevent traffic from passing
    through from one network to another.
  • Because the proxy understands the
    application-layer protocol, it can implement
    security specific to that protocol.
Write a Comment
User Comments (0)
About PowerShow.com