trey shaffer treys @ postnet.com trey.shaffer @ oneco.net
TRANSCRIPT
![Page 1: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/1.jpg)
Trey Shaffer
TreyS @ PostNet.com
Trey.Shaffer @ OneCo.net
![Page 2: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/2.jpg)
Intros, Background
• Trey
• Class
![Page 3: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/3.jpg)
Security, broadly speaking
• Threat assessment
• Approach
• Solution
![Page 4: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/4.jpg)
Risk Assessment
• Mission Critical Data
• Mission Critical Transactions
• Public Image
• Lost Productivity– Data recovery– Virus
![Page 5: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/5.jpg)
Security Overview
• 80/20 rule
• 95/5 rule
• Send attackers to your neighbor
![Page 6: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/6.jpg)
Corporate Data Loss
• Sneaker Net
• Laptops
• PDAs
• RAS/VPN• Hacker
![Page 7: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/7.jpg)
Methods of Protection
• Unplug
• Restrict Access
• Control Access
![Page 8: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/8.jpg)
Restrict Access – Who
• User/Password
• Certificates
• Random Generator
• Biometric
![Page 9: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/9.jpg)
Certificates
• You Are Who You (say you) Are
• Three Parties– User– Host– Cert Authority
![Page 10: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/10.jpg)
Restrict Access – Where
• Certificates
• Telephone Number
• IP Address
• DNS Reverse
![Page 11: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/11.jpg)
Methodology
• Choose one
• Thorough
• Repeatable
![Page 12: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/12.jpg)
Break?
![Page 13: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/13.jpg)
Techie Stuff
• TCP/IP Protocol– How it works
• Barrier Solutions– Address translation– Proxy– Firewall
![Page 14: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/14.jpg)
TCP/IP
• Postal Mail Analogy
• Unique address– Network– Host
• Gateway
• Ports
![Page 15: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/15.jpg)
Control Access
• Naked Isolation
• DMZ
• Internal
![Page 16: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/16.jpg)
Solutions
• Meet Various Needs– Features– Ease of use– Performance– Cost
• Hybrid Feature Sets
![Page 17: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/17.jpg)
Address Translation
• Mask Addresses– Many internal– Single/few external
• Inexpensive
• Universal
• Limited Flexibility
![Page 18: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/18.jpg)
Proxy
• Address Translation• Caching
– Performance– Utilization
• Management– Control– Reporting
![Page 19: Trey Shaffer TreyS @ PostNet.com Trey.Shaffer @ OneCo.net](https://reader036.vdocument.in/reader036/viewer/2022082818/56649e7d5503460f94b7fb47/html5/thumbnails/19.jpg)
Firewall
• Hardware/Software
• Extended Features
• Complex/Flexible Policy
• Multi-Point Implementation
• Complementary Services– VPN– Web filtering