Вы находитесь на странице: 1из 18

Security Systems and Technologies

Introduction

2005 Cisco Systems, Inc. All rights reserved.

Learning Objectives

The Need for Network Security

Information Security Objectives

Introduction to Vulnerabilities, Threats, and Attacks

Defense mechanisms

2005 Cisco Systems, Inc. All rights reserved.

The Closed Network

2005 Cisco Systems, Inc. All rights reserved.

The Network Today

2005 Cisco Systems, Inc. All rights reserved.

Network Security Models

2005 Cisco Systems, Inc. All rights reserved.

Trends that Affect Security


Increase of network attacks
Increased sophistication of attacks
Increased dependence on the network
Lack of trained personnel
Lack of awareness
Lack of security policies
Wireless access
Legislation
Litigation

2005 Cisco Systems, Inc. All rights reserved.

Legal and Governmental


Policy Issues

Organizations that operate vulnerable


networks will face increasing and substantial
liability.
US Federal legislation mandating security
includes the following:
GLB financial
services legislation
Government Information
Security Reform Act
HIPAA
CIPA

2005 Cisco Systems, Inc. All rights reserved.

Security Goals

Confidentiality

Integrity

2005 Cisco Systems, Inc. All rights reserved.

Avaliability

Security Services
Confidentiality (privacy)
Authentication (who created or sent the data)
Integrity (has not been altered)
Non-repudiation (the order is final)
Access control (prevent misuse of resources)
Availability (permanence, non-erasure)
Denial of Service Attacks
Virus that deletes files
2005 Cisco Systems, Inc. All rights reserved.

Network Vulnerabilities
Technology
Configuration
Policy

2005 Cisco Systems, Inc. All rights reserved.

10

Threat CapabilitiesMore
Dangerous and Easier to Use

2005 Cisco Systems, Inc. All rights reserved.

11

Network Threats
There are four general categories of security threats to the
network:
Unstructured threats
Structured threats
External threats
Internal threats

Internet
Ex
ex tern
plo al
i ta
t io
n

Dial-in
exploitation

Internal
exploitation

Compromised
host

2005 Cisco Systems, Inc. All rights reserved.

12

2005 Cisco Systems, Inc. All rights reserved.

13

Security Attacks

2005 Cisco Systems, Inc. All rights reserved.

14

Security Attacks
Interruption: This is an attack on availability
Interception: This is an attack on confidentiality
Modification: This is an attack on integrity
Fabrication: This is an attack on authenticity

2005 Cisco Systems, Inc. All rights reserved.

15

Four Classes of Network Attacks


Reconnaissance attacks
Access attacks
Denial of service attacks
Worms, viruses, and Trojan horses

2005 Cisco Systems, Inc. All rights reserved.

16

Specific Attack Types


All of the following can be used to compromise your system:
Packet sniffers
IP weaknesses
Password attacks
DoS or DDoS
Man-in-the-middle attacks
Application layer attacks
Trust exploitation
Port redirection
Malware

2005 Cisco Systems, Inc. All rights reserved.

17

Methods of Defense
Perimeter defenses: fw, nips, anti-x, apt, etc.
Encryption
Software Controls: hips, dlp, restriction policies,
vulnerability analysis, security monitoring.
Hardware Controls (smartcards, tokens)
Physical Controls
Information Security Policy & Information Security
Management Systems

2005 Cisco Systems, Inc. All rights reserved.

18