PACE-IT: Introduction_to Network Devices (part 2) - N10 006
Download as PPTX, PDF1 like750 views
The document provides an overview of various network devices including firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), load balancers, and proxy servers, detailing their functions and roles in network security. It emphasizes the critical importance of these devices in protecting the network against threats and improving performance. The content is designed as part of a training program funded by the U.S. Department of Labor.
PACE-IT: Introduction_to Network Devices (part 2) - N10 006
- 2. Page 2 Instructor, PACE-IT Program – Edmonds Community College Areas of Expertise Industry Certifications PC Hardware Network Administration IT Project Management Network Design User Training IT Troubleshooting Qualifications Summary Education M.B.A., IT Management, Western Governor’s University B.S., IT Security, Western Governor’s University Entrepreneur, executive leader, and proven manger with 10+ years of experience turning complex issues into efficient and effective solutions. Strengths include developing and mentoring diverse workforces, improving processes, analyzing business needs and creating the solutions required— with a focus on technology.
- 3. Page 3 PACE-IT. – Security devices. – Optimization and performance devices.
- 4. Page 4 Introduction to network devices II.
- 5. Page 5 Introduction to network devices II. – Firewall. » A firewall can be placed on routers or hosts (software based) or can be its own device. » It functions at multiple layers of the OSI model. • Specifically at layers 2, 3, 4, and 7. » It blocks packets from entering or leaving the network. • Via stateless inspection: the firewall will examine every packet against a set of rules. Once the packet matches a rule, the rule is enforced, and the specified action is taken. • Via stateful inspection: the firewall will only examine the state of the connection between networks. Specifically, when a connection is made from an internal network to an external network, the firewall will not examine any packets returning from the external connection. As a general rule, external connections are not allowed to be initiated with the internal network. » It is the first line of defense in protecting the internal network from outside threats. • Consider it the police force of the network.
- 6. Page 6 Introduction to network devices II. – Intrusion detection system (IDS). » An IDS is a passive system designed to identify when a network breach or attack against the network is occurring. • Usually designed to inform a network administrator when a breach or attack has occurred through log files, SMS, and/or an email notification. » An IDS cannot prevent or stop a breach or attack on its own. » It receives a copy of all traffic and evaluates it against a set of standards. • Signature based: evaluates network traffic for known malware or attack signatures. • Anomaly based: evaluates network traffic for suspicious changes. • Policy based: evaluates network traffic against a specific declared security policy. » May be deployed at the host level. • Host-based intrusion detection system (HIDS).
- 7. Page 7 Introduction to network devices II. – Intrusion prevention system (IPS). » An IPS is an active system designed stop a breach or attack from succeeding in damaging the network. • Usually designed to perform an action or set of actions to stop the malicious activity. • Will inform a network administrator through the use of log files, SMS, and/or email notification. » All traffic on the network segment flows through the IPS to either enter or leave the segment. • Like the IDS, all traffic is evaluated against a set of standards. » The best placement on the network is between a router (with a firewall) and the destination network segment. » It is programmed to make an active response to the situation. • Block the offending IP address. • Close down the vulnerable interface. • Terminate the network session. • Redirect the attack. • Plus more.
- 8. Page 8 A virtual private network (VPN) concentrator will allow for many more secure VPN connections to a network. The concentrator will provide proper tunneling and encryption, depending on the type of VPN connection that is allowed. Most concentrators can function at multiple layers of the OSI model (specifically Layer 2, Layer 3, and Layer 7). Outside of Internet transactions (which use SSL VPN connections at Layer 7) most concentrators will function at the network layer (Layer 3) of the OSI model, providing IPsec encryption through a secure tunnel. Introduction to network devices II.
- 9. Page 9 Introduction to network devices II.
- 10. Page 10 Introduction to network devices II. – Load balancer. » A load balancer may also be called a content switch or content filter. » A network appliance that is used to load balance between multiple hosts that contain the same data— spreading out the workload for greater efficiency. • Commonly used to distribute the requests (workload) to a server farm among the various servers, helping to ensure that no single server gets overloaded. – Proxy server. » A proxy server is an appliance that requests resources on behalf of client machines. » It is often used to retrieve resources from outside untrusted networks on behalf of the requesting client. » It hides and protects the requesting client. » It can also be utilized to filter allowed content. » It can increase network performance by caching commonly requested Web pages.
- 11. Page 11 Introduction to network devices II. Firewalls are the police force of the network. The either allow or deny network traffic based on a set of predefined rules. They may be an appliance or software based. An IDS will inform a network administrator when malicious actions have occurred (they are passive). An IPS is placed inline with network traffic and will take action when malicious activities are detected. Topic Security devices. Summary A load balancer (also known as a content switch or content filter) is a network appliance that will balance requests across multiple devices that contain the same data. A proxy server acts on behalf of a client device to fulfill requests to retrieve data. It can also be used to limit what requests are fulfilled. Optimization and performance devices.
- 13. This workforce solution was 100 percent funded by a $3 million grant awarded by the U.S. Department of Labor's Employment and Training Administration. The solution was created by the grantee and does not necessarily reflect the official position of the U.S. Department of Labor. The Department of Labor makes no guarantees, warranties, or assurances of any kind, express or implied, with respect to such information, including any information on linked sites and including, but not limited to, accuracy of the information or its completeness, timeliness, usefulness, adequacy, continued availability or ownership. Funded by the Department of Labor, Employment and Training Administration, Grant #TC-23745-12-60-A-53. PACE-IT is an equal opportunity employer/program and auxiliary aids and services are available upon request to individuals with disabilities. For those that are hearing impaired, a video phone is available at the Services for Students with Disabilities (SSD) office in Mountlake Terrace Hall 159. Check www.edcc.edu/ssd for office hours. Call 425.354.3113 on a video phone for more information about the PACE-IT program. For any additional special accommodations needed, call the SSD office at 425.640.1814. Edmonds Community College does not discriminate on the basis of race; color; religion; national origin; sex; disability; sexual orientation; age; citizenship, marital, or veteran status; or genetic information in its programs and activities.