1 / 12

Network Updates and Security Solutions

Stay updated on the latest network upgrades and security solutions, including Nortel 8600 upgrades, Shasta replacement update, Fortigate 3600 firewall, Allot NetEnforcer, and more.

macw
Download Presentation

Network Updates and Security Solutions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. WINS Monthly Meeting10/1/2004

  2. Agenda • Introductions • Nortel 8600 Upgrades • Nortel Designated SE • Shasta Replacement Update • Fortigate 3600 • Allot NetEnforcer • Dorm Students Return… Argh! • Campus Manager? • Question & Answers

  3. Introductions • Name • Title • Location

  4. Nortel 8600 Upgrade • Was running 3.2.1 • Hardware Memory upgraded from 64M to 256M • Software Upgrade to 3.5.3 • Spanning Tree issues at Garnet Valley from misconfig • No other problems • First Upgrade on July 1 and last on July 20th

  5. Nortel Designated SE • Past Tom Desilets, Nortel, Designated Direct Sales • Tim Slattery, CNI, Designated Reseller • Nortel SE, Product specific, available • Gladys Kline – Now Nortel Designated SE • gcornist@nortelnetworks.com • Office 610 370 9838 • Cell 610 698 8282

  6. Shasta Replacement Update • Review conversation issue • Problem areas Widener Academic and Dorms • Lab testing done in June • Dorms cutover in July • Widener Academic cutover in Aug • Still to move : Tech Park, Computer Science, and DCIU Districts

  7. Widener Fortigate 3600 Interfaces 10/100Base-T Ports 1 1000Base-SX Ports (Fiber) 4* 1000Base-T Ports (Copper) 2 System Performance Concurrent sessions 1,000,000 New sessions/second 25,000 Firewall throughput (Gbps) 4Gbps 168-bit Triple-DES throughput (Mbps) 600 Unlimited concurrent users • Policies 50,000 Schedules 256 • Installed in July • Detects, quarantines, and eliminates viruses and • worms in real-time. Scans incoming and • outgoing email attachments (SMTP, POP3, • IMAP), HTTP and FTP traffic including web-based • email, and encrypted VPN tunnels – without • degrading Web performance • Detection and prevention of over 1300 intrusions • and attacks, including DoS and DDoS attacks, • based on user-configurable thresholds. Automatic • updates of IPS signatures from FortiProtect • Network • Processes all Web content to block inappropriate • material and malicious scripts via URL blocking • and keyword/phrase blocking • Industry standard stateful inspection firewall • Industry standard PPTP, L2TP, and IPSec VPN • support • FortiGate units can be deployed in conjuction • with existing firewall and other devices to • provide antivirus, content filtering, and other • content-intensive applications Fortinet FortiGate-3600 – Product of the Year - Gold Award – Enterprise firewall system searchNetworking.com February 2004 A fortress in a box – FortiGate 3600 offers a smorgasbord of security services on one machine FCW.com October 2003

  8. Allot NetEnforcer • Provide Internet access to bandwidth-hungry students without compromising on resources needed for teaching and research--or the business of running a university. Limit P2P music-sharing and non-essential applications at peak hours while guaranteeing bandwidth for mission-critical applications. Create service level agreements (SLAs) for classes of users and offer ISP-style classes of services. Filter Internet content to increase students' and educators' productive use of network resources and to reduce bandwidth contention between "fun" content and research- or work-related applications. Cache redirection software package, enables caching for fast response time Accounting provides browser-based traffic statistics and reports.

  9. Widener Internet Solution

  10. Dorm Students Return… Argh! • 'Twas the night before Check-in, when all thro' the campus, Not a creature was stirring, not even a Virus; • Fortigate CPU Maxed out • Allot indicated 128000 conversations • Allot increased to 500000 and recorded 350000 • Dorms disconnected and reconnected one at a time • Isolated to one PC streaming 300000 conversations • Placed Attack Mitigator on Dorm • Found students that did not update windows OS or let anti-virus software expire • Shut down over 150 PC’s to date • Virus/Worms to few to mention… but we will! • Ground Hogs Day!!!!

  11. Campus Manager • Register Network Users • • Import and synchronize user and group information from a network directory server i.e. Active Directory, Novell Directory Services, Sun ONE Directory Server, or any Lightweight Directory Access Protocol (LDAP) system server. • • Import user information from a delimited text file. • Proactively Deal with Unregistered Network Users • • Unregistered users connecting to the network can be denied network access. A typical rollout plan, in single VLAN network environments, is to permit users access for a period of time to allow for user registration and after the specified period of time unregistered users are denied network access. • Identify who is accessing the Network • • A real time view of who is connected to the network. • Locate Network Users • • The ability to locate where a user is currently online or was last online given the user’s first or last name, network address, physical network address, or a physical location. • Connection Based Scanning • • Scan / test network computers and servers as they access the network. • Restrict / Deny an individual Network Access • • Proactively schedule usage policies to restrict or deny network access. React to network access issues on a case-by-case basis and restrict or deny user network access. • Enable / Disable Ports • • Proactively schedule policies to enable and disable ports. React to network access issues on a case-by-case basis and enable or disable ports.

  12. Questions & Answers • Next Meeting Friday Nov 5th

More Related