NETWORK NETWORK SECURITY SECURITY -Jitin Kollamkudy
NETWORKNETWORK SECURITY SECURITY
-Jitin Kollamkudy
Introduction• Consists of the provisions and policies
adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.
• Involves the authorization of access to data in a network, which is controlled by the network administrator.
• Involved in organizations, enterprises, and other types of institutions.
• Secures the network, as well as protecting and overseeing operations being done.
DEVICES FOR NETWORK SECURITY
1. Antivirus: – Used to prevent, detect & remove
malware such as computer viruses, adware, backdoors, malicious BHOs, dialers, fraudtools, hijackers, keyloggers, malicious LSPs, rootkits, spyware, trojan horses and worms
– Computer security, like protection from social engineering techniques, is commonly offered in products and services of antivirus software companies.
• Methods to identify malware – Signature-based detection–Heuristics– Rootkit detection– Real-time protection
2.PROXY
– Acts as an intermediary for requests from clients seeking resources from other servers
– The Process– Most proxies are web proxies, facilitating
access to content on the World Wide Web.
•Types of Proxy– Forward proxies– Open proxies– Reverse proxies– Performance Enhancing Proxies
3. FIREWALL
•A firewall is like a castle with a drawbridge–Only one point of access into the
network– This can be good or bad
•Can be hardware or software– Ex. Some routers come with firewall
functionality– ipfw, ipchains, pf on Unix systems,
Windows XP and Mac OS X have built in firewalls
• To control the incoming and outgoing network traffic by analyzing the data packets and determining whether it should be allowed through or not, based on a predetermined rule set
• Builds a bridge between an internal network and external (inter)network, such as the Internet
Intranet
DMZInternet
Firewall
Firewall
Web server, email server, web proxy, etc
Internet
4. INTRUSION PREVENTION SYSTEM(IPS)•Also known as intrusion detection and prevention systems (IDPS)•Network security appliances that monitor network and/or system activities for malicious activity. •Main functions of intrusion prevention systems are– To identify malicious activity– Log information about said activity– Attempt to block/stop activity, and report
activity
Classifications• Network-based intrusion prevention
system (NIPS)• Wireless intrusion prevention
systems (WIPS)• Network behavior analysis (NBA)• Host-based intrusion prevention
system (HIPS)
TCP/IP• Transmission Control Protocol /
Internet Protocol.• It is a layered set of protocols that
governs the internet.• It is a standard protocol that allows
computers from different manufactures to talk together using a common means of expression.
Advantages of TCP/IP• TCP/IP can be used to establish connections
between different types of computers and servers. Providing this type of interoperability is one of the main advantages of TCP/IP.
• TCP/IP is an industry standard, open protocol. This means that it is not controlled by one institute.
• TCP/IP operates independently of the operating system.
• TCP/IP includes support for a number of routing protocols.
• Enables internetworking between organizations
Disadvantages
• IPX is faster than TCP/IP.• TCP/IP is intricate to set up and
manage.• The overhead of TCP/IP is higher than
that of IPX
UDP
• User Datagram Protocol• The protocol was designed by David
P. Reed in 1980 and formally defined in RFC 768.
• The set of network protocols used for the Internet.
• UDP uses a simple transmission model with a minimum of protocol mechanism.
THANK YOU!