Network Security v1.0 - Module 1 (Securing Networks)

Module 1: Securing Networks

Module Objectives:

  • Explain network security and understand the challenges, tools, and techniques for securing networks.

1.1 Current State of Affairs

  • Networks are Targets:

    • Networks are constantly under attack. Real-time data, such as the Kaspersky Cyberthreat Real-Time Map, highlights ongoing attacks.

  • Reasons for Network Security:

    • Breaches can disrupt e-commerce, cause data loss, threaten privacy, and damage information integrity.

    • Cisco Talos Intelligence Group and PSIRT provide insights and mitigate vulnerabilities.

  • Vectors of Network Attacks:

    • Attack vectors can come from inside or outside a network. These include threats via the internet leading to Denial of Service (DoS) attacks.

  • Data Loss:

    • A critical concern as it can have serious financial and legal consequences.

1.2 Network Topology Overview

Campus Area Networks:

  • Larger, often regional, networks that require robust security measures for both physical and logical access.

Small Office and Home Office (SOHO) Networks:

  • Secured with consumer-grade wireless routers that integrate firewalls and WPA2 encryption for wireless security.

  • Port security is used on Layer 2 switches to secure user-facing ports, and antivirus software is deployed on hosts.

Wide Area Networks (WANs):

  • Span large geographical areas, often over public internet connections.

  • Adaptive Security Appliances (ASA) protect WANs by enabling VPN tunnels for secure data transfer.

Data Center Networks:

  • VPNs and ASA devices secure the connection between remote sites and the data center.

  • Physical security is crucial, with measures like video surveillance, motion detectors, and biometric access controls.

Cloud Networks and Virtualization:

  • Virtualization allows cloud computing by separating the hardware from the application.

  • Security concerns for cloud networks include hyperjacking, antivirus storms, and outdated security policies on virtual machines (VMs).

The Evolving Network Border (BYOD):

  • The Borderless Network concept is designed to support Bring Your Own Device (BYOD), where users access the network from various locations and devices.

  • Mobile Device Management (MDM) features include:

    • Data encryption, PIN enforcement, data wipe, data loss prevention (DLP), and jailbreak/root detection.

1.3 Securing Networks Summary

  • Network security breaches can severely impact businesses by compromising data integrity and privacy.

  • Security tools include Cisco devices, VPNs, ASA firewalls, IPS, and AAA servers.

  • Defense-in-depth approach requires the use of multiple security layers such as firewalls, Layer 3 and Layer 2 switches, and host-level security.

  • Physical security for data centers involves both outside perimeter and inside perimeter protections.

  • Cloud VMs are prone to attacks like hyperjacking and instant on activation issues.

  • Borderless Networks support flexible access via a variety of endpoints and connectivity methods.