Home | Networking Fundamentals

 

Google
 
 

 

Browse Topics

Networking Basics

OSI Reference Model

Introduction to TCP/IP

LAN Basics

Understanding Switching

WAN Basics

Understanding Routing

What Is Layer 3 Switching?

Understanding Virtual LANs

Understanding Quality of Service

Security Basics

Understanding Virtual Private Networks (VPN)

Voice Technology Basics

Network Management Basics

The Internet

 

 

 

Security Basics

Welcome to the Lesson 11.Our goal here is to give you the terminology, the words that your customers are going to want you to know and want you to be able to converse with.

Contents

 - Why Networks Need Security?

 - Security Technology

 - Authentication, Authorization, and Accounting (AAA)

 - Authentication and Accounting Protocols

 - The Kerberos Authentication technology

 - Network Address Translation

 - Integrity - Network Availability

 - Access Control Lists and Firewalls

 - Packet-Filtering Routers

 - Performance Requirements in a Firewall and IPSec

 - IKE—Internet Key Exchange

 - Active Audit Network Vulnerability Assessment

 - IDS Attack Detection

All Networks Need Security

Security is very important. The Internet is a wonderful tool. Meteoric growth like that of Cisco from nowhere to a multi-billion dollar company in a decade would not be possible without leveraging the tools available with the internet and intranet.

But without well defined security, the Internet can be a dangerous place. The good news is that the tools are available to make the Internet a safe place for your business. Some people think that only large sites are hacked. In reality, even small company sites are hacked.
There’s a false impression from many small company owners that, "Hey, who would want to break into my company? I’m a nobody.
I’m not a big corporation like IBM or the Pentagon or something like that, so why would somebody want to break into my company?"
The reality is that even small companies are hacked into very, very often.

Why Security?

Why network security? There’s three primary reasons to explore network security.

 - One is policy vulnerabilities.
 - Another one, configuration vulnerabilities.
 - Lastly, there’s technology vulnerabilities.

And the bottom line is there are people that are willing and eager to take advantage of these vulnerabilities.

Security Threats

So these are some of the different things that we need to protect against:

Loss of privacy: Without encryption, every message sent may be read by an unauthorized party. This is probably the largest inhibitor of business-to-business communications today.



Impersonation: You must also be careful to protect your identity on the Internet. Many security systems today rely on IP addresses to uniquely identify users. Unfortunately this system is quite easy to fool and has led to numerous break-ins.



Denial of service:And you must ensure that your systems are available. Over the last several years, attackers have found deficiencies in the TCP/IP protocol suite that allows them to arbitrarily cause computer systems to crash.



Loss of integrity:Even for data that is not confidential, one must still take measures to ensure data integrity. For example, if you were able to securely identify yourself to the your bank using digital certificates, you would still want to ensure that the transaction itself is not modified in some way, such as by changing the amount of the deposit.

Security Objective: Balance Business Needs with Risks

Objectives for security need to balance the risks of providing access with the need to protect network resources. Creating a security policy involves evaluating the risks, defining what’s valuable, and determining whom you can trust. The security policy plays three roles to help you specify what must be done to secure company assets.

   -It specifies what is being protected and why, and the responsibility for that protection.
   -It provides grounds for interpreting and resolving conflicts in implementation, without listing     specific threats, machines, or individuals. A well-designed policy does not change much over     time.
   -It addresses scalability issues

Employees expect access but an enterprise requires security. It is important to plan with scalability and deployment of layered technologies in mind. Security policies that inhibit productivity may be too restrictive.

Related Topics

 

Home | Links | Contact Us