1 / 0

Infrastructure Security

Infrastructure Security. Chapter 7. Infrastructure . Infrastructure is the basic physical structures (devices) in an organization required for the correct operation. The proper use of right components may improve the performance and the security. . Devices .

mandar
Download Presentation

Infrastructure Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Infrastructure Security

    Chapter 7
  2. Infrastructure Infrastructure is the basic physical structures (devices) in an organization required for the correct operation. The proper use of right components may improve the performance and the security. Prepared by Saher Hasan Mohammed
  3. Devices A complete network consist of many different types devices. Every device in a network has a specific responsibility to perform. Devices can be used to regulate the flow of data, expand the network and provide safe working environment. Prepared by Saher Hasan Mohammed
  4. Workstations Workstations are the most common, and integral part of any network. Workstations are the machines that an end user uses to perform the daily work activities. Workstations are also called a client terminals. Workstations are prone to many security threats. Examples of workstation OS are MS Windows 95/ 2000/ XP/ Vista/ 7 Prepared by Saher Hasan Mohammed
  5. Workstations – Threats Out-of-date OS: Install the latest OS/ Security patch. No firewall between the workstation and the internet: Install a firewall. No antivirus programs installed: Install an antivirus program, and update it periodically Prepared by Saher Hasan Mohammed
  6. Workstations – Threats Unnecessary software application installed. Uninstall all the unnecessary software programs. Unnecessary hardware installed. Uninstall all the unnecessary hardware devices Unnecessary user accounts created. Remove all the user accounts, and protect the administrator account with a strong password. Prepared by Saher Hasan Mohammed
  7. Workstation – Antivirus Workstations are the primary mode of entry for a virus into a network. In a network, if one workstation is infected by a virus, then other workstations can also be infected. A virus can propagate from one computer to another when an infected file is transferred from one computer to another via an email or an optical disk. Prepared by Saher Hasan Mohammed
  8. Workstation – Antivirus Workstations should have up-to-date antivirus program installed. Antivirus programs should be updated periodically. If a workstation is infected, disconnect it from the network, remove all the file, format the workstation, install a fresh copy of up-to-date OS and antivirus program and then connect the workstation to the network. Prepared by Saher Hasan Mohammed
  9. Workstation Prepared by Saher Hasan Mohammed
  10. Server The servers are the computers in a network that host applications and data for everyone to share. Serves can host applications like email, database, print, websites. Servers use a more robust and sophisticated OS. While setting up a server, only the specific applications needed to perform an activity should be installed. Examples of Sever OS are MS Windows 2003/ 2008 Server. Prepared by Saher Hasan Mohammed
  11. Server – Antivurus The need for antivirus on a server depends on the use of the server. If the server is used as a DNS server or remote access server, then antivirus is not mandatory. If the server is used as email server or a file server, then an antivirus plays a very important role, and it must be installed and updated periodically. Prepared by Saher Hasan Mohammed
  12. Network Interface Card (NIC) To connect any workstation, server, MFP, or any network device, NIC is used. NIC can be a single port NIC or multiport NIC. The purpose of NIC is to provide lower-level functionality from the OSI model. Prepared by Saher Hasan Mohammed
  13. Repeater A repeater is a simple hardware device that receives a weak signal and regenerates it. Since the repeater creates a new signal, the distortion or attenuation is removed and the signal is made stronger. Repeaters are used at Layer 1( Physical) of the OSI Model. Repeaters are generally used to extend the coverage of a network by extending the length of the segment. Prepared by Saher Hasan Mohammed
  14. Repeater Prepared by Saher Hasan Mohammed
  15. Hub A hub is a hardware device that physically connects multiple cables, providing a common connection point. Hubs are passive devices. They will forward a message to all the nodes connected via the ports. Hubs will divide the bandwidth among all the nodes. Hubs have a single collision domain, thus collisions are more. Hubs are used at Layer 1( Physical) of the OSI Model. Prepared by Saher Hasan Mohammed
  16. Hub Prepared by Saher Hasan Mohammed
  17. Switch A switch is a special type of hub. A switch is an active device. Switch operates at the second layer (DLL) of OSI model. A switch will forward the packets only the correct destination. A switch will not divide the bandwidth, thus the transmission speed is higher. Switches have 2 collision domains, thus reducing the amount of collisions Prepared by Saher Hasan Mohammed
  18. Switch Prepared by Saher Hasan Mohammed
  19. Bridges A bridge is software or a hardware device that connects two LAN’s or two segments of the same LAN. Bridge is a layer 2 (DLL) device. Two LAN’s or the two segments of the same LAN must use the same data link protocol. Example (Ethernet, Token, Ring) Prepared by Saher Hasan Mohammed
  20. Bridges Types Transparent Bridge: Connects two LAN’s that use the same data link protocol. Ethernet network– Ethernet network. Token ring network – Token ring network. Translating Bridge: Connects two LAN’s that use different data link protocol. Ethernet network– Token ring network. Token ring network – Ethernet network. Prepared by Saher Hasan Mohammed
  21. Bridges Prepared by Saher Hasan Mohammed
  22. Router Routers are hardware devices used to forward the data packets between different networks. Routers intelligent devices, they have routing protocols and store the path information in the routing tables. Routers operate at the third layer (Network) of OSI model. Since the routers are geographically separated, they can be accessed remotely via SNMP. This poses a security threat. Prepared by Saher Hasan Mohammed
  23. Routers Routers can be static or dynamic. Static – the routing table cannot be changes. Dynamic – the routing table can change depending on the situation to find the next best route. Prepared by Saher Hasan Mohammed
  24. Router Prepared by Saher Hasan Mohammed
  25. Gateways A gateway is a node on a network that serves as an entrance to another network. Gateway is a device that uses software to connect networks with different architecture by performing protocol conversion at the application level. Gateway operates at all the 7 layers of the OSI Model. Prepared by Saher Hasan Mohammed
  26. Gateways Prepared by Saher Hasan Mohammed
  27. Firewalls A firewall is a network device-hardware, software, or a combination. The main purpose of a firewall is to enforce a security policy across its connections. Security policies are a series of rules that define what traffic is permissible and what traffic is to be blocked or denied. The corporate connection to the internet must go through a firewall, this blocking all the unwanted access to the internet. Prepared by Saher Hasan Mohammed
  28. Firewall Firewalls can enforce the security policies through the following mechanisms: Network Address Translation Basis Packet Filtering Access Control Lists Prepared by Saher Hasan Mohammed
  29. Firewall Prepared by Saher Hasan Mohammed
  30. Wireless Wireless devices being additional security concerns. Since wireless devices do not have any physical medium, and used radio waves and infrared to carry out the data transmission, it is very difficult to control who can view the data. Unsecured and unprotected wireless routers can pose a severe security threat to the corporate network. Prepared by Saher Hasan Mohammed
  31. Wireless Prepared by Saher Hasan Mohammed
  32. Modems Modem is a short name for modulator/ demodulator. It converts analog signals to digital signals and vice versa. A digital subscriber line (DSL) modem provides a direct digital connection between a subscribers computer and an Internet connection at the local telephone company’s switching station. This private connection offers some degree of security and privacy. Prepared by Saher Hasan Mohammed
  33. Modems Cable modems are set up in a shared arrangement, this allows the neighbor to sniff the network traffic. Cable modems were designed to share the party line in the terminal signal area. Cable modems use Data Over Cable Service Interface Specification (DOCSIS) standard to facilitate the communication. Cable and DSL services were designed for continuous connection. Prepared by Saher Hasan Mohammed
  34. Modem Prepared by Saher Hasan Mohammed
  35. Cable/ DSL Security The modem connection provides a direct network connection between the modem equipment and the client computer. There is no inherent security mechanism in this setup. The best security measure in the Cable/ DSL setup is the use of a firewall. Prepared by Saher Hasan Mohammed
  36. Telecom/ PBX Private branch exchanges are an extension of the public telephone network into a business. PBX serves a particular business or an office. PBX’s are computer based switching equipment designed to connect telephones into the local phone system. PBX’s can be hacked via a phone hacker, also called as phreakers. Telephone firewalls must be used to regulate the telecommunication. Prepared by Saher Hasan Mohammed
  37. Telecom/ PBX Prepared by Saher Hasan Mohammed
  38. Intrusion Detection System (IDS) IDS are systems designed to detect, log, and respond to unauthorized network or host use, both in real time and after the fact. IDS are of two types, network-based systems and host based systems. IDS have two primary methods of detection, signature-base and anomaly-base. Prepared by Saher Hasan Mohammed
  39. Intrusion Detection System (IDS) Network-based IDS solutions are connected to a segment of network where they examine all of the passing packets. Using signature of known attacks, a network IDS can observe misuse of the network. Network IDS should be placed at critical parts of the corporate network. Ideally, at the port of entry into the network. Prepared by Saher Hasan Mohammed
  40. Intrusion Detection System (IDS) Segment 1 Internet Switch A F I R E W A L L Router Segment 2 IDS Switch B Prepared by Saher Hasan Mohammed
  41. Intrusion Detection System (IDS) A host based IDS works by collecting the information from all of the servers on the network. The IDS collects all this information and analyze it to detect any pattern of unauthorized usage. Host based IDS works well for small networks, but for large networks, its becomes an issue to collect and analyze all the information. Prepared by Saher Hasan Mohammed
  42. Intrusion Detection System (IDS) The anomaly method works by analysis statistical patterns of usage of a network. A network pattern is prepared under normal operating conditions. If there is any significant deviation from this normal pattern, an alert is generated. This method is good for detecting a large scale deviation. For a smaller deviation, anomaly method can raise a false alarm. Prepared by Saher Hasan Mohammed
  43. Mobile Devices Mobile devices like PDS’s, smart phones and tablets can add security threats to a corporate network. When synchronizing the mobile device with the office computer, there are chances of introducing a virus/ bug into the network. Prepared by Saher Hasan Mohammed
  44. Security Concerns for the Devices Any network device can be hacked and misused if it is not properly configured and physically secured. The best way to secure a network device is by correctly configuring it, setting the correct access controls and using strong passwords. Prepared by Saher Hasan Mohammed
  45. Media Media is the base for communication between devices. Media operates at the layer 1 (physical layer) of the OSI model. Common types of media used are, Coaxial cable Twisted-pair cable Fiber-optics Wireless Prepared by Saher Hasan Mohammed
  46. Coaxial Cable (coax) Coaxial cables are very common in connecting TV’s to cable services or satellite. It is used in these areas because of its high bandwidth and shielding capabilities. Coax cables are less prone to the external interferences, but very costly to run. Prepared by Saher Hasan Mohammed
  47. Coaxial Cable (coax) Prepared by Saher Hasan Mohammed
  48. Twisted-pair Cable Twisted-pair cables have replaced the coax cables in the Ethernet networks. Twisted-pair cables use the same technology used by the phone company for the movement of electrical signals. Twisted-pair cables come if two forms, Unshielded Twisted-pair cables Shielded Twisted-pair cables Prepared by Saher Hasan Mohammed
  49. Twisted-pair Cable Shielded twisted-pair Cable (STP) has a foil shield around the pairs to provide extra shielding from electromagnetic interference. Unshielded twisted-pair Cable (UTP) has no such foil around it. It uses the actual twists to eliminate interference. STP provides better communication, but it is expensive compared to UTP. Prepared by Saher Hasan Mohammed
  50. Twisted-pair Cable The standard method of connecting twisted-pair cables is via a 8-pin connector called RJ-45 connector. Twisted-pair cables are divided into three categories depending upon their transmission speed. Prepared by Saher Hasan Mohammed
  51. Twisted-pair Cable Prepared by Saher Hasan Mohammed
  52. Fiber Optic Cables Fiber optic cable uses a beam of laser light to connect devices over a thin glass wire. The biggest advantage of fiber optic cables is the higher bandwidth. These cables are used as a backbone to all the large networks and internet. The biggest disadvantage of fiber optic cables is the cost. Prepared by Saher Hasan Mohammed
  53. Fiber Optic Cables Making connection to a fiber optic cable is very difficult/ impossible. It is very difficult to splice a fiber optic. Making the precise connections on the end of fiber optic line is a highly skilled job and is done by a specifically trained professionals. Once the connector is fitted on the end, several forms of connectors and blocks are used to make new connections. Prepared by Saher Hasan Mohammed
  54. Fiber Optic Cable Prepared by Saher Hasan Mohammed
  55. Fiber Optic Cable Prepared by Saher Hasan Mohammed
  56. Unguided Media Unguided media is a phrase used to cover all transmission media not guided by wire or fiber. Unguided media includes radio frequency (RF), infrared (IR) and microwave methods. Unguided media have one attribute in common, that they are unguided and can travel to many machines simultaneously. Prepared by Saher Hasan Mohammed
  57. RF/Microwave Radio Frequency (RF) is the most common and widely used method of wireless communication. RF waves uses variety of frequency bands, each with special characteristics. Microwave is used to describe a specific portion of the RF spectrum that is used for communication as well as other tasks such as cooking. Prepared by Saher Hasan Mohammed
  58. RF/Microwave Advantages of Microwaves Microwaves can penetrate through thick walls Microwaves can propagate through rough terrain Microwaves have broadcast capability Microwaves provide cost-effective solutions Prepared by Saher Hasan Mohammed
  59. Infrared (IR) IR is a band of electromagnetic energy just beyond the red end of the visible spectrum. IR is commonly used in remote control devices, wireless devices like printers, keyboards, mice and PDA’s. Drawbacks of IR Slow Cannot penetrate thick walls Prepared by Saher Hasan Mohammed
  60. Security Concerns for Transmission Media Obtaining physical, unauthorized access to the media can have severe consequences. The ability to observe the network traffic; username, password and data is called as sniffing. War driving involves using a laptop and software to find wireless networks from outside the premises. It is mainly used to locate a wireless network with poor or no security and obtaining free internet access. Prepared by Saher Hasan Mohammed
  61. Removable Media Advancement of technology has reduced the size of storage devices, cost and increased the storage capacity. Examples of removable media are Hard drives (portable external HD) Diskettes (floppy drives) Tapes (magnetic tapes) Optical media (CD and DVD) Electronic media (SD cards) Prepared by Saher Hasan Mohammed
  62. Security Concerns for Removable Media Since the removable media is portable and small in size, it can easily be stolen. This results in the loss of critical information. Common way to prevent this loss Store all the important information on a server, not on a portable media If portable media is not necessary then remove it from the computer Prepared by Saher Hasan Mohammed
  63. Security Topology - DMZ Inner Firewall Outer Firewall Server Server Un-trusted Zone – Internet Trusted Zone – Internal Network Semi-trusted Zone - DMZ Prepared by Saher Hasan Mohammed
  64. Security Topology - DMZ The DMZ acts like a buffer zone between the Internet (un-trusted zone) and internal network (trusted zone). A firewall is used to clearly demarcate the zones and enforce the separation of zones. Special attention must be given to all the devices within the DMZ as they can be accessed by unauthorized users. Special security measures are used for all the devices within the DMZ. Any server directly accessed from un-trusted zone must be present in a DMZ. Prepared by Saher Hasan Mohammed
  65. Security Topology – Tunneling Tunneling is a method of packaging packets so that they can travel a network in a secure and confidential manner. Each network uses a IPSec router, these routes establish a secure and confidential path by using VPN. These encrypted packets are not visible to outside routers, thus creating a tunnel across the Internet and establish a private connection, secure from outside use. Prepared by Saher Hasan Mohammed
  66. Security Topology – Tunneling Public Internet Tunnel IPSec Routers IPSec Routers Riyadh Office Jeddah Office Prepared by Saher Hasan Mohammed
More Related