Let's discover how to surf with safety in your Network.
How do i benefit from Network Security of EKI and prevent from unauthorized Network accesses.
Want to learn more?
2. Connectivity allows one to more easily access the network to perform
data exchange based on software and hardware
Connectivity also provides a means for hackers to intrude the network and
make threats aimed to compromise confidentiality, integrity and
availability
Why Network Security is Becoming More Important?
Data Software Hardware
3. Security Pack
Access Control List
How Do I Benefit From Network Security Of EKI?
IP Security
Login AuthenticationNetwork Access Control
4. HTTPS, SSH
– A cryptographic network protocol makes data exchange
become unreadable
– It avoid the leakage of user account and configuration
Step 1 – Protect Your Switch
??
5. IP Source Guard
– Legal host with known IP and MAC address is bundled on a
specific port to access the network
Step 2 – Prevent Unauthorized Network Access
MAC
IP
Correct IP/MAC
Incorrect IP/MAC
6. IP Source Guard (cont.)
– IP-MAC-Port permit list (white list)
Step 2 – Prevent Unauthorized Network Access (cont.)
7. DHCP Snooping
– Legal host obtains IP address successfully from DHCP server
and be added into IP-MAC-Port permit list automatically
Step 2 – Prevent Unauthorized Network Access (cont.)
Without DHCP Snooping With DHCP Snooping
DHCP Packet DHCP Packet
Illegal host with self-configured IP address Illegal host with self-configured IP address
8. Access Control List
– Illegal frames with specific content are dropped
– Drop list (black list)
Step 3 – Protect Network Resource
Frames with
Legal content
Frames with
Illegal content
?
Not found
9. DoS (Denial of Service) Attack Prevention
– A huge number of frames make malicious operation
continuously to paralysis the data server connected to the
network
– Identify and drop these frames
Step 3 – Protect Network Resource (cont.)
DoS Attack
DoS Attack
With DoS Attack Prevention
Without DoS Attack Prevention
Normal Operation
Abnormal Operation
Freeze!
Smooth