I INF 453 Lecture Notes - Lecture 6: Vmware, Fibre Channel, Serializability
Network Security
Network Security Devices:
Application āWebfilter, firewall (Nextgen/DPI)
Presentation āEmail encryption, firewall (Nextgen/DPI)
Session āVPN gateway, firewall (Nextgen/DPI)
Transport āFirewall (stateful)
Network āRouter, home router (NAT),
Datalink āSwitch, MAC filters, VLANs
Physical āLocks, mantraps, environmental sensors
NAC/NAP- ī
µakes sure trusted user, seīuritī up to date, saīs eīaītlī īhatās alloīed to īoī
¶ī
¶eīt to
ī
¶etīork if doesī
¶āt ī
µeet all īriterias
AAA- people logging in, what they can do, what they do gets logged.
SIEM- soī
µethiī
¶g there that īolleīt, īorrelate, aī
¶d figure out īhatās goiī
¶g oī
¶ oī
¶ īour īhole ī
¶etīork.
Anti Spam- eī
µail filter that tries to get ride of eīerīoī
¶eās spaī
µ.
Anti phishing- a technological service that helps prevent unauthorized access to secure and/or sensitive
information.
Remote access- Connection to a data-processing system from a remote location, for example, through a
remote access service or virtual private network. Remote desktop software, software allowing
applications to run remotely on a server while displaying graphical output locally.
DNS Security- using service that looks at dns, at strange urls to see if legitimate. Good at web filtering
and reporting what people are doing
DLP- making sure data is not stolen and staying in place. Flags and encrypts outgoing.
Email archive- anytime court case or lawsuit will request emails from certain point in time. If someone
deletes it will freeze and pull it back out.
Email legal hold- Archive to send to separate place not slowing down system
MFA ā multi factor authentication.
Virtualization
Concepts -
ā¢Service Layer
o VMs -Virtual Machines: Servers, hosts, appliances
find more resources at oneclass.com
find more resources at oneclass.com
Document Summary
Nac/nap- (cid:373)akes sure trusted user, se(cid:272)urit(cid:455) up to date, sa(cid:455)s e(cid:454)a(cid:272)tl(cid:455) (cid:449)hat"s allo(cid:449)ed to (cid:272)o(cid:374)(cid:374)e(cid:272)t to (cid:374)et(cid:449)ork if does(cid:374)"t (cid:373)eet all (cid:272)riterias. Aaa- people logging in, what they can do, what they do gets logged. Siem- so(cid:373)ethi(cid:374)g there that (cid:272)olle(cid:272)t, (cid:272)orrelate, a(cid:374)d figure out (cid:449)hat"s goi(cid:374)g o(cid:374) o(cid:374) (cid:455)our (cid:449)hole (cid:374)et(cid:449)ork. Anti spam- e(cid:373)ail filter that tries to get ride of e(cid:448)er(cid:455)o(cid:374)e"s spa(cid:373). Anti phishing- a technological service that helps prevent unauthorized access to secure and/or sensitive information. Remote access- connection to a data-processing system from a remote location, for example, through a remote access service or virtual private network. Remote desktop software, software allowing applications to run remotely on a server while displaying graphical output locally. Dns security- using service that looks at dns, at strange urls to see if legitimate. Good at web filtering and reporting what people are doing. Dlp- making sure data is not stolen and staying in place.