Network Perimeter Defense - PowerPoint PPT Presentation

1 / 11
About This Presentation
Title:

Network Perimeter Defense

Description:

Minimalism. Rarely used in software design. Unusual parameter combinations. Number of interactions ... Minimalism. Processes, not solutions ... – PowerPoint PPT presentation

Number of Views:62
Avg rating:3.0/5.0
Slides: 12
Provided by: josef60
Category:

less

Transcript and Presenter's Notes

Title: Network Perimeter Defense


1
Network Perimeter Defense
Josef Pojsl, jp_at_tns.cz Martin Machácek,
mm_at_tns.cz Trusted Network Solutions, Inc.
2
Traditional techniques
  • IP filtering gateways
  • Proxy gateways
  • Combinations (defense in depth)

Internal Network
Internet
3
Perimeter expansion
  • Increased bandwidth
  • Remote offices
  • Telecommuters
  • Roaming users
  • Partners
  • Technology
  • Cryptography
  • VPNs

Internal Network
Internal Network
Internet
4
Role of communication
  • Growing dependence on IT systems
  • Paperwork replaced with electronic data
  • As a consequence
  • Greater potential of attacks and vulnerabilities
  • Data integrity attacks
  • Harder detection
  • Automation
  • Complexity
  • Technology
  • Cryptography
  • Content scaning
  • Intrusion detection
  • Vulnerability scanning

5
Complexity
Intrusion detection
Vulnerability scanner
Internal Network
Internal Network
Internal Network
Content scanner
Firewalls
VPNs
Internal servers
Internet
Public servers
6
Risk Assessment
  • Risk factors
  • Worth
  • Attraction
  • Threat
  • Vulnerability
  • Probability
  • Countermeasures
  • Prevention
  • Detection
  • Reaction

High-risk environments risk factors are
relatively high
7
Security processes
  • Every day
  • New processes are being transformed into
    electronic forms
  • New vulnerabilities and patches emerge
  • Event logs must be analyzed
  • Appropriate actions must be taken
  • Etc.
  • As a consequence
  • Security is a process
  • Services serve better than products
  • Expert teams specialized in security are needed
  • Some processes may be (internally) outsourced

8
Fighting complexity
  • Minimalism
  • Rarely used in software design
  • Unusual parameter combinations
  • Number of interactions
  • Modularity
  • Modules are more easily verifiable
  • Well-defined interfaces between modules
  • Minimal design
  • Customization

9
Event logging
  • Full, fine-grained event logs are vital for
    detection
  • Easy to process, human readable
  • Log analysis statistics, expert systems, manual

Audit Logs
10
Open architecture
  • Not necessarily open-source
  • Source code serves for
  • Verification
  • Documentation
  • No security through obscurity
  • No breakthroughs
  • Compliance with open standards

11
Conclusion
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Network Perimeter Defense" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!