8/10/2019 Chapter 18 Network Security and Protocols
1/62
Network Security and
Protocols
Chapter 18
8/10/2019 Chapter 18 Network Security and Protocols
2/62
Chapter 18 2
Chapter Objectives - I
Explain the different Network Security Threats
Explain the need for Network Security Discuss the objectives of Cryptography
List the various types of Cryptosystems
Explain the concept of Digital Signatures
Identify the different Authentication Protocols
8/10/2019 Chapter 18 Network Security and Protocols
3/62
Chapter 18 3
Chapter Objectives - II
Discuss the different methods of
ensuring privacy
Explain the concept of Firewall
Discuss the concept of VLAN Explain the various Fault Tolerant And Redundancy
Methods
List the components of a Perfect Server
Demonstrate the implementation External Network
Security
List the different Network Security Protocols
8/10/2019 Chapter 18 Network Security and Protocols
4/62
Chapter 18 4
Recall - I
The combination of centralized processing model
and distributed processing model is called the client-
server model
Advantages of light wave technology are: Cost effective solution
Offers very high bandwidth
Very easy to install
8/10/2019 Chapter 18 Network Security and Protocols
5/62
Chapter 18 5
Recall - II
The different remote access methods used are:
Using phone lines and modems
Using ISDN lines
Using X.25 Advantages of connectionless internetworking are:
flexibility, robust and no unnecessary overhead
The two process involved in routing are host routing
and router routing
8/10/2019 Chapter 18 Network Security and Protocols
6/62
Chapter 18 6
Threats
Prevent users from accessing the requiredresources for performing their work
Types of Threats
Internal External
8/10/2019 Chapter 18 Network Security and Protocols
7/62
Chapter 18 7
Internal Threats
Malicious practices done by the local networks
users that do not allow efficient sharing of the
network resources
Common internal threats are: Unauthorized Access
Data Destruction
Administrative Access
System Crash/Hardware Failure Virus
8/10/2019 Chapter 18 Network Security and Protocols
8/62
Chapter 18 8
Protecting from Internal Threats
Methods of protecting internal threats largely
dependent on policies rather than technology
To protect the network from internal threats you need
to implement: Passwords
User Account Control
Policies
Fault Tolerance
8/10/2019 Chapter 18 Network Security and Protocols
9/62
Chapter 18 9
External Threats
External threats can exist in two forms: Attacker manipulates the user to gain access to the
network
Hacker at a remote location uses technical methods
to gain illegal access to your network
Common external threats are:
Social Engineering
Hacking
8/10/2019 Chapter 18 Network Security and Protocols
10/62
Chapter 18 10
Protecting from External Threats
Securing network from external threat is acompetition between hackers and security people
To protect the network from external threats you
need to provide:
Physical protection
Firewalls
Encryption
Authentication Public Keys and Certificates
VLAN
8/10/2019 Chapter 18 Network Security and Protocols
11/62
Chapter 18 11
Need for Network Security
Network security - Mechanism that protects the
network resources from being attacked by the
outside world
Hackers constantly look out for loopholes in thenetwork security and snoop into a network
8/10/2019 Chapter 18 Network Security and Protocols
12/62
Chapter 18 12
Security Attacks - I
Break the security barrier of the network and access thenetwork resources
Types of Security
Attacks
Active Passive
8/10/2019 Chapter 18 Network Security and Protocols
13/62
Chapter 18 13
Case Study - I
The Customer Service department of MoneyMakerbank provides online services to the customers. It
has been a month since maintenance tasks have
been performed on the computers of the
department at Hyderabad branch. The customerservice department of Hyderabad branch reports
that the response of the computers has become
slow and pop-ups continually plague Internet
browsers. The computers are infected withspyware.
8/10/2019 Chapter 18 Network Security and Protocols
14/62
Chapter 18 14
Problem
The performance of the computers in the costumer
service department has reduced
8/10/2019 Chapter 18 Network Security and Protocols
15/62
Chapter 18 15
Suggested Solution
Spyware is software and not a virus that hides itself
somewhere on the computer and collects
information about the user. Spyware is often
downloaded onto the computer when you downloadother free software or when you visit certain
Websites. To solve the problem the spyware can be
removed using a removal tool such as Spybot. This
will help in improving system performance.
8/10/2019 Chapter 18 Network Security and Protocols
16/62
8/10/2019 Chapter 18 Network Security and Protocols
17/62
Chapter 18 17
Implementing External Network
Security - II
SOHO routers are connected to provide security to
networked systems sharing a single Internet
connection
Large networks employ a dedicated firewall between agateway router and the protected network
A demilitarized zone (DMZ) can also be
implemented to prevent access to the network
8/10/2019 Chapter 18 Network Security and Protocols
18/62
Chapter 18 18
Cryptography
Cryptography is a science that deals with securinginformation
Objectives of Cryptography are:
Message Confidentiality
Message Integrity
Message Authentication
Message Nonrepudiation
Entity Authentication
8/10/2019 Chapter 18 Network Security and Protocols
19/62
Chapter 18 19
Types of Cryptosystems
Cryptographic systems consists of algorithms and
procedures used for encrypting the messages
Types of cryptographic systems:
Symmetric Cryptographic Systems Asymmetric Cryptographic Systems
Symmetric Cryptographic Systems use same keys
for encryption and decryption
Asymmetric Cryptographic Systems use two keys,one for encryption and other for decryption
8/10/2019 Chapter 18 Network Security and Protocols
20/62
Chapter 18 20
Encryption/Decryption
Encryption refers to conversion of plain text into
cipher text
Cipher algorithm is used to transform plain text into
cipher text Different types of traditional ciphers used to encode
the message fall in to two broad categories:
Substitution ciphers
Transposition ciphers
8/10/2019 Chapter 18 Network Security and Protocols
21/62
Chapter 18 21
Public Key Encryption/Decryption
Uses a combination of two keys the private key
and the public key
Private key is known only to the receiver of the
message
8/10/2019 Chapter 18 Network Security and Protocols
22/62
Chapter 18 22
Secret Key Encryption / Decryption
Uses the same key to encrypt and decrypt the
message
Algorithm used for decrypting the message is
inverse of algorithm that is used to encrypt message
8/10/2019 Chapter 18 Network Security and Protocols
23/62
Chapter 18 23
Digital Signatures - I
Used to authenticate the origin of the document
Come under the asymmetric cryptography category
Can be accomplished in two ways:
Signing the document Signing the digest of the document
8/10/2019 Chapter 18 Network Security and Protocols
24/62
Chapter 18 24
Digital Signature - II
Signing the document
Signing the digest
8/10/2019 Chapter 18 Network Security and Protocols
25/62
Chapter 18 25
Authentication Protocol
Authentication is a process by which the identity of
the concerned party is identified before starting the
communication process
Data traffic is encrypted using symmetric keycryptography for performance reasons
Public key cryptography is used for developing
authorization protocols as well as creating a session
key
8/10/2019 Chapter 18 Network Security and Protocols
26/62
Chapter 18 26
Authentication based on Shared Secret
Key -I
Challenge response protocols used for authentication
using shared secret key
8/10/2019 Chapter 18 Network Security and Protocols
27/62
Chapter 18 27
Authentication using Kerberos
Three types of servers involved in Kerberos
protocol:
Authentication Server (AS)
Ticket-Granting Server (TGS) Real Server
8/10/2019 Chapter 18 Network Security and Protocols
28/62
Chapter 18 28
Authentication using PublicKey
Cryptography
Certification Authority : Organization that binds a
public key to an entity and issues a certificate
8/10/2019 Chapter 18 Network Security and Protocols
29/62
8/10/2019 Chapter 18 Network Security and Protocols
30/62
Chapter 18 30
Firewall - II
Demilitarized Zones in Firewall Network that is usually present between an internal
and external network of an organization
DMZ host provides services for external networks thus
providing cover for internal networks against intruders
8/10/2019 Chapter 18 Network Security and Protocols
31/62
Chapter 18 31
Case Study - II
Network administrator John has installed a new
Web browser on the computer of the employee in
the Mumbai branch of the MoneyMaker Bank. Theuser complains to John that he is unable to connect
to the Internet using the new Web browser and a
firewall warning message appears.
8/10/2019 Chapter 18 Network Security and Protocols
32/62
Chapter 18 32
Problem
Cannot view the Web pages on the new browser.
8/10/2019 Chapter 18 Network Security and Protocols
33/62
Chapter 18 33
Suggested Solution
The Windows firewall might block a program from
connecting to the Internet. To solve this problem you
might need to add the program to the exception listof the firewall.
8/10/2019 Chapter 18 Network Security and Protocols
34/62
Chapter 18 34
VLAN - I
Individual broadcast domains created by the switch
are called virtual LANs. Different characteristics used to group stations in a
VLAN are:
Port Numbers
MAC addresses IP addresses
Multicast IP Addresses
Combination
IEEE standard 802.1Q defines format of frametagging in VLAN
8/10/2019 Chapter 18 Network Security and Protocols
35/62
Chapter 18 35
VLAN - II
VLAN can be configured in three ways: Manual,
Automatic, and Semiautomatic
Three methods used for communication between
switches are:
Table Maintenance Frame tagging
Time Division Multiplexing (TDM)
Advantages of VLAN are:
Network Management Creating Virtual Work Groups
Security
8/10/2019 Chapter 18 Network Security and Protocols
36/62
Chapter 18 36
Fault Tolerance and Redundancy
Shared data of a network should have better
protection rather than having to restore the backups
with difficulty
The capability of a server to continue operating incase of a hardware failure is known as fault
tolerance
To implement fault tolerance you have to make the
data redundant on the serving system
8/10/2019 Chapter 18 Network Security and Protocols
37/62
8/10/2019 Chapter 18 Network Security and Protocols
38/62
Chapter 18 38
Network-Attached Storage (NAS)
Used for implementing a server just for file sharing
A prebuilt system usually running LINUX with Samba
and/or Network File System (NFS)
Devices have DHCP enabled and require very little orno configuration to run
8/10/2019 Chapter 18 Network Security and Protocols
39/62
Chapter 18 39
Storage area network (SAN)
SAN is a network whoseprimary aim is to transfer
data between disk arrays,
tape drives and servers
The various SAN
components are:
Fiber channel Switches
Hosts and Host Bus
Adapters
Storage Devices
Cabling and Cable
Connectors
8/10/2019 Chapter 18 Network Security and Protocols
40/62
Chapter 18 40
Tape Backup
Tape backup becomes essential incase of ahardware crash or damage to the server
Magnetic tape is the oldest method of storing datafrom the computer
Tape backup options fall in to three major groups:
Quarter-inch tape (QIC)
Digital Audio Tape (DAT)
Digital Linear Tape (DLT)
8/10/2019 Chapter 18 Network Security and Protocols
41/62
Chapter 18 41
Perfect Server - I
Network that shares data requires specializedhardware so as to share data as fast as possible
Hardware requirement for Speed
Fast NICS : Increasing the data throughput and
making it do more than one task at a time Faster Drives : Using a PATA or a SCSI drive and
implementing RAID 5 for data protection
8/10/2019 Chapter 18 Network Security and Protocols
42/62
Chapter 18 42
Perfect Server - II
Servers require reliability, speed as well as data
protection
Good Power
Antivirus Program Environment
8/10/2019 Chapter 18 Network Security and Protocols
43/62
Chapter 18 43
Hardware Requirement for speed
The hardware requirements for a server and aworkstation differ from each other completely
Workstations do not require the speed, reliabilityand data backup. Servers on the other hand require
reliability, speed, as well as data protection The two things that can make the server provide
good speed are:
Fast NICs
Fast Drives
8/10/2019 Chapter 18 Network Security and Protocols
44/62
Chapter 18 44
Reliability - I
A steady AC power supply is to be provided to allthe systems
The different methods of providing good power are:
Dedicated Circuits
Surge suppressors
Uninterruptible Power Supply (UPS)
Backup Power
Another problem along with faulty power is computerviruses
8/10/2019 Chapter 18 Network Security and Protocols
45/62
Chapter 18 45
Reliability - II
Five typical types of viruses are: Boot sector
Executable
Macro
Trojan Worm
Damage due to virus attacks can be prevented by
not allowing the virus from entering the system
Necessary to provide a good environment for the
server to improve its reliability
8/10/2019 Chapter 18 Network Security and Protocols
46/62
Chapter 18 46
Protocols
Different protocols are used at different layers of theOSI model for providing security to the users
The different protocols used are:
Secure Socket Layer (SSL)
Internet Protocol Security (IPSec)
Point-to-Point Tunneling Protocol (PPTP)
Point-to-Point Protocol (PPP)
Serial Line Interface Protocol (SLIP)
8/10/2019 Chapter 18 Network Security and Protocols
47/62
Chapter 18 47
SLIP
Serial Line Internet Protocol (SLIP) is used toconnect the computer to the Internet using serial
connection such as the dial-up modem
Serial Line Internet Protocol was designed for Data
link protocol for telephony
However, SLIP only supported TCP/IP and not
NetBEUI or IPX network.
8/10/2019 Chapter 18 Network Security and Protocols
48/62
Chapter 18 48
PPP - I
One of the common protocols for point to point
access
PPP addressed all of the shortcomings of SLIP
Different services provided by PPP are as follows:
Defines the format of the frames to be exchangedbetween devices.
Defines how the devices can negotiate for
establishment of link and exchange of data
Defines how network layer data is encapsulated in thedata link frame.
Defines how the devices can authenticate each other
8/10/2019 Chapter 18 Network Security and Protocols
49/62
Chapter 18 49
PPP - II
Provides multiple network layer services thatsupport different network layer protocols.
Provides connection over multiple links.
Provides network address configuration which isuseful incase a user needs a temporary network
address to connect to the Internet
8/10/2019 Chapter 18 Network Security and Protocols
50/62
Chapter 18 50
PPTP
Network protocol that allows secure transfer of datafrom a remote client to a private server
It is the Microsoft VPN encryption protocol
The three processes involved in PPTP are:
PPTP connection and communication
PPTP control connection
PPTP data tunnelling
8/10/2019 Chapter 18 Network Security and Protocols
51/62
Chapter 18 51
IPSec
Protocol set that was developed by InternetEngineering Task Force (IETF) for providing security
to a packet at the network level
IPSec operates in two modes:
Transport Mode
Tunnel Mode
8/10/2019 Chapter 18 Network Security and Protocols
52/62
Chapter 18 52
SSL
SSL is a protocol developed by Netscape for
transmitting private documents over the Internet.
Web pages that use SSL have URLs starting with
https
Different services provided by SSL for the datareceived by application layer are:
Fragmentation
Compression
Message Integrity Confidentiality
Framing
8/10/2019 Chapter 18 Network Security and Protocols
53/62
Chapter 18 53
Summary - I
There are two types of threats: Internal and External
threats
Internal threats are malicious practices done by the
local networks users that do not allow efficientsharing of the network resources
External threats are threats in which a hacker at a
remote location uses technical methods to gain
illegal access to your network
8/10/2019 Chapter 18 Network Security and Protocols
54/62
Chapter 18 54
Summary - II
Network security is a mechanism that protects thenetwork resources from being attacked by the
outside world
Security attacks can be passive or active
Cryptography is a science that deals with securinginformation and involves securing of messages,
authentication, and digital signatures
8/10/2019 Chapter 18 Network Security and Protocols
55/62
Chapter 18 55
Summary - III
Symmetric cryptographic systems
use the same
keys to encrypt and decrypt the message
Asymmetric cryptographic systems use two keys
one for encryption and the other for decryption for
securely transmitting the data
In digital signatures private key is used to encrypt
the message and public key is used to decrypt it
8/10/2019 Chapter 18 Network Security and Protocols
56/62
Chapter 18 56
Summary - IV
Authentication based on shared secret key uses
challenge response protocols
Encryption refers to conversion of plain text into
cipher text and the cipher algorithm is used to
transform plain text into cipher text
Decryption means converting cipher text back to
plain text and same cipher algorithms are used
decrypting
8/10/2019 Chapter 18 Network Security and Protocols
57/62
Chapter 18 57
Summary - V
Public key encryption / decryption use public key to
encrypt the message and private key to decrypt the
message
Secret key encryption / decryption use the shared
secret key to encrypt and decrypt the message
Firewall is a system that blocks all unwanted and
unauthorized access of the system resources
Demilitarized zone (DMZ) is a network that is usuallypresent between an internal and external network of
an organization
S
8/10/2019 Chapter 18 Network Security and Protocols
58/62
Chapter 18 58
Summary - VI
A Virtual local area network (VLAN) is a switchednetwork that is logically segmented with respect tofunctions, project teams, or applications
IEEE standard used for VLAN 802.1Q defines the
format of frame tagging and the format to be used inmulti-switched backbones
Station in a VLAN can be configured in three ways:manual, semiautomatic, and automatic
RAID uses different techniques of using multipledevices for data protection and increasing thespeeds
S VII
8/10/2019 Chapter 18 Network Security and Protocols
59/62
Chapter 18 59
Summary - VII
Network Attached Storage (NAS) is used forimplementing a server for file sharing
Storage area network (SAN) is a network whoseprimary aim is to transfer data between computer
storage devices and computer systems Tape backup becomes essential incase of a
hardware crash or damage to the server room
S VIII
8/10/2019 Chapter 18 Network Security and Protocols
60/62
Chapter 18 60
Summary - VIII
Perferct servers require reliability, speed, dataprotection and specialized hardware
NIC can be made faster by increasing the datathroughput and making the NIC smarter by making it
do more than one task at a time Reliability can be achieved by providing a secure
environment for the server and providing redundanthardware components for the server in case of
component failure
S IX
8/10/2019 Chapter 18 Network Security and Protocols
61/62
Chapter 18 61
Summary - IX
Small office/home office connection is a setup wherefew networked systems share a single Internetconnection
SSL is designed to provide security and
compression services to data generated from theapplication layer
IPSec is a protocol set that was developed byInternet Engineering Task Force (IETF) for providing
security to a packet at the network level
S X
8/10/2019 Chapter 18 Network Security and Protocols
62/62
Summary - X
Point-to-Point Tunneling Protocol (PPTP) is a
network protocol that allows secure transfer of data
from a remote client to a private server
Point-to-Point Protocol (PPP) is one of the common
protocols for point to point access
SLIP was designed to send IP datagram from one
device to another that were connected serially