1 / 19

School Net (Hong Kong) Limited

School Net (Hong Kong) Limited. Security Vulnerabilities Systems (Win2000, RH7.2) Application (Web, PhPBB, FTP). General Suggestions: Security Audit Upgrade Firewall Update Systems and Applications FREQUENTLY Change Password FREQUENTLY. Network Firewall. Application

helki
Download Presentation

School Net (Hong Kong) Limited

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. School Net (Hong Kong) Limited

  2. Security Vulnerabilities • Systems(Win2000, RH7.2) • Application (Web, PhPBB, FTP) • General Suggestions: • Security Audit • Upgrade Firewall • Update Systems and Applications FREQUENTLY • Change Password FREQUENTLY Network Firewall Application Firewall Network Attack Server Attack School Network Teachers Server Intranet Server Wifi Workstations Internet Router WebSAMS Crystal Report Workstation WebSAMS Server WebSAMS HTTP Server

  3. School Network • General Suggestions: • Security Audit • Upgrade Firewall • Update Systems and Application FREQUENTLY • Change Password FREQUENTLY Network Firewall Application Firewall • Difficulties in Daily Operation: • Method and types of attacks change rapidly, difficult for schools to follow the latest updates. • Heavy teaching work load makes it difficult to maintain and update such an complicated network security environment by teachers themselves. • Limited resources for schools to afford expensive solutions and services for commercial use. • Many companies only sell products and lack skills, knowledge and the right to modify the product they provide. Teachers Server Intranet Server Wifi Workstations Internet Router WebSAMS Crystal Report Workstation WebSAMS Server WebSAMS HTTP Server

  4. School Network Network Firewall Application Firewall Teachers Server Intranet Server Wifi Workstations Internet Router • Regular update managed by Professional Team who developed SCHOOLWALL. • Tailored for Schools in Hong Kong. • User Friendly Interface – reduce time to learn and operate. • Affordable price WebSAMS Crystal Report Workstation WebSAMS Server WebSAMS HTTP Server

  5. Latest and Upgraded Functions: • User Friendly Interface • Packet Filtering • URL Filtering • Classroom Control • Finer access control • Bandwidth control • Application Protection • Web • FTP • Email • Statistics • Expansion Module

  6. New User Friendly Interface

  7. Packet Filtering NAT Mapping Filter Rule • Static NAT

  8. URL Filtering Transparent Proxy (TCP/Port 80) Global default deny list

  9. Classroom Control Additional control on a set of fixed IP addresses Examples: IP range for staff, computer rooms Domain Blocking / Unblocking Allow List : Default deny all but allow exception in domains Deny List : Adding domain block list to global deny list Deny All : Deny all access, no exceptions Allow All : Allow all access (no blocking) Bandwidth Control Guarantee Bandwidth Maximum Bandwidth

  10. URL filter • Sendspace.com • + • Zone control “Deny List” • yahoo.com Classroom Control • Example of adding “Deny List” +

  11. Classroom Control • Bandwidth Control Testing URL: ftp://download.speedtest.com.hk/100mb.zip G – Guarantee Bandwidth M – Maximum Bandwidth Maximum Bandwidth limt the download speed

  12. Application Protection - Web • Example of blocking SQL injection Setting up Receiving Request Analysis Denied If not allowed

  13. Application Protection - FTP Set a password retry limit to the connection. If exceed the limit, the IP will be banned for a fixed period of time.

  14. Application Protection - Email Self define White / Black list • Sender blacklisting • Anti-spam mechanisms: • DNSBL • Greylisting • SPF • DKIM • Sender White / Black Listing

  15. Statistics - Network Traffic Bandwidth Graphs

  16. Statistics - Network Traffic Email Gateway Statistics

  17. Expansion Module – Server Certificate

  18. Comparison

  19. ~The End~ Thank you!

More Related