Kamis, 30 Desember 2010

Map of Network Security Technology ( Part 1 )

Network security must become a knowledge that is owned for those who want to seriously work in the Internet. Unfortunately, technology has grown so complex that require network security professionals to learn many things to really understand the whole concept & technology network security. To facilitate the learning process, it is worth considering carefully the attached image that contains a map of network security technology. An excellent reference on this subject contained in http://www.sans.org.
In general, the topology of computer networks consist of a public Internet network that spreads throughout the world and that there is an internal Intranet network in the company / institution. In between Internet and intranet there are usually de-Militerized Zone (DMZ) is limited by the Router to the Internet filtering, and firewall to the Intranet. In De-Militerized Zone (DMZ) is usually in pairs of various servers, such as, Mail Server, FTP Server, Web Server and DNS Server.
  Based on the above network topology, we can divide the network security technology into four (4) major parts, namely: • Penetration testing • Certificate Authority / PKI • Vulnerability Testing
• Managed Security Services
  Let's look at the technology that became part of the four (4) of this section, in general,
 • Penetration Testing, consists of: o Active Content Monitoring / Filtering, usually put on the mail server in the DMZ. o Intrusion Detection - Host Based, usually put on servers in the Intranet and DMZ. o Firewall, intercede with the DMZ Intranet and Internet .. o Intrusion Detection - Network Based, usually used to monitor the Intranet. o Authorization, on the run in the Intranet. o Water Gap Technology, run on De-Militerized Zone (DMZ). o Network Authentication, operated on the Intranet. o Security Appliances, usually in the form of hardware firewall. o Security Services: Penetration Testing, a company outside that provide services to us. o Authentication, operated on the Intranet.
  • Certificate Authority / PKI, a supporter of other technologies and can be operated on servers in the Intranet, comprising: o Certificate Authority, on the intranet and internet.
o File and Session Encryption, operated on the Intranet o Cryptographic VPN & Communications, at the start of De-Militerized Zone and is used to penetrate to the Internet to the Intranet to another. o Secure Web Servers, operated at the De-Militerized Zone (DMZ). o Single Sign On, on the server. o Web Application Security, on the Web server.
  • Vulnerability Testing, usually performed by an auditor or security manager, among others. o Vulnerability Scanners - Host-Based, operated on Intranet server o Real-Time Security Awareness, Response & Threat Management, used by the security manager. o Vulnerability Scanners - Network Based, operated in the filtering router is connected directly to the Internet. 

Managed Security Services, is part of management (non-technical) network security. Issues that exist include:
o Enterprise Security Policy Implementation.
o Managed Security Services.
o Enterprise Security Administration.
o Security Services: Policy Development.
o Trusted Operating Systems, installed on all computers.
o Anti D.D.O.D Tools.

# Active Content Monitoring / Filtering. When you are connected to the Internet, you take the risk of computer viruses, java / Active-X scripts etc evil. This tool will check all content entering the network / computer, continuously update its library. # Intrusion Detection - Host Based. Host-based intrusion detection will monitor file log. He will meresponds with an alarm or a counterattack if any business user for accessing data, file or service that is not allowed. # Firewall. A firewall is a system or group of several systems implement access control policy between two networks. # Intrusion Detection - Network Based. Network-based intrusion detection will monitor the network and will meresponds with alarm at the time he identified a pattern of traffic that is not good, such as scanning, denial of business service or other attacks. # Authorization. Authentication, asked "Who are you?". Authorization, ask "Are you entitled to?". With the authorization mechanism for each user who will resource access should apply to the authorization server to obtain a permit. # Water Gap Technology. Hardware / software of this type allows the transfer of data real-time between the Internet with the back-end without opening a hole in the firewall. Sometimes Water Gap solutions require a physical connection to the network terminated outside. Water Gap sever all network protocols, limiting access to data in the application layer only, and perform content analysis. # Network Authentication. This tool uses several approaches to improve the system's ability to distinguish between eligible and not entitled to access. # Security Appliances. The combination of hardware / software that provides limited service, such as firewalls, network load management etc. Because its operating system is limited, more easily managed and not subject to hacker attacks such as the general-purpose UNIX or Windows NT. # Security Services: Penetration Testing. Consultant organization that simulate hacker attacks in the real world as well as social engineering attacks. They usually give advice how to fix the defense. Usually they using network-based vulnerability scanning tools. # Authentication. Authentication is a process that determines something or someone is who or what. The simplest way of authentication process is the logon password, unfortunately very susceptible to the stolen. Another way to overcome this is to use a token that allows more stringent authentication process again. 


0 komentar:

Posting Komentar

Baca juga

Cari Blog Ini

Sms-online gratis

Link Excharge
Powered by Blogger