Network security devices like firewalls, IDS, and IPS help protect networks from common security threats. Firewalls can be hardware-based and filter traffic by port number at the network level or software-based and see all traffic on a host. IDS monitors network traffic for intrusions while IPS can actively prevent intrusions. VPN concentrators encrypt traffic entering and leaving the network. Common threats include DoS attacks, viruses, worms, and man-in-the-middle attacks. Mitigation techniques involve policies, user training, and software patching.

1. Network Security CompTIA Network + 2010

2. Network Security Security Devices Firewalls Network Access Security User Authentication Device Security Common Security Threats

3. Security Devices Explain the function Of Hardware and Software security devices. Network Based Firewall Host Based Firewall IDS IPS VPN Concentrator

4. Host Based Firewall Software Based Protection on a device Sees all the Traffic Difficult to manage large groups

5. Windows Firewall with Advanced Security

6. Network Based Firewall Filters Traffic By Port Number Can Encrypt traffic in/out of the network. Can proxy traffic Most firewalls can be Layer 3 devices (routers).

7. Network Based Firewall Advantages Protects many devices at once High-speed Disadvantages Limited Visibility into encrypted Information

8. IDS/IPS Intrusion Detection System Intrusion Prevention System Intrusions Exploits against Operating Systems , applications etc. Bufferoverflows and other vulnerabilities Detection Vs Prevention Detection – Alarm or Alert Prevention – Stop it before it gets into the network.

9. IDS/IPS Advantages Watches all traffic through a network link Can completely stop bad traffic Disadvantages Limited Visibility into encrypted Data Yet Another device on the Network

10. VPN concentrator

11. Identify Common Security Threats and Mitigations Security Threats Dos ,viruses, worms ,attackers ,Man in the middle attack ,Smurf ,Social engineering (phishing) Mitigation Techniques Policies and Procedures ,user training ,patch and updates

12. Denial Of Service Anything that prevents a device from providing normal services DoS /DDoS Denial Of Service /Distributed Denial of service Smurf Attacks Ping sents to a broadcast address were duplicated to all IP addresses on the subnets by the routers We fixed that in 1999

13. Viruses and Worms Viruses infect files and duplicate by copying themselves with other documents Worms don’t need any other files or programs in order to infect other devices Malware is a catch-all term for viruses ,spywares , adwares ,worms and other bad stuff

14. Man in the Middle Attack A form of electronic eavesdropping Especially useful for encrypted communication

15. Man in the Middle Attack A form of electronic eavesdropping Especially useful for encrypted communication

16. Social Engineering Major Threats Electronically Undetectable Suspicious Telephone Call Don’t give any information over the Telephone Look out for unattended persons Badges Processes

17. Phishing Electronic Version Of Social Engineering

18. Mitigation Techniques Policies and Procedures User Training Patches and Updates

19. Summary DoS (Denial Of Service) or DDoS (Distributed DoS) prevent a device from providing normal services. Man in the Middle Attack method can hackers use to intercept encrypted communication between stations Phishing is the electronic method of social engineering to gather personal information.