Scribd
Upload
77 views18 pages

Chapter 1 - Introduction

The document discusses network security systems and technologies. It covers topics such as the need for network security, security objectives, vulnerabilities, threats, attacks, and defense mechanisms.

Uploaded by

Aníbal Calle
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
77 views18 pages

Chapter 1 - Introduction

The document discusses network security systems and technologies. It covers topics such as the need for network security, security objectives, vulnerabilities, threats, attacks, and defense mechanisms.

Uploaded by

Aníbal Calle
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd

Security Systems and Technologies

Introduction

2005 Cisco Systems, Inc. All rights reserved. 1


Learning Objectives

The Need for Network Security


Information Security Objectives
Introduction to Vulnerabilities, Threats, and Attacks
Defense mechanisms

2005 Cisco Systems, Inc. All rights reserved. 2


The Closed Network

2005 Cisco Systems, Inc. All rights reserved. 3


The Network Today

2005 Cisco Systems, Inc. All rights reserved. 4


Network Security Models

2005 Cisco Systems, Inc. All rights reserved. 5


Trends that Affect Security

Increase of network attacks


Increased sophistication of attacks
Increased dependence on the network
Lack of trained personnel
Lack of awareness
Lack of security policies
Wireless access
Legislation
Litigation

2005 Cisco Systems, Inc. All rights reserved. 6


Legal and Governmental
Policy Issues

Organizations that operate vulnerable networks


will face increasing and substantial liability.
US Federal legislation mandating security
includes the following:
GLB financial
services legislation
Government Information Security
Reform Act
HIPAA
CIPA

2005 Cisco Systems, Inc. All rights reserved. 7


Security Goals

Confidentiality

Integrity Avaliability

2005 Cisco Systems, Inc. All rights reserved. 8


Security Services
Confidentiality (privacy)

Authentication (who created or sent the data)

Integrity (has not been altered)

Non-repudiation (the order is final)

Access control (prevent misuse of resources)

Availability (permanence, non-erasure)

Denial of Service Attacks

Virus that deletes files


2005 Cisco Systems, Inc. All rights reserved. 9
Network Vulnerabilities

Technology
Configuration
Policy

2005 Cisco Systems, Inc. All rights reserved. 10


Threat CapabilitiesMore
Dangerous and Easier to Use

2005 Cisco Systems, Inc. All rights reserved. 11


Network Threats

There are four general categories of security threats to the


network:
Unstructured threats
Internal
Structured threats
exploitation
Internet Dial-in
External threats exploitation
Internal threats

Compromised
host

2005 Cisco Systems, Inc. All rights reserved. 12


2005 Cisco Systems, Inc. All rights reserved. 13
Security Attacks

2005 Cisco Systems, Inc. All rights reserved. 14


Security Attacks

Interruption: This is an attack on availability


Interception: This is an attack on confidentiality
Modification: This is an attack on integrity
Fabrication: This is an attack on authenticity

2005 Cisco Systems, Inc. All rights reserved. 15


Four Classes of Network Attacks

Reconnaissance attacks
Access attacks
Denial of service attacks
Worms, viruses, and Trojan horses

2005 Cisco Systems, Inc. All rights reserved. 16


Specific Attack Types

All of the following can be used to compromise your system:


Packet sniffers
IP weaknesses
Password attacks
DoS or DDoS
Man-in-the-middle attacks
Application layer attacks
Trust exploitation
Port redirection
Malware

2005 Cisco Systems, Inc. All rights reserved. 17


Methods of Defense

Perimeter defenses: fw, nips, anti-x, apt, etc.


Encryption
Software Controls: hips, dlp, restriction policies,
vulnerability analysis, security monitoring.
Hardware Controls (smartcards, tokens)
Physical Controls
Information Security Policy & Information Security
Management Systems

2005 Cisco Systems, Inc. All rights reserved. 18

You might also like