Network SecurityNetwork Security recommendations for an organization
Network Security• Network Security is an important component of any organization network.• There are variety of attacks which are targeted on an organization network.• Security features are available on networking hardware and software to protect against the attacks.• The presentation provides recommendations for security features and protocols for implementing security in networks.
ACL• Access control lists are available as a feature on routers and switches.• Linux also has a flavor of ACL known as ip tables.• ACL is used to block traffic based on ip address and transport layer port numbers• ACL is predominantly used for denying or permitting access to a device, block ip spoofing attacks etc.
Port-Security• Port Security is a feature which is available on switches.• Port-Security is used to block or allow access to a specific device based on mac-address.• The feature is used to thwart attacks like mac- flooding , Mac-spoofing etc.
WPA• WPA is a authentication mechanism which is available on wirless lan networks.• The feature is implemented on access points and wireless clients.• The feature is used to prevent unauthorized access to wireless lan networks, eaves dropping of clear text data etc.
DHCP Snooping• DHCP Snooping is a feature available on network switches.• The feature is used to prevent attacks based on a DHCP based infrastructure• When DHCP Snooping is configured , rogue dhcp server attacks can be prevented.
SSH• Secure shell is a protocol which is used for managing routers , switches and operating systems• SSH sends data in encrypted format.• SSH should be used instead of insecure protocols like telnet to prevent password and data sniffing attacks.
HTTPS• HTTPS is a secure protocol used on the internet.• It provides services like data authentication, confidentiality and integrity.• HTTPS should be used instead of HTTP when the data on the channel is critical like online banking, credit card transaction etc. to prevent data stealing attacks.
Thank you• For more presentations on networking and security visitwww.projectsinnetworking.com