Académique Documents
Professionnel Documents
Culture Documents
RAVI KUMAR (EC 7th Sem,ASCT) SAQUIB ARSHAD (EC 7th Sem,ASCT)
ravi.asctec@gmail.com saquibsecure@gmail.com
Types of firewalls
a. Filtering firewalls
Security Tools b. Application level firewall
After the potential sources of threats
and the types of damage that can occur 3. Intrusion Detection
have been identified, putting the proper A network-based intrusion detection
security policies and safeguards in system (IDS) provides around-the-
place becomes much easier. clock network surveillance. An IDS
analyzes packet data streams within a policies that are implemented should
network, searching for unauthorized control who has access to which areas
activity, such as attacks by hackers, of the network and how unauthorized
and enabling users to respond to users are going to be prevented from
security breaches before systems are entering restricted areas. Therefore the
compromised. When unauthorized security policies management function
activity is detected, the IDS can send should be assigned to people who are
alarms to a management console with extremely trustworthy and have the
details of the activity and can often technical competence require. Security
order other systems, such as routers, to policies includes following asserts.
cut off the unauthorized sessions.
1. Identity
4. Encryption Once your policies are set, identity
Encryption technology ensures that methods and technologies must be
messages cannot be intercepted or read employed to help positively
by anyone other than the authorized authenticate and verify users and their
recipient. Encryption is usually access privileges.
deployed to protect data that is
transported over a public network and 2. Passwords
uses advanced mathematical Making sure that certain areas of the
algorithms to “scramble” messages and network are “password protected” only
their attachments Encryption provides accessible by those with particular
the security necessary to sustain the passwords—is the simplest and most
increasingly popular VPN technology. common way to ensure that only those
They are deployed to connect who have permission can enter a
telecommuters, mobile workers, particular part of the network.
branch offices, and business partners to
corporate networks or each other. The golden rules, or policies, for
passwords are:
5. Network Scanning • Change passwords regularly
Network scanners conduct detailed • Make passwords as meaningless as
analyses of networked systems to possible
compile an electronic inventory of the • Never divulge passwords to anyone
assets and detect vulnerabilities that until leaving the company work.
could result in a security compromise.
This technology allows network 3. Access Control
managers to identify and fix security Before a user gains access to the
weaknesses before intruders can network with his password, the
exploit them. network must evaluate if the password
is valid. Access control servers
validate the user’s identity and
Security Policies determine which areas or information
When setting up a network, whether it
the user can access based on stored
is a local area network (LAN), virtual
user profiles.
LAN (VLAN), or wide area network
(WAN), it is important to initially set
4. Digital Certificates
the fundamental security policies.
Digital certificates or public key
Security policies are rules that are
certificates are the electronic
electronically programmed and stored
equivalents of driver’s licenses or
within security equipment to control
passports, and are issued by designated
such areas as access privileges. The
Certificate Authorities (CAs).Digital
certificates are most often used for The Result
identification when establishing secure
tunnels through the Internet, such as in As time goes on, more and more new
virtual private networking (VPN). technology will be developed to further
improve the efficiency of business and
Top Ten Security Tips communications. At the same time,
breakthroughs in technology will
1. Encourage or require provide even greater network security,
employees to choose passwords therefore, greater piece of mind to
that are not obvious. operate in cutting edge business
environments. Provided that
2. Require employees to change enterprises stay on top of this emerging
passwords every 90 days. technology, as well as the latest
security threats and dangers, the
3. Make sure your virus benefits of networks will most
protection subscription is current. certainly outweigh the risks.
4. Educate employees about the
security risks of e-mail Bibliography
attachments.
Web site: http://www.cisco.com
5. Implement a complete and Reference books: - Cisco certified
comprehensive network security network associates by TODD
solution. LAMMLE.
E-Commerce and e-Business by Z.R.
6. Asses your security posture Andam
regularly Network Security by Arun Kahate
7. When an employee leaves a
company, remove that employee’s
network access immediately.
8. Update your Web server
software regularly.
9. Do not run any unnecessary
network services.
10. If you allow people to work
from home, provide a secure,
centrally managed server for
remote traffic.