Network Security

NETWORKNETWORK SECURITY SECURITY

-Jitin Kollamkudy

Introduction• Consists of the provisions and policies

 adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.

• Involves the authorization of access to data in a network, which is controlled by the network administrator.

• Involved in organizations, enterprises, and other types of institutions.

• Secures the network, as well as protecting and overseeing operations being done.

DEVICES FOR NETWORK SECURITY

1. Antivirus: – Used to prevent, detect & remove

malware such as computer viruses, adware, backdoors, malicious BHOs, dialers, fraudtools, hijackers, keyloggers, malicious LSPs, rootkits, spyware, trojan horses and worms

– Computer security, like protection from social engineering techniques, is commonly offered in products and services of antivirus software companies.

• Methods to identify malware – Signature-based detection–Heuristics– Rootkit detection– Real-time protection

2.PROXY

– Acts as an intermediary for requests from clients seeking resources from other servers

– The Process– Most proxies are web proxies, facilitating

access to content on the World Wide Web.

•Types of Proxy– Forward proxies– Open proxies– Reverse proxies– Performance Enhancing Proxies

3. FIREWALL

•A firewall is like a castle with a drawbridge–Only one point of access into the

network– This can be good or bad

•Can be hardware or software– Ex. Some routers come with firewall

functionality– ipfw, ipchains, pf on Unix systems,

Windows XP and Mac OS X have built in firewalls

• To control the incoming and outgoing network traffic by analyzing the data packets and determining whether it should be allowed through or not, based on a predetermined rule set

• Builds a bridge between an internal network and external (inter)network, such as the Internet

Intranet

DMZInternet

Firewall

Firewall

Web server, email server, web proxy, etc

Internet

4. INTRUSION PREVENTION SYSTEM(IPS)•Also known as intrusion detection and prevention systems (IDPS)•Network security appliances that monitor network and/or system activities for malicious activity. •Main functions of intrusion prevention systems are– To identify malicious activity– Log information about said activity– Attempt to block/stop activity, and report

activity

Classifications• Network-based intrusion prevention

system (NIPS)• Wireless intrusion prevention

systems (WIPS)• Network behavior analysis (NBA)• Host-based intrusion prevention

system (HIPS)

TCP/IP• Transmission Control Protocol /

Internet Protocol.• It is a layered set of protocols that

governs the internet.• It is a standard protocol that allows

computers from different manufactures to talk together using a common means of expression.

Advantages of TCP/IP• TCP/IP can be used to establish connections

between different types of computers and servers. Providing this type of interoperability is one of the main advantages of TCP/IP.

• TCP/IP is an industry standard, open protocol. This means that it is not controlled by one institute.

• TCP/IP operates independently of the operating system.

• TCP/IP includes support for a number of routing protocols.

• Enables internetworking between organizations

Disadvantages

• IPX is faster than TCP/IP.• TCP/IP is intricate to set up and

manage.• The overhead of TCP/IP is higher than

that of IPX

UDP

• User Datagram Protocol• The protocol was designed by David

P. Reed in 1980 and formally defined in RFC 768.

• The set of network protocols used for the Internet.

• UDP uses a simple transmission model with a minimum of protocol mechanism.

THANK YOU!