Team project and presentation on network security Grading: Team organization (1) material should not be repeated by multiple team members material should be integrated with other team members Presentation (2) oral presentation cannot be limited to reading slides Technical material (3) Written report; Saying it in your own words (not copied except for specifically referenced) (2) Ability to answer questions on any terminology that you include in your presentation (1) Enhancement with examples, diagrams, ad hoc explanations (1) Following are some possible areas to be covered. See me on your choice. Each starred item is a potential topic for presentation. Hardware: The Policy: protect from hardware failures (wearing out or malicious) The problem: hardware may wear out or break employees may damage hardware The solution: Redundancy* Power redundancy UPS Computational redundancy distributed systems Storage redundancy multiple copies at primary site (RAID, SANs, network drives) backup at contingency site (distributed system) I/O redundancy network peripherals Data redundancy audits, logs, backups SANs also assists the intrusion problem and other failures Major metric: availability (percentage of up time) ex: critical-care organizations have requirements of < .001% down time (about 13 seconds per year) Privacy: The Policy: Protect from nonauthorized reading of information Problems: all networks, but wireless networks particularly, are vulnerable to privacy (read) intrusion identity theft* spyware* unauthorized sniffing* use Packetyzer to enhance presentation traffic analysis legal problems about government & company access will not be discussed here Solutions: Encryption IPSec* Public/private key encryption* & secret key encryption Also part of the solution for authentication Partitioning networks switches, bridges, VPNs*, VLANs, small cells (authorized) Sniffing for unauthorized access points, open ports, unauthorized traffic Protection (internal): The Policy: Protect from incorrect employee use The problem: personnel may purposely or inadvertently misuse system Human errors Carelessness in Patch management Carelessness in passwords Carelessness in providing information to outsiders The solutions: access rights/domains/capability matrices* dual mode stack & buffer overflow hardware* virtual machines, such as the Java machine* limit physical access closets, rooms, bridges and switches, firewalls Protection (external) The Policy: Protect from intruders: Protection from unauthorized output procedures (integrity protection) The problem: The Internet is open to all; many private networks use internet technology The (attempted ) solutions: Password policy Authentication policy Authorization policy Virus protection software Access rights Audit trails and logs to trace Viruses, worms, Trojan horses* email and newsgroup tracing Back ups to recover from intrusion Firewalls* Filtering for denial of service attacks and spoofing* AI software for SPAM Partitioning networks; VPNs Fiber optics and wire encased in gas to prevent tapping Secure Sockets Layer (SSL & TLS)* SSH* IPSec* VPNs* tripwire steganography* Filters for DOS, DDOS* Other possible classification schemes: Data vulnerability: when it is accessed (access rights, authentication, viruses) when it is in transit (encryption; firewalls, physical protection) when it is stored (physical protection, access, authentication, firewalls) when it is managed (access, authentication, employee protection) Point of application of prevention schemes in Network Architecture Physical layer data link layer network layer transport layer application layer