Business Data Communications and Networking Chapter 11 - Network Security.pdf

11 Pages
Unlock Document

158 .235
Arno Leist

Network Security Security has always been a major business concern. Need to protect physical assets and information assets. Computer security is becoming increasingly important, there are now more sophisticated tools for breaking in. CERT – Computer Emergency Response Team Responds and raises awareness of computer security issues. The average business loss due to security breaches is $350,000. Primary Goals in Providing Security Confidentiality – Protection of data from unauthorized disclosure. Integrity – Assurance that data have not been altered or destroyed. Availability – Providing continuous operations of hardware and software, so people can be assured of uninterrupted service. Types of Security Threats Disruptions – Loss or reduction in network service Destruction of data – Viruses destroying file, crash of hard disk. Disasters – May destroy host computers. Intrusion – Hackers gaining access to data files. Unauthorized access incidents. Network Controls Mechanisms that reduce or eliminate the threats to network security. Preventative controls – Stop an event, act as a deterrent Detective controls – Reveal unwanted events through monitoring. document events. Corrective controls – Remedy an unwanted event Risk Assessment Key step in developing a secure network. Assigns a level of risk to various threats. By comparing the nature of threats to the controls designed to reduce them. Using a control spreadsheet. Mission critical applications – very important, programs critical to survival of business. Value of an asset is a function of: - its replacement cost - personnel time to replace the asset - lost revenue de to the absence of the asset. Ensuring Business Continuity Make sure that organizations data and applications will continue to operate even in the face of disruption, destruction or disaster. Continuity Plan includes the need to: - Develop controls - Disaster recovery plan Preventing Disruption, Destruction and Disaster Preventing Malware Viruses spread when infected files are accessed. Worms – virus that spreads itself without human intervention. Trojans: Spyware – monitors what happens on the target computer Adware – monitors users actions and displays advertisements DDoS – turns the device into a “zombie” agent Preventing Denial of Service Attacks Network is disrupted by a flood of messages that prevents messages from normal users. Distributed DoS (DDoS) come from many different computers. To prevent DOS: Traffic filtering – verify all incoming traffic source addresses for validity. Traffic limiting – Flood of packets are entering the network, limit incoming access regardless of the source. Traffic anomaly detectors – Analysis of traffic to see what normal traffic looks like, blocks abnormal patterns. Preventing Theft Security plan must include an evaluation of ways to prevent equipment theft. Physical security is a key component. Preventing Device Failure Redundancy is a key principal in preventing disruption, destruction and disaster. Common redundancy example: - Uninterruptible power supplies - Disk mirroring – RAIDs – a redundant second disk for every disk Correcting Disruption, Destruction and Disaster Disaster Recovery Plans Identify clear responses to possible disasters Provide for complete or partial recovery of data application software, network components and physical facilities. This should include a backup of controls which are encrypted and also use Continuous Data Protection (CDP) Preventing Intrusion Types of Intruders: Casual Intruders – with limited knowledge, script kiddies Security Experts (Hackers) – Thrill of the hunt, show off Professional Hackers – Breaking into computers for specific purposes Organisation Employees – Legitimate access to the network, gain access to information not authorized to use. Requires a proactive approach that includes routinely testing the security systems. Best rule for high security: Don’t keep extremely sensitive data online, store them in computers isolated from the network. Also need a Security Policy which is critical to controlling risk due to access. Tells what assets to be safeguarded and controls needed. Basic Access Points into a Network: - LANs - Dial-up through modem - Internet Basic Elements in Preventing Access - Firewalls - Network Address Translation (NAT) - Physical Security Firewalls Prevent intruders by securing Internet connections. Deny unauthorized access and denial of service attacks to your network. - Examines packets flowing into and out of the organizations network - Restricts access to that network - Placed on every connection to the Internet Types of Firewalls: - Packet level firewalls - Application level firewalls Packet Level Firewalls Examines the source and destination address of every packet passing through - Allows only packets that have acceptable addresses to pass - Only examines IP Addresses and TCP/UDP port. Uses Access Control Lists, a set of rules for a packet-level firewall. Used to permit or deny packets entry. However IP Spoofing remains a problem Doesn’t match allowed ports Application Level Firewalls It understands at least one application layer protocol. E.g. HTTP, FTP Operates on the application layer - Can detect whether an unwanted protocol is run through a non- standard port - Whether the protocol is being abused in a harmful way Requires more processing power than packet filters which can impact network performance. Network Address Translation (NAT) Used by most firewalls to shield a private network from a public network. Translates between private addresses inside a network and public addresses outside the network. NAT Proxy Server uses an address table to do translations, and slows down message transfer. Requires at lease two separate Domain Name Servers. Using private addresses with NAT provides additional security. Assigns private IP addresses to devices inside the network. Physical Security Means of preventing outsiders from gaining access into offices, server rooms, and equipment. Implement proper access controls to areas were network equipment is located. - So only authorized personnel to have access - Each network compone
More Less

Related notes for 158 .235

Log In


Join OneClass

Access over 10 million pages of study
documents for 1.3 million courses.

Sign up

Join to view


By registering, I agree to the Terms and Privacy Policies
Already have an account?
Just a few more details

So we can recommend you notes for your school.

Reset Password

Please enter below the email address you registered with and we will send you a link to reset your password.

Add your courses

Get notes from the top students in your class.