network security, group policy and firewalls
DESCRIPTION
TRANSCRIPT
DEPARTMENT OF MICROBIOLOGY AND BIOTECNOLOGY
PRESENTED BY SAPNA KUMARI I MSc ( MICROBIOLOGY)
NETWORK SECURITY It is the control of unwanted intrusion into or damage to communications on our organizations computer network.
It supports essential communications which are necessary to the organizations mission and goals.
It includes elements that prevent unwanted activities while supporting desirable activities.
It involves the authorization of access to data in a network which is controlled by the network administrator.
It involved in organizations , enterprises and other types of institutions.
SECURITY OBJECTIVES Confidentiality
Integrity
Authentication
Authorization
Non repudiation
Availability
Privacy
GOALS OF NETWORK SECURITY Ensures the confidentiality of resources
Protect the integrity of data
Maintain availability of the IT infrastructure
Ensure the privacy of personally identifiable data
Enforces access control
Monitor the IT environment for violations of policy
GROUP POLICY
It is the feature of the Microsoft windows NT family of operating systems.
It controls the working environment of user accounts and computer accounts.
It provides the centralized management and configuration of operating systems, applications and users settings in an ACTIVE DIRECTORY environment.
It controls what users can and cannot do on a computer.
TYPES OF GROUP POLICY Account policies Local policies Event log Restricted groups Systems services Registry File system Public key policies Internet protocol security policies
TYPES OF GROUP POLICY( cont’d)ACCOUNT POLICIES Account policies are the first subcategory of
security settings. The account policies include :• Password policy• Account lock out policy
LOCAL POLICIES It is the second subcategory of security policy. It
includes security settings.
EVENT LOG POLICIES It is used to control the settings of the application , system and security event logs on local computers.
RESTRICTED GROUPS
It contain a list of members of specific groups whose membership are defined centrally as part of the security policy.It can be used to manage membership in the built in groups.
SYSTEMS SERVICES POLICIES
It offer a mechanism for potential exploitation by intruders who can take over the services or use the services as an entry point to gain access to computers and computer network resources.
REGISTRY
It is used to configure security and control security auditing for registry keys and their subkeys.
FILE SYSTEM
It is used to configure the security for files and folders . It control security auditing of files and folders.
PUBLIC KEY POLICIES
It add a new encrypted data recovery agent and set up automatic certificate requests. It can also manage the lists of trusted certification authorities.
IP SECURITY POLICIES ON ACTIVE DIRECTORY
It tell the server how to respond to a request for IPsec communications .The server might require secure communication, permit secure communication, or communicate without using Ipsec.
OSI Reference Model Consists of seven layers.
Each layer provides a set of functions to the layers above and relies on the functions provided by the layers below.
Each layer communicates with its peer layer on the other node (protocols).
The layer boundaries (interfaces) should be designed in such a way as to minimize the information flow between the boundaries .
The main idea is to have independent standards for different layers so that changes to one would not cause changes in other layers.
OSI Reference Model (cont’d)
LAYER 7 : APPLICATION LAYER
It is the user interface to your computer or programs.Eg: word processor , e-mail application etc.
LAYER 6 : PRESENTATION LAYER
It acts as the translator between systems, converting application layer information to a common format understandable by different systems.
LAYER 5 : SESSION LAYER
It manages the connections or service requests between computers.
LAYER 4 : TRANSPORT LAYER
It prepares data for delivery to the network.
LAYER 3 : NETWORK LAYER It is where IP addressing and routing happen. Data at this layer is considered a “ packet” .
LAYER 2 : DATA LINK LAYER
It handles the reliable sending of information. Media access control is a component of layer 2. Data at this layer would be reffered to as a “FRAME”.
LAYER 1 : PHYSICAL LAYER
It is composed of the objects that you can see and some that you cannot , such as electrical characteristics.
What is a Firewall ?A firewall :
Acts as a security gateway between two networks
Usually between trusted and untrusted networks (such as between a corporate network and the Internet)
Decides whether to pass, reject, encrypt, or log communications (Access Control)
Internet
Corporate Site
Corporate Network Gateway
“Allow Trafficto Internet”
Why Firewalls are Needed
Prevent attacks from untrusted networks
Protect data integrity of critical information
Preserve customer and partner confidence
Evolution of Firewalls
PacketFilter
ApplicationProxy
StatefulInspection
teful
TYPES OF FIREWALLS
PACKET FILTERS
APPLICATION LAYER GATEWAYS
STATEFUL INSPECTION
PACKET FILTER The first paper on firewall was published in 1988.
This was the first generation of highly involved and technical internet security.
It was developed by BILL CHESWICK AND STEVE BELLOVIN.
It act by inspecting the “PACKET” which transfer between computers on the internet.
If a packet matches the filters set of rules, the packet filter will drop or reject the packet.
It work mainly first 3 layers of the OSI model, which means most of the work is done between the network and the physical layer.
It is the simplest type of firewalls.
APPLICATION PROXYIt is called as also known as PROXY FEREWALL.
The key benefit of the application layer filtering is that it can “ understand” certain applications and protocols( SUCH AS WEB BROWSING).
It can detect if an unwanted protocol is sneaking through on a non standard port or if a protocol is being abused in any harmful way.
It mainly works on layer 7 of the OSI model.
When a connection comes into an application gateway, the firewall completes the connection and creates a new connection from the firewall to the final destination . In a sense , a true proxy doesnot route network traffic. It buffers traffic, modifies the data , if necessary then sends the data to the destination.
STATEFUL INSPECTIONIt was developed in 1989- 1990.
It was developed by DAVE PRESSETTO, JANARDAN SHARMA AND KSHITY NIGAM.
It is also called as CIRCUIT LEVEL FIREWALLS.
It work upto layer 4 of OSI model( transport layer).
It used to record all the connection passing through it and determines whether a packet is the start of the new connection, a part of an existing connection or not a part of any connection.
It allows the firewall to have a complete application awarness without breaking the client / server model.
Firewalls and Proxy Servers
LIMITATION OF FIREWALLS It cant protect the attacks that don’t go through the
firewall.
It cannot protect the morons which are present inside the network.
Firewall policies must be realistic and reflect the level of security in the entire network.
It has no concept of the value or sensitivity of the data ,it is transferring between networks and therefore,it cannot protect information on that basis.
CONCLUSIONNetwork security is the ongoing process
of maintaining the privacy of data that should remain private.
Group policy contains the goals, objectives and standards for security activities.
A firewall is a network security product that acts as a barrier between two or more network segments.
THANK YOU