Research recent public incidents or breaches that were a result of social engineering. Provide the details available related to the attack and also any controls or education you would recommend to the organization to reduce the likelihood of the event occurring again.
http://d2jw81rkebrcvk.cloudfront.net/assets.navigate/issa/Network_Security/Lesson_Presentations_nohead_2.0_v2/Lesson06/index.html
Network Security, Firewalls,
and VPNs
Lesson 3
VPN Fundamentals
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
From Last Week…
Virtual Labs
▪ Configuring a pfSense Firewall for the Server
▪ Penetration Testing a pfSense Firewall
Required Reading
▪ Chapters 2 & 7
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 2
Learning Objectives
▪ Describe the foundational concepts of VPNs.
▪ Appraise the elements of VPN implementation and
management.
▪ Describe common VPN technologies.
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 3
Key Concepts
▪ Virtual private network (VPN) essentials
▪ The roles of VPN appliances, edge routers, and
corporate firewalls
▪ VPN implementation
▪ Best practices for implementing and managing VPNs
▪ Common network locations where VPNs are
deployed
▪ VPN deployment planning for the enterprise
▪ VPN policy creation
▪ Strategies for overcoming VPN performance and
stability issues
▪ Software- and hardware-based VPN solutions
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 4
Virtual Private Network (VPN)
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 5
What Is a VPN?
▪ Network that uses the public telecom
infrastructure (Internet) to provide remote
access to secure private networks
▪ Allows organizations to privately transmit
sensitive data remotely over public networks
▪ Secures communication between separate
private networks through tunneling
▪ Protects sensitive information transiting the
public network
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 6
What Is a VPN?
▪ Low-cost alternative to leased-line infrastructure
▪ Supports Internet remote access
▪ Provide remote access and remote control
▪ Employs encryption and authentication for
secure transmission
▪ Restrictions for mobile users that ensure a
baseline level of conformity and security
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 7
VPN Endpoints
▪ Host Computer Systems
▪ Edge Routers
▪ Corporate Firewalls
▪ Dedicated VPN Appliances
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 8
VPN Encryption Modes
▪ Tunnel mode
• Protects packet from header to payload
▪ Transport mode
• Protects only the packet payload
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 9
VPNs Bridge Distant Connections
▪ Home and satellite offices
▪ May span separate cities, states, countries,
geographic territories, and international borders
▪ Provide varying levels of granular network
access to separate locations
▪ VPNs maintain confidentiality and integrity for
users and data (C-I-A triad)
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 10
Drawbacks of VPNs
▪ Congestion, latency, fragmentation, and packet loss
▪ Difficulties with compliance and troubleshooting
▪ Encrypted traffic does not compress
▪ Lacks repeating patterns
▪ More bandwidth-intensive than clear-text
transmission
▪ Connectivity requires high availability
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 11
VPNs Security and Privacy Issues
▪ Cannot ensure quality of service (QoS) or
complete security
▪ Links depend on availability, stability, and
throughput of ISP connection
▪ Not ideal connection method for dial-up modems
or low-bandwidth links
▪ Infected mobile users can potentially damage or
disrupt the private network
▪ Confidential data can be copied outside the
boundaries of internal controls
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 12
VPNs Are Not a Cure-all Solution
Upkeep, Updates,
and Upgrades
• Safety and
Security
• Software Fixes
• Software
Patches
• Software
Updates
• Hardware
Upgrades
Network Security, Firewalls, and VPNs
Inconsistent
Security
Client Compliance
• Roaming profiles
• Tamper with
systems
• Bypass
restrictions
• Careless users
• Defiant users
•
•
•
•
True VPN
Trusted VPN
Secure
Hybrid VPN
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 13
VPN Best Practices: Predeployment
▪ Choose a solution that’s right for your
environment, with proven capabilities
▪ Plan to provide redundancy
▪ Create a written VPN policy
▪ Ensure client security
• Vulnerability management
▪ Document your VPN implementation plan
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 14
Developing a VPN Policy
▪ Restrict remote access to the organization’s VPN
solution.
▪ Prohibit split tunneling.
▪ Define classes of employee that can access the network
by VPN.
▪ Define types of VPN connections to permit.
▪ Define authentication methods permitted.
▪ Prohibit sharing of VPN credentials.
▪ List configuration requirements for remote hosts,
including current virus protection, anti-malware, hostbased intrusion detection system (HIDS), and a personal
firewall.
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 15
Developing a VPN Policy (Cont.)
▪ Prohibit the use of non-company equipment or, if
personal systems may connect to the VPN, define the
minimum standards for those connections.
▪ Define required encryption levels for VPN connections.
▪ If you will be using your VPN for network-to-network
connections, define approval process and criteria for
establishing a network-to-network connection.
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 16
VPN Best Practices: Post
Deployment
Perform Regularly
Usage
Review
Network Security, Firewalls, and VPNs
Back Up Patching
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 17
Types of VPN Implementations
Bypass VPN
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 18
Types of VPN Implementations
Internally Connected VPN
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 19
Types of VPN Implementations
A VPN in a DMZ
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 20
Internet Protocol Security (IPSec)
▪ IPSec VPNs:
• Support all operating system platforms
• Provide secure, node-on-the-network connectivity
• Offer standards-based solution
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 21
Layer 2 Tunneling Protocol (L2TP)
▪ Largely replaced by IPSec and SSL/TLS
▪ Is a combination of best features of Point-to-Point
Tunneling Protocol (PPTP) and the Layer 2
Forwarding (L2F) Protocol
▪ Limitation: Provides mechanism for creating
tunnels through an IP network but not for
encrypting the data being tunneled
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 22
Secure Sockets Layer SSL)/
Transport Layer Security (TLS)
▪ Non-IPSec alternative for VPNs
▪ SSL/TLS authentication is one-way
▪ SSL VPNs:
• Platform independent
• Client flexibility
• Work with NAT
• Fewer firewall rules required
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 23
Secure Sockets Layer (SSL)/
Transport Layer Security (TLS)
A secure browser session using SSL.
Network Security, Firewalls, and VPNs
A certificate in an
HTTPS connection.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 24
Secure Shell (SSH) Protocol
▪ Used for:
• Login to a shell on a remote host (replaces Telnet
and rlogin)
• Executing a single command on a remote host
(replaces rsh)
• File transfers to a remote host
• In conjunction with the OpenSSH server and client
to create a full VPN connection
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 25
Secure Shell (SSH) Protocol
An
application
that uses
SSH.
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 26
VPN Deployment Models
▪ True, Trusted, Secure, and Hybrid Models
▪ Tailor VPN security to match organizational
and data privacy needs
▪ Establish control
• Components (software and hardware)
• Conversations (endpoint connections)
• Communications (network infrastructure)
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 27
VPN Deployment Models
▪ Customers and providers may separately
manage and maintain devices
▪ Customers may outsource different aspects of
VPN ownership and operation to service
providers
▪ Custom tailor ownership and operator
responsibilities to budgetary needs
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 28
VPN Architectures
▪ Remote access (host-to-site) supports single
connections into the LAN
▪ LAN-to-LAN and WAN (site-to-site) supports
LAN-to-LAN via Internet
▪ Client-server (host-to-host) supports direct
connections via Internet
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 29
VPN Architectures
▪ A corporation may control different
aspects of the network
▪ Authentication, Authorization, and
Accounting (AAA) server deployment
▪ Different technologies for different needs
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 30
VPN to Connect a LAN with Remote
Mobile Users
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 31
VPN Used to Connect Multiple LANs
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 32
VPN Used to Connect Multiple LANs with
Remote Mobile Users
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 33
VPN Supporting Services and Protocols
▪ Enterprise-class VPNs require enterpriseclass security
▪ Authentication establishes levels of
authorization and access
▪ Cryptographic transport protocols don’t
“play well” together
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 34
VPN Protocols
▪ IPSec (originally for IPv6 but widely used on IPv4)
▪ Secure Sockets Layer (SSL)/Transport Layer
Security (TLS)
▪ Datagram Transport Layer Security (DTLS)
▪ Microsoft Point-to-Point Encryption
▪ Secure Socket Tunneling Protocol (SSTP)
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 35
Network Protocols
▪ Tunneling protocols package packets within
packets for secure transport
▪ Transport protocols package payloads within
packets
▪ Encapsulating protocols wrap around original
passenger protocols
▪ Carrier protocols carry the packaged VPN
packets
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 36
VPN Tunnel
▪ Encapsulates an entire packet within
another packet
▪ Encrypts payload and header (IP and
UDP/TCP) to protect identities
▪ Carrier protocol used to transmit the VPN
packets
▪ Encapsulating protocol packages the
original data
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 37
VPN Tunnel
▪ Passenger protocol—original data payload
or protocol being carried
▪ Encapsulates packets that are not routable
through the Internet
▪ Routes non-routable address traffic over
public infrastructure
▪ Ideal for gateway-to-gateway or network-tonetwork communication
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 38
VPN Transport
▪ Encapsulates only the packet payload
▪ Cannot prevent some forms of observation
(eavesdropping and alteration)
▪ Does not conceal endpoint identity
▪ Ideal for direct endpoint-to-endpoint or
endpoint-to-gateway communication
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 39
Cryptographic Protocols
▪ Ensure confidentiality and non-repudiation
▪ Require encryption algorithms, protocols,
and authentication methods
▪ Endpoints must support identical
cryptographic protocols and methods
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 40
VPN Authentication, Authorization, and
Accountability Mechanisms
▪ Allow approved external entities to
interconnect and interact with private
network
▪ Use varying methods for authenticating
users (passkeys, biometrics, etc.)
▪ Track and log user interactions to
maintain user accountability
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 41
VPN Hosts and Trust
Trust should vary depending on who is allowed in
via the VPN
Least Risk
Employee on corporate laptop on managed network
Employee on home computer
Employee on airport internet (wireless or kiosk)
Authorized partner
Most Risk
Network Security, Firewalls, and VPNs
Authorized customer
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 42
VPNs, NAT, and IPSec
▪ Network Address Translation (NAT)
• Static
• Dynamic
▪ IPSec (originally for IPv6 but widely used on IPv4)
▪ IPSec has issues traversing a translated (NAT)
network
• Run IPSec VPNs on untranslated addresses
or
• Deploy an SSL VPN
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 43
VPN Appliances
▪ Dedicated network offload devices
▪ Specialized to handle VPN offloading from
routers and host systems
▪ Can be placed outside corporate firewalls for
traffic filtering
▪ Supplements existing corporate firewalls that do
not support VPN services
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 44
Edge Routers
▪ Transport VPN over public networks
▪ Insures that all traffic complies with firewall
▪ Ideal for customer and supplier or business
partner access
▪ Best suited for controlled access into DMZ
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 45
Corporate Firewall
▪ Pass LAN-to-LAN traffic
▪ Joined networks are treated as any other
LAN route
▪ Users don’t have to re-authenticate across
segments
▪ No additional firewall filtering or restriction
applies
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 46
VPN Implementation Choices
▪ A VPN can be implemented as software on the
host and gateway
▪ A VPN can be implemented as a hardware
appliance
▪ Both have advantages and disadvantages
▪ Both offer cost savings and scalability
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 47
Hardware-Based VPNs
Dedicated Resources and Optimized Processing
Advantages
Disadvantages
Designed for
Routing
Costs and
Compatibility
Sustains
Resources
Streamlined
for security
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 48
Software-Based VPNs
Platform-independent SSL/TLS VPNs to connect systems
Advantages
Disadvantages
Install and
Deploy
Rapidly
Complex to
Install and
Configure
Connection
Speed
Server
Exposed
Portable and
Efficient
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 49
Owned and Outsourced VPNs
▪ Own or operate telecommunications
infrastructure and VPN endpoints
▪ Contract maintenance or management
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 50
VPN Deployment Planning
1. Plan the physical location of the VPN
2. Ensure the location meets power and cooling
requirements
3. Plan your IP addressing scheme
4. Plan firewall rules for permitting VPN access
5. Configure the VPN server
6. Set up authentication
7. Follow change management policies
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 51
VPN Deployment Planning
8. Test the deployment
9. Create operations manual, user documentation,
etc.
10.Develop support processes
11.Install VPN clients
12.Train users
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 52
Overcoming VPN Performance
Challenges
Item
Consideration
VPN type
Client or site-to-site connection support
Protocol
IPSec VPN or SSL VPN
Load
Number of remote access or site-to-site connections
Client configuration
Legacy hardware, memory-intensive applications
Bandwidth
Unreliable connections
Topology
Connection traverses a firewall or proxy server
Encryption level
High encryption necessary but impacts performance
Traffic
Traffic spikes, such as from streaming media
Client version
Older versions
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 53
Overcoming VPN Stability
Challenges
Item
Consideration
Configuration
Mission-critical requires high availability or failover
Location
Number of devices connection must traverse
(firewalls, routers, etc.)
VPN software
version
Older software may be unstable
Underlying OS
Older versions of OS, or firmware code in hardware
VPN
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 54
Summary
▪ Virtual private network (VPN) essentials
▪ The roles of VPN appliances, edge routers, and
corporate firewalls
▪ VPN implementation
▪ Best practices for implementing and managing VPNs
▪ Common network locations where VPNs are
deployed
▪ VPN deployment planning for the enterprise
▪ VPN policy creation
▪ Strategies for overcoming VPN performance and
stability issues
▪ Software- and hardware-based VPN solutions
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 55
Virtual Lab
▪ Using Social Engineering Techniques to Plan an
Attack
Required Reading
▪ Chapters 3, 11, 12
Midterm Quiz
▪ Study Guide will be posted later this week and the
test will be posted early next week
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 56
Network Security, Firewalls,
and VPNs
Lesson 1
Network Security Basics, Threats, and
Issues
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Learning Objective
▪ Explain the fundamental concepts of network
security
▪ Review essential Transmission Control
Protocol/Internet Protocol (TCP/IP) behavior
and applications used in IP networking
▪ Recognize the impact that malicious exploits
and attacks have on network security
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 2
Key Concepts
▪ Confidentiality, integrity, and availability (C-I-A)
▪ Network security and its value to the enterprise
▪ Roles and responsibilities in network security
▪ Network security countermeasures
▪ TCP/IP protocol analysis
▪ IP networking protocol
▪ Network management tools
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 3
Key Concepts (continued)
▪ What you need to protect and from whom
▪ Risk assessment for network infrastructure
▪ Wired and wireless network infrastructure risks,
threats, and vulnerabilities
▪ Common network hacking tools, applications,
exploits, and attacks
▪ Social engineering practices and their impact on
network security efforts
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 4
Primary Goals of Information Security
Confidentiality
Security
Integrity
Network Security, Firewalls, and VPNs
Availability
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 5
Secondary Goals of Information Security
Authentication
Privacy
Confidentiality
Authorization
Integrity
Availability
Nonrepudiation
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 6
Seven Domains of a Typical IT
Infrastructure
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 7
The Need for Information Security
▪ Risk
▪ Threat
▪ Vulnerability
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 8
Information Assurance
Authentication
Nonrepudiation
Seven Domains of a Typical IT Infrastructure
Availability
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 9
Security Policy
▪ Establish goals
▪ Address risk
▪ Provide roadmap for security
▪ Set expectations
▪ Link to business objectives
▪ Map of laws and regulations
▪ Supported by standards,
procedures, and guidelines
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 10
Examples of Network Infrastructures
▪ Workgroup
▪ SOHO
▪ Client/server
▪ LAN versus WAN
▪ Thin client and terminal services
▪ Remote access and VPNs
▪ Boundary networks
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 11
A Typical Workgroup
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 12
A Typical Client/Server Network
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 13
A Typical VPN
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 14
Typical Boundary Networks
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 15
TCP/IP Protocol Suite
Application
• Domain Name System (DNS), Dynamic Host Configuration
Protocol (DHCP), Hypertext Transfer Protocol (HTTP),
Tele-network (Telnet), File Transfer Protocol (FTP)
Transport
• Transmission Control Protocol (TCP), User Datagram
Protocol (UDP)
Internet
• Internet Protocol (IP), IPSec, Internet Control Message
Protocol (ICMP), Address Resolution Protocol (ARP), and
Internet Group Management Protocol IGMP
Network Interface
• Serial Line Internet Protocol (SLIP), Purchasing Power
Parity (PPP)
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 16
TCP/IP Networking and OSI Reference Models
7. Application
Application
6. Presentation
5. Session
Transport
Internet
Network
Interface
Network Security, Firewalls, and VPNs
4. Transport
3. Network
2. Data link
1. Physical
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 17
The Structure of a Packet
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 18
A Packet Moves Through the Protocol Stack
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 19
IP Addressing
▪ Assigned to computers for identification on a
network
▪ Internet routing uses numeric IP addresses
▪ IP addresses in packet headers
▪ A packet makes many hops between source and
destination
▪ IPv4 32-bit address
▪ IPv6 128-bit address
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 20
Protocol Analysis
Functions of a Protocol Analyzer
▪ Why analyze data packets?
• Detect network problems, such as bottlenecks
• Detect network intrusions
• Check for vulnerabilities
• Gather network statistics
▪ What does a protocol analyzer do?
• Captures and decodes data packets traveling on a
network
• Allows you to read and analyze them
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 21
NetWitness Investigator
▪ Threat analysis software
− Protocol Analyzer
▪ Captures raw packets from wired and
wireless interfaces
▪ Analyzes real-time data throughout the seven
layers
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 22
NetWitness Investigator (cont.)
▪ Filters by Media Access Control (MAC) address,
IP address, user, and more
▪ Supports Internet Protocol version 4 (IPv4) and
Internet Protocol version 6 (IPv6)
▪ Gets daily threat intelligence data from the SANS
Internet Storm Center
▪ Freely available
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 23
Wireshark
▪ Network protocol analyzer
▪ Captures Ethernet, IEEE 802.11, PPP/HDLC,
ATM, Bluetooth, USB, Token Ring, Frame Relay,
FDDI, and other packets
▪ Analyzes real-time and saved data
▪ Runs on Windows, Linux, OS X, Solaris,
FreeBSD, NetBSD, and others
▪ Supports IPv4 and IPv6
▪ Allows Voice over IP (VoIP) analysis
▪ Freely available
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 24
Packet Capture Using NetWitness Investigator
Select parsers to use with capture
Geolocation IP (GeoIP), Search, FLEXPARSE
Define rules or capture
Filters and alerts
Verify capture configuration settings
Network Adapter, Advanced Capture Settings,
and Evidence Handling
Start the capture
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 25
Trace Analysis Using NetWitness Investigator
Navigation
Search
Select a
collection.
Open a collection.
Click
Navigation.
Select a report.
Click the Content
Search icon.
Select a group
of sessions.
Search for
specific content.
Network Security, Firewalls, and VPNs
Search on keyword
or regular expression.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 26
TCP/IP Transaction Sessions
▪ Connection-oriented
• Sender
– Breaks data into packets
– Attaches packet numbers
• Receiver
– Acknowledges receipt; lost packets are resent
– Reassembles packets in correct order
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 27
TCP Three-Way Handshake
1 – SYN
2 – SYN/ACK
Host
3 – ACK
Server
Synchronize (SYN)
Acknowledge (ACK)
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 28
TCP Connection Termination
1 – ACK/FIN
2 –ACK
3 –ACK/FIN
Host
4 – ACK
Server
Acknowledge (ACK)
Finish (FIN)
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 29
TCP Connection Reset
1 – SYN
2 –SYN/ACK
Host
3 – RST
Server
Synchronize (SYN)
Acknowledge (ACK)
Reset (RST)
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 30
Network Protocol Examination
▪ Normal Packet
• Connecting to an FTP server
• Port 53 (dns) in UDP
• Three-way handshake completes
▪ Packet Showing Evidence of Port Scan
• Series of TCP packets, part of three-way handshake
• Arrange segments in sequential order by source port
• Destination ports also in sequential order
• Classic TCP port scan
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 31
Clear-Text Vs Encrypted Protocols
▪ Clear-text Protocols
• Are human readable
• FTP, Telnet, Simple Mail Transfer Protocol (SMTP),
HTTP, Post Office Protocol 3 (POP3), Internet
Message Access Protocol (IMAPv4), Network Basic
Input/Output System (NetBIOS), Simple Network
Management Protocol (SNMP)
▪ Encrypted Protocols
• Are not human readable
• Secure Shell (SSH), SSH File Transfer Protocol
(SFTP), HTTP Secure (HTTPS)
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 32
Malware ~ Malicious Code
▪ Distribution Methods
•
•
•
•
•
Software downloads
E-mail
Malicious web sites
File transfer
Flaws in software
▪ Effects of Malware
•
•
•
•
Data loss, exposure, or change
Poor system performance
Pop-up ads
System becomes a “bot” or “zombie”
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 33
Common Types of Malware
▪
▪
▪
▪
▪
▪
▪
▪
▪
Viruses and Worms
Trojan Horses
Keystroke Loggers (“keyloggers”)
Spyware and Adware
Rootkits
Logic Bombs
Trapdoors and Backdoors
URL Injectors and Browser Redirectors
Exploits
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 34
Malware: Viruses and Worms
▪ Viruses
• Infect boot sectors or files, such as
executables, drivers, and system
• Need user interaction to spread
▪ Worms
• Infect systems
• Don’t need user interaction to spread
• Can be carriers for other types of malicious
code
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 35
Malware: Trojan Horses
▪ Delivery method for a malicious payload
▪ Usually appear to be a benign program, such as
a game or utility
▪ Installed by users without knowledge of
malicious payload
▪ Allows remote access to attackers
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 36
Malware: Keystroke Loggers
▪ Also called “keyloggers”
▪ Software-based keyloggers can be installed via
worms or Trojan horses
▪ Record keystrokes and transmit them to the
attacker
▪ Hardware-based keyloggers
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 37
Malware: Spyware and Adware
▪ Spyware
▪ Adware
▪ May be bundled together
▪ May be embedded in other programs
▪ May masquerade as antimalware product
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 38
Malware: Rootkits
▪ Codes that position themselves between the
operating system kernel and hardware
▪ Allows attacker to gain root/administrative
access to system
▪ Uses of rootkits
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 39
Malware: Logic Bombs
▪ Malicious code that lies dormant until triggered
▪ Triggering events
• Time and date
• Program launch
• Keyword
• Accessing a URL
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 40
Malware: Backdoors and Trapdoors
▪ Synonyms for the same type of malware
▪ Bypass normal authentication or security controls
▪ Benefits to the attacker
▪ Examples of backdoors and trapdoors
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 41
Malware: URL Injectors and Browser
Redirection
▪ Also called browser hijacking
▪ Replace URLs with alternative addresses
▪ Redirect browser to target Web sites
▪ May also change browser home page
▪ May prevent access to anti-malware Web sites
▪ May inject entries into HOSTS file
▪ Other malware may contain URL injector code
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 42
Malware: Exploits
▪ Take advantage of flaws or bugs in software
▪ Often embedded into other forms of malware
▪ May be stand-alone or part of hacker toolkits
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 43
Advanced Persistent Threat
▪ Highly targeted
▪ Targeting intelligence often gleaned from other
types of attacks
• Phishing
• Social engineering
▪ Occurrence has increased dramatically but
represents a small percentage of attacks
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 44
Impact of Malware on Organizations
▪ Melissa Virus caused $80 million in damages in
North America
▪ SQL Slammer Virus
▪ Code Red
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 45
Application Vulnerabilities
▪ Buffer overflow
▪ SQL Injection
▪ Cross-site scripting (XSS)
▪ Cached credentials
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 46
Mitigating Application Vulnerabilities
▪ In-House Coding
▪ Operating systems or applications
▪ Vulnerability scanning
▪ Open Web Application Security Project
(OWASP) for Web application security
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 47
Port Scanning
Mechanics
Uses
▪ TCP or UDP packets are
sent to ports on a system
▪ Useful to both hackers
and security professionals
▪ Scanning performed on
single IP address or IP
address range
▪ Hackers
▪ Security Professionals
▪ Open ports can verify:
▪ Indicators of open ports
▪ Noticeable and detectable
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 48
General Terms
▪
▪
▪
▪
▪
▪
▪
▪
Confidentiality
Integrity
Availability
Trust
Privacy
Authentication
Authorization
Nonrepudiation
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 49
Networking Terminology
▪
▪
▪
▪
▪
▪
▪
▪
Network
Firewall
Router
Virtual Private Network
IPSec
Demilitarized Zone (DMZ)
Intrusion Detection System (IDS)
Intrusion Prevention System (IPS)
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 50
Risk Terminology
▪ Risk
▪ Threat
▪ Vulnerability
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 51
Policy, Awareness, and Training
▪ Policy ~
− sets expectations
▪ Awareness ~
− promotes security
▪ Training ~
− defines roles and responsibilities
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 52
Security Countermeasures
Common
Countermeasures
Uses
Benefits
Limitations
Firewalls
▪ Filter traffic
▪ Segmentation
▪ Hardware
▪ Software
▪ First defense
▪ Keep noise out
▪ Perimeter defense
▪ Not content oriented
▪ Limited to yes or no
Virtual Private
Network (VPN)
▪ Remote access
▪ Encrypted tunnel
▪ Private tunnel
▪ Extends Cover
▪ Man-in-the-middle
▪ Not traffic oriented
Intrusion
Detection/Prevention
System
▪ Monitor traffic
▪ Notification
▪ May block attacks ▪ Prevention
▪ Host or Network
Network Security, Firewalls, and VPNs
▪ Relies on signatures
▪ False positives
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 53
Security Countermeasures (Continued)
Common
Countermeasures
Uses
Benefits
Limitations
Data Loss Prevention
▪ Monitor data loss
▪ Block data loss
▪ Sensitive Config
▪ Breach Notification
Security Incident and
Event Management
▪ Aggregate sec logs
▪ Correlate sec logs
▪ Monitor and review ▪ False positives
▪ Generate alerts
▪ Data heavy
▪ Limit to log info
Network Security, Firewalls, and VPNs
▪ Signature reliant
▪ False positives
▪ Circumventable
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 54
Security Countermeasures (Continued)
Common
Countermeasures
Uses
Benefits
Limitations
Continuous Control
Monitoring
▪ Checks config
▪ Automate monitors
▪ Standard compliant ▪ Self correction
▪ Real time monitor
▪ Emerging tech
▪ Policy dependent
Vulnerability
Assessment
▪ Tests systems
▪ Limited to known
▪ Create noise
Network Security, Firewalls, and VPNs
▪ Proactive address
▪ Centralize tracking
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 55
What is Risk?
▪ Risk has several meanings
• Danger
• Consequences
• Likelihood or probability
▪ Definition of risk in formal risk assessment
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 56
Risk Assessment Methodology
▪ Identification
▪ Analysis
▪ Determine risk for each threat-vulnerability pair
▪ Prioritize mitigation efforts
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 57
Measuring Risk
▪ Risk = Impact x Likelihood
• Impact: The consequence of a
successful exploitation of a vulnerability
• Likelihood: How probable is it that an
impact will occur?
▪ Risk can be measured
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 58
Risk Matrix
Likelihood
Impact
Low
Medium
High
Low
Low
Low
Medium
Medium
Low
Medium
High
High
Medium
High
Critical
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 59
Hacker Motivation
Thrill
Hobby
Status
Network Security, Firewalls, and VPNs
Challenge
Money
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 60
Favorite Hacker Targets
▪ Easy assets – those that pay off
quickly
• Monetary gain
• Control of networks
▪ Unique targets
• Challenging
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 61
Consider Business Requirements
▪ Availability of the network and its components
• Redundancy
• High availability
• Single point of failure
• Denial of service
▪ Sensitivity of the data
• Encryption
• Access control
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 62
Internet Exposure
▪ Remote access
• Will a VPN work?
• Is direct internet access required?
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 63
Wired Networks
▪ Lack of external connectivity creates
physical isolation
• Can rely on physical controls to protect network
• External threats must breach physical barrier
▪ If external connectivity is required
• No control is the same as physical isolation but
security must enable the business
• Consider segmentation
• Rigorous front door screening
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 64
Benefits of Wireless Networking
▪ Can be inexpensive to deploy
• No need to run wires
• Quick connectivity for multiple users
▪ Convenience
▪ Mobility
▪ Ubiquity
• All laptops now come equipped with wireless
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 65
Wireless Concerns
▪ Introduces new attack surface
• Require additional design considerations to mitigate
attack
▪ Data is transmitted over the air and accessible
• Use of encryption technology
• Consider implementing segmented wireless networks
• Require VPN authentication for wireless access
▪ Network can be directly accessed from a distance
• Shielding
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 66
Mobile Networking
▪ Allows user to be completely mobile
▪ Requires considerations for central management
▪ Potential for device to be lost
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 67
Seven Domains of a Typical IT
Infrastructure
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 68
User Domain
Any individual associated with the organization,
including users, employees, managers,
contractors, or consultants, even if they don’t
have logins.
▪ Threats
▪ Vulnerabilities
▪ Risks
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 69
Workstation Domain
Workstations, stand-alone systems,
home computers
▪ Threats
▪ Vulnerabilities
▪ Risks
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 70
LAN Domain
Hosts on private LANs
▪ Threats
▪ Vulnerabilities
▪ Risks
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 71
LAN-to-WAN Domain
Routers, firewalls, other devices at the
LAN/WAN connection point
▪ Threats
▪ Vulnerabilities
▪ Risks
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 72
Remote Access Domain
Organization resources via remote access
through dial-up, wireless, or standard
broadband Internet connection
▪ Threats
▪ Vulnerabilities
▪ Risks
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 73
WAN Domain
WAN infrastructure elements, such as
routers, switches, and firewalls
▪ Threats
▪ Vulnerabilities
▪ Risks
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 74
System/Application Domain
Servers, applications, databases, data
▪ Threats
▪ Vulnerabilities
▪ Risks
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 75
Summary
▪ Confidentiality, integrity, and availability (C-I-A)
▪ Network security and its value to the enterprise
▪ Roles and responsibilities in network security
▪ Network security countermeasures
▪ TCP/IP protocol analysis
▪ IP networking protocol
▪ Network management tools
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 76
Summary (continued)
▪ What you need to protect and from whom
▪ Risk assessment for network infrastructure
▪ Wired and wireless network infrastructure risks,
threats, and vulnerabilities
▪ Common network hacking tools, applications,
exploits, and attacks
▪ Social engineering practices and their impact on
network security efforts
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 77
Virtual Labs
▪ Analyzing IP Protocols with Wireshark
▪ Using Wireshark and NetWitness Investigator to
Analyze Wireless Traffic
▪ Configuring a pfSense Firewall on the Client
Network Security, Firewalls, and VPNs
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 78