Transcript of "network security, group policy and firewalls"
DEPARTMENT OF MICROBIOLOGY AND BIOTECNOLOGY PRESENTED BY SAPNA KUMARI I MSc ( MICROBIOLOGY)
NETWORK SECURITY It is the control of unwanted intrusion into or damage tocommunications on our organizations computer network. It supports essential communications which are necessary to theorganizations mission and goals. It includes elements that prevent unwanted activities whilesupporting desirable activities. It involves the authorization of access to data in a network whichis controlled by the network administrator.It involved in organizations , enterprises and other types ofinstitutions.
GOALS OF NETWORK SECURITY Ensures the confidentiality of resources Protect the integrity of data Maintain availability of the IT infrastructure Ensure the privacy of personally identifiable data Enforces access control Monitor the IT environment for violations of policy
GROUP POLICY It is the feature of the Microsoft windows NT family of operatingsystems. It controls the working environment of user accounts andcomputer accounts. It provides the centralized management and configuration ofoperating systems, applications and users settings in an ACTIVEDIRECTORY environment.It controls what users can and cannot do on a computer.
TYPES OF GROUP POLICY Account policies Local policies Event log Restricted groups Systems services Registry File system Public key policies Internet protocol security policies
TYPES OF GROUP POLICY( cont’d)ACCOUNT POLICIES Account policies are the first subcategory of security settings. The account policies include :• Password policy• Account lock out policyLOCAL POLICIES It is the second subcategory of security policy. It includes security settings.
EVENT LOG POLICIES It is used to control the settings of the application , systemand security event logs on local computers.RESTRICTED GROUPS It contain a list of members of specific groups whosemembership are defined centrally as part of the security policy.It can be used to manage membership in the built in groups.SYSTEMS SERVICES POLICIES It offer a mechanism for potential exploitation byintruders who can take over the services or use the services as anentry point to gain access to computers and computer networkresources.
REGISTRY It is used to configure security and control security auditing for registry keysand their subkeys.FILE SYSTEM It is used to configure the security for files and folders . It control securityauditing of files and folders.PUBLIC KEY POLICIES It add a new encrypted data recovery agent and set up automatic certificaterequests. It can also manage the lists of trusted certification authorities.
IP SECURITY POLICIES ON ACTIVE DIRECTORY It tell the server how to respond to a request for IPsec communications .The server might require secure communication, permit securecommunication, or communicate without using Ipsec.
OSI Reference Model Consists of seven layers. Each layer provides a set of functions to the layers above and relies on the functions provided by the layers below. Each layer communicates with its peer layer on the other node (protocols). The layer boundaries (interfaces) should be designed in such a way as to minimize the information flow between the boundaries . The main idea is to have independent standards for different layers so that changes to one would not cause changes in other layers.
LAYER 7 : APPLICATION LAYER It is the user interface to your computer or programs.Eg: word processor , e-mail application etc.LAYER 6 : PRESENTATION LAYER It acts as the translator between systems, converting applicationlayer information to a common format understandable by differentsystems.LAYER 5 : SESSION LAYER It manages the connections or service requests betweencomputers.LAYER 4 : TRANSPORT LAYER It prepares data for delivery to the network.
LAYER 3 : NETWORK LAYER It is where IP addressing and routing happen. Data at this layer isconsidered a “ packet” .LAYER 2 : DATA LINK LAYER It handles the reliable sending of information. Media access control is acomponent of layer 2. Data at this layer would be reffered to as a “FRAME”.LAYER 1 : PHYSICAL LAYER It is composed of the objects that you can see and some that you cannot, such as electrical characteristics.
A firewall : Internet Acts as a security gateway between two networks “Allow Traffic Corporate Network Usually between trusted to Internet” Gateway and untrusted networks (such as between a corporate network and the Internet) Decides whether to pass, reject, encrypt, or log Corporate communications (Access Site Control)
Why Firewalls are Needed Prevent attacks from untrusted networks Protect data integrity of critical information Preserve customer and partner confidence
PACKET FILTER The first paper on firewall was published in 1988. This was the first generation of highly involved and technical internetsecurity. It was developed by BILL CHESWICK AND STEVE BELLOVIN. It act by inspecting the “PACKET” which transfer between computers on theinternet. If a packet matches the filters set of rules, the packet filter will drop orreject the packet. It work mainly first 3 layers of the OSI model, which means most of thework is done between the network and the physical layer. It is the simplest type of firewalls.
APPLICATION PROXYIt is called as also known as PROXY FEREWALL.The key benefit of the application layer filtering is that it can “understand” certain applications and protocols( SUCH AS WEBBROWSING).It can detect if an unwanted protocol is sneaking through on a nonstandard port or if a protocol is being abused in any harmful way.It mainly works on layer 7 of the OSI model.When a connection comes into an application gateway, the firewallcompletes the connection and creates a new connection from the firewallto the final destination . In a sense , a true proxy doesnot route networktraffic. It buffers traffic, modifies the data , if necessary then sends thedata to the destination.
STATEFUL INSPECTIONIt was developed in 1989- 1990.It was developed by DAVE PRESSETTO, JANARDAN SHARMA AND KSHITYNIGAM.It is also called as CIRCUIT LEVEL FIREWALLS.It work upto layer 4 of OSI model( transport layer).It used to record all the connection passing through it and determines whethera packet is the start of the new connection, a part of an existing connection ornot a part of any connection.It allows the firewall to have a complete application awarness without breakingthe client / server model.
LIMITATION OF FIREWALLS It cant protect the attacks that don’t go through the firewall. It cannot protect the morons which are present inside the network. Firewall policies must be realistic and reflect the level of security in the entire network. It has no concept of the value or sensitivity of the data ,it is transferring between networks and therefore,it cannot protect information on that basis.
CONCLUSION Network security is the ongoing process of maintaining the privacy of data that should remain private. Group policy contains the goals, objectives and standards for security activities. A firewall is a network security product that acts as a barrier between two or more network segments.
A particular slide catching your eye?
Clipping is a handy way to collect important slides you want to go back to later.