Trey Shaffer

TreyS @ PostNet.com

Trey.Shaffer @ OneCo.net

Intros, Background

• Trey

• Class

Security, broadly speaking

• Threat assessment

• Approach

• Solution

Risk Assessment

• Mission Critical Data

• Mission Critical Transactions

• Public Image

• Lost Productivity– Data recovery– Virus

Security Overview

• 80/20 rule

• 95/5 rule

• Send attackers to your neighbor

Corporate Data Loss

• Sneaker Net

• Laptops

• PDAs

• RAS/VPN• Hacker

Methods of Protection

• Unplug

• Restrict Access

• Control Access

Restrict Access – Who

• User/Password

• Certificates

• Random Generator

• Biometric

Certificates

• You Are Who You (say you) Are

• Three Parties– User– Host– Cert Authority

Restrict Access – Where

• Certificates

• Telephone Number

• IP Address

• DNS Reverse

Methodology

• Choose one

• Thorough

• Repeatable

Break?

Techie Stuff

• TCP/IP Protocol– How it works

• Barrier Solutions– Address translation– Proxy– Firewall

TCP/IP

• Postal Mail Analogy

• Unique address– Network– Host

• Gateway

• Ports

Control Access

• Naked Isolation

• DMZ

• Internal

Solutions

• Meet Various Needs– Features– Ease of use– Performance– Cost

• Hybrid Feature Sets

Address Translation

• Mask Addresses– Many internal– Single/few external

• Inexpensive

• Universal

• Limited Flexibility

Proxy

• Address Translation• Caching

– Performance– Utilization

• Management– Control– Reporting

Firewall

• Hardware/Software

• Extended Features

• Complex/Flexible Policy

• Multi-Point Implementation

• Complementary Services– VPN– Web filtering