DEPARTMENT OF MICROBIOLOGY AND BIOTECNOLOGY

PRESENTED BY SAPNA KUMARI I MSc ( MICROBIOLOGY)

NETWORK SECURITY It is the control of unwanted intrusion into or damage to communications on our organizations computer network.

It supports essential communications which are necessary to the organizations mission and goals.

It includes elements that prevent unwanted activities while supporting desirable activities.

It involves the authorization of access to data in a network which is controlled by the network administrator.

It involved in organizations , enterprises and other types of institutions.

SECURITY OBJECTIVES Confidentiality

Integrity

Authentication

Authorization

Non repudiation

Availability

Privacy

GOALS OF NETWORK SECURITY Ensures the confidentiality of resources

Protect the integrity of data

Maintain availability of the IT infrastructure

Ensure the privacy of personally identifiable data

Enforces access control

Monitor the IT environment for violations of policy

GROUP POLICY

It is the feature of the Microsoft windows NT family of operating systems.

It controls the working environment of user accounts and computer accounts.

It provides the centralized management and configuration of operating systems, applications and users settings in an ACTIVE DIRECTORY environment.

It controls what users can and cannot do on a computer.

TYPES OF GROUP POLICY Account policies Local policies Event log Restricted groups Systems services Registry File system Public key policies Internet protocol security policies

TYPES OF GROUP POLICY( cont’d)ACCOUNT POLICIES Account policies are the first subcategory of

security settings. The account policies include :• Password policy• Account lock out policy

LOCAL POLICIES It is the second subcategory of security policy. It

includes security settings.

EVENT LOG POLICIES It is used to control the settings of the application , system and security event logs on local computers.

RESTRICTED GROUPS

It contain a list of members of specific groups whose membership are defined centrally as part of the security policy.It can be used to manage membership in the built in groups.

SYSTEMS SERVICES POLICIES

It offer a mechanism for potential exploitation by intruders who can take over the services or use the services as an entry point to gain access to computers and computer network resources.

REGISTRY

It is used to configure security and control security auditing for registry keys and their subkeys.

FILE SYSTEM

It is used to configure the security for files and folders . It control security auditing of files and folders.

PUBLIC KEY POLICIES

It add a new encrypted data recovery agent and set up automatic certificate requests. It can also manage the lists of trusted certification authorities.

IP SECURITY POLICIES ON ACTIVE DIRECTORY

It tell the server how to respond to a request for IPsec communications .The server might require secure communication, permit secure communication, or communicate without using Ipsec.

OSI Reference Model Consists of seven layers.

Each layer provides a set of functions to the layers above and relies on the functions provided by the layers below.

Each layer communicates with its peer layer on the other node (protocols).

The layer boundaries (interfaces) should be designed in such a way as to minimize the information flow between the boundaries .

The main idea is to have independent standards for different layers so that changes to one would not cause changes in other layers.

OSI Reference Model (cont’d)

LAYER 7 : APPLICATION LAYER

It is the user interface to your computer or programs.Eg: word processor , e-mail application etc.

LAYER 6 : PRESENTATION LAYER

It acts as the translator between systems, converting application layer information to a common format understandable by different systems.

LAYER 5 : SESSION LAYER

It manages the connections or service requests between computers.

LAYER 4 : TRANSPORT LAYER

It prepares data for delivery to the network.

LAYER 3 : NETWORK LAYER It is where IP addressing and routing happen. Data at this layer is considered a “ packet” .

LAYER 2 : DATA LINK LAYER

It handles the reliable sending of information. Media access control is a component of layer 2. Data at this layer would be reffered to as a “FRAME”.

LAYER 1 : PHYSICAL LAYER

It is composed of the objects that you can see and some that you cannot , such as electrical characteristics.

What is a Firewall ?A firewall :

Acts as a security gateway between two networks

Usually between trusted and untrusted networks (such as between a corporate network and the Internet)

Decides whether to pass, reject, encrypt, or log communications (Access Control)

Internet

Corporate Site

Corporate Network Gateway

“Allow Trafficto Internet”

Why Firewalls are Needed

Prevent attacks from untrusted networks

Protect data integrity of critical information

Preserve customer and partner confidence

Evolution of Firewalls

PacketFilter

ApplicationProxy

StatefulInspection

teful

TYPES OF FIREWALLS

PACKET FILTERS

APPLICATION LAYER GATEWAYS

STATEFUL INSPECTION

PACKET FILTER The first paper on firewall was published in 1988.

This was the first generation of highly involved and technical internet security.

It was developed by BILL CHESWICK AND STEVE BELLOVIN.

It act by inspecting the “PACKET” which transfer between computers on the internet.

If a packet matches the filters set of rules, the packet filter will drop or reject the packet.

It work mainly first 3 layers of the OSI model, which means most of the work is done between the network and the physical layer.

It is the simplest type of firewalls.

APPLICATION PROXYIt is called as also known as PROXY FEREWALL.

The key benefit of the application layer filtering is that it can “ understand” certain applications and protocols( SUCH AS WEB BROWSING).

It can detect if an unwanted protocol is sneaking through on a non standard port or if a protocol is being abused in any harmful way.

It mainly works on layer 7 of the OSI model.

When a connection comes into an application gateway, the firewall completes the connection and creates a new connection from the firewall to the final destination . In a sense , a true proxy doesnot route network traffic. It buffers traffic, modifies the data , if necessary then sends the data to the destination.

STATEFUL INSPECTIONIt was developed in 1989- 1990.

It was developed by DAVE PRESSETTO, JANARDAN SHARMA AND KSHITY NIGAM.

It is also called as CIRCUIT LEVEL FIREWALLS.

It work upto layer 4 of OSI model( transport layer).

It used to record all the connection passing through it and determines whether a packet is the start of the new connection, a part of an existing connection or not a part of any connection.

It allows the firewall to have a complete application awarness without breaking the client / server model.

Firewalls and Proxy Servers

LIMITATION OF FIREWALLS It cant protect the attacks that don’t go through the

firewall.

It cannot protect the morons which are present inside the network.

Firewall policies must be realistic and reflect the level of security in the entire network.

It has no concept of the value or sensitivity of the data ,it is transferring between networks and therefore,it cannot protect information on that basis.

CONCLUSIONNetwork security is the ongoing process

of maintaining the privacy of data that should remain private.

Group policy contains the goals, objectives and standards for security activities.

A firewall is a network security product that acts as a barrier between two or more network segments.

THANK YOU