Firewall Fundamentals

ISSM 535Q

Week 1
Fundamentals of Network Security

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.
 Learning Objective
▪ Explain the fundamental concepts of network
security.
▪ Understand the basic elements of network
security.
▪ Define network security roles and
responsibilities and who within an IT
organization is accountable for security
implementation.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 2
All rights reserved.
 Key Concepts
▪ Confidentiality, integrity, and availability (C-I-A)
▪ Network security and its value to the enterprise
▪ Roles and responsibilities in network security
▪ Impact of network infrastructure design on
security
▪ Features, uses, and benefits of network security
countermeasures

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 3
All rights reserved.
 General Terms
▪ Confidentiality
▪ Integrity
▪ Availability
▪ Trust
▪ Privacy
▪ Authentication
▪ Authorization
▪ Nonrepudiation

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 4
All rights reserved.
 Introduction
▪ Introduction
▪ Meeting time:
• Wednesday 5:20PM - 09:50PM
▪ Firewall Fundamentals <- TCP/IP
▪ General course expectations / outcomes
▪ Course Outline
▪ Lab assignments, GAs

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 5
All rights reserved.
 Network Security

▪ What is Network Security?

A Network Security is the control of

unwanted intrusion from causing damage to
communications on your organization’s
computer network.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 6
All rights reserved.
 Network Security
This includes:
▪ Blocking non-approved transmission
▪ Looking for protocol errors
▪ Ensuring the integrity of the information
traversing the network
▪ Preventing unwanted activities while
supporting desirable activities.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 7
All rights reserved.
 Network Security
▪ Where does Network Security start from?

▪ It has to start with Trust.

▪ What is Trust?

▪ In Common Term: Trust is confiding in

your expectation that other will act in your
best interest.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 8
All rights reserved.
 Trust – Computers and Networks
▪ In Computer Term: Trust is the
confidence that other users will act in
accordance with your organization security
rules.
▪ Users will not attempt to violate your
organization’s privacy, integrity and
stability of the network and it resources.
▪ The belief that others are trustworthy.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 9
All rights reserved.
 Trust – Computers and Networks

Sometimes, people violate your Trust:

▪ Accidentally Deliberately

▪ Oversight Ignorance

▪ Hackers

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 10
All rights reserved.
 Who is Trustworthy?
▪ You begin by realizing that trust is based on
past experience and behaviors.
▪ When people abide to rules you defined
and also meet expectation of conduct, you
can consider them trustworthy.
▪ Trust can also come from using a third-
party methods.
Example: Digital certificates that a public
certificate authority issues.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
Network Security, Firewalls, and VPNs www.jblearning.com Page 11
All rights reserved.
 Example of 3rd Party Trust

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 12
All rights reserved.
 Trust – Computers and Networks
▪ Ultimately, network security is based on
Trust.
▪ Not all trust is necessary the same.
▪ Those with higher level of trust can be
assigned with greater Privileges and
Permissions.
▪ If someone or something violate your
trust?
▪ Then you can remove the violator access
to the secure environment. © 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
Network Security, Firewalls, and VPNs www.jblearning.com Page 13
All rights reserved.
 Trust – Computers and Networks
To have a secured network, you need to vet
every aspect of a network including:
▪ Software Hardware
▪ Configuration
▪ Communication Patterns
▪ Users
Otherwise, you will not be able to accomplish
the security objectives of your network.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 14
All rights reserved.
 Primary Objectives/Goals of Information
Security

Confidentiality

Security

Integrity Availability

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 15
All rights reserved.
 Secondary Objectives/Goals of Information
Security
Authentication

Confidentiality
Privacy Integrity Authorization
Availability

Nonrepudiation

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 16
All rights reserved.
 What are you trying to protect?
▪ To support security objectives, you need to
know clearly what you are trying to protect.
▪ Things you want to protect is generally
known as Assets.
▪ Assets is anything that is use to conduct a
business.
▪ Examples are:

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 17
All rights reserved.
 Things that makes Asset Unavailable?
▪ Accidents

▪ Ignorance

▪ Oversight

▪ Hackers

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 18
All rights reserved.
 Hackers
▪ The word “Hacking” originally meant
tinkering or modifying systems to learn and
explore.
▪ A malicious hackers can launch attack
and exploits the network, seeking to gain
access or just to cause damage.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 19
All rights reserved.
 Things to know about Hackers
How do Hackers think?
▪ Hackers think along the lines of
manipulation or change.
▪ Hackers look into rules to create new way
of bending, breaking or changing them.
▪ Hackers turn things over, inside out and in
wrong direction.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 20
All rights reserved.
 Things to know about Hackers (Cont.)
▪ Hackers attempt to perform tasks in
different orders with incorrect values,
outside the boundaries and with a purpose
to cause a reaction.
▪ Hackers look for easy targets or
overlooked vulnerabilities, exploit mistakes
of the network security professionals.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 21
All rights reserved.
 Best way to protect Malicious Hackers
According to Sun Tzu’s Art of War:
• “ If you know your enemy and know yourself,
you need not fear the result of hundred
battles”.
• “If you know yourself but not the enemy, for
every victory gained you will also suffer a
defeat”.
• “If you know neither the enemy nor yourself,
you will succumb in every battle”.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 22
All rights reserved.
 Best way to protect Malicious Hackers
▪ You must learn to think like a Hacker.
▪ Understand the techniques, methods and
motivation of hackers.
▪ Once you are able to know your assets
and also think like a hacker, then the better
you can create effective defense to protect
against them.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 23
All rights reserved.
 Seven Domains of a Typical IT
Infrastructure

What security controls can you implement in each

domain to protect the assets?

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 24
All rights reserved.
 Seven Domains of a Typical IT
Infrastructure
▪ No aspect of an IT Infrastructure is without
Risk

▪ When thinking like a hacker, you have to

analyze every one of the seven domains of
a typical IT infrastructure.

▪ Hackers look for any and every opportunity

to exploit a target.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
Network Security, Firewalls, and VPNs www.jblearning.com Page 25
All rights reserved.
 How can you measure the success of
Network Security?
▪ A perfect security component does not exist.
▪ Instead, good network security relies on an
interweaving of multiple effective security
components.
▪ Network security success is not about
preventing all possible attacks or
compromises.
▪ Instead, you work to continually improve the
state of security.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
Network Security, Firewalls, and VPNs www.jblearning.com Page 26
All rights reserved.
 How can you measure the success of
Network Security?
▪ Successful network security is all about
constant vigilance.
▪ Security is an ongoing effort that constantly
changes to meet the challenge of new
threats.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 27
All rights reserved.
 Security Policy
▪ Establish goals
▪ Address risk
▪ Provide roadmap for security
▪ Set expectations
▪ Link to business objectives
▪ Map of laws and regulations
▪ Supported by standards,
procedures, and guidelines
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
Network Security, Firewalls, and VPNs www.jblearning.com Page 28
All rights reserved.
 Policy, Awareness, and Training
▪ Policy ~
− sets expectations

▪ Awareness ~
− promotes security

▪ Training ~
− defines roles and responsibilities

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 29
All rights reserved.
 Examples of Network Infrastructures
▪ Workgroup
▪ SOHO
▪ Client/server
▪ LAN versus WAN
▪ Remote access and VPNs
▪ Boundary networks

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 30
All rights reserved.
 A Typical Client/Server Network

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 31
All rights reserved.
 A Typical VPN

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 32
All rights reserved.
 Typical Boundary Networks

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 33
All rights reserved.
 Wired Networks
▪ Lack of external connectivity creates physical
isolation
• Can rely on physical controls to protect
network
• External threats must breach physical barrier

▪ If external connectivity is required

• No control is the same as physical isolation
but security must enable the business
• Consider segmentation
• Rigorous front door screening
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
Network Security, Firewalls, and VPNs www.jblearning.com Page 34
All rights reserved.
 Benefits of Wireless Networking
▪ Can be inexpensive to deploy
• No need to run wires
• Quick connectivity for multiple users

▪ Convenience

▪ Mobility

▪ Ubiquity
• All laptops now come equipped with wireless

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 35
All rights reserved.
 Wireless Concerns
▪ Introduces new attack surface
• Require additional design considerations to
mitigate attack
▪ Data is transmitted over the air and accessible
• Use of encryption technology
• Consider implementing segmented wireless
networks
▪ Network can be directly accessed from a distance
• Shielding

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 36
All rights reserved.
 Consider Business Requirements
▪ Availability of the network and its components
• Redundancy
• High availability
• Single point of failure
• Denial of service

▪ Sensitivity of the data

• Encryption
• Access control

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 37
All rights reserved.
 Common Network Security
Components Used to Mitigate
Threats
▪ Firewalls
▪ VPNs
▪ Proxy servers
▪ Network address translation
▪ Directory services
▪ Intrusion Detection Systems and Intrusion
Prevention Systems

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 38
All rights reserved.
 Security Countermeasures
Common Uses Benefits Limitations
Countermeasures

Firewalls ▪ Filter traffic ▪ Hardware ▪ Perimeter defense

▪ Segmentation ▪ Software ▪ Not content oriented
▪ First defense ▪ Limited to yes or no
▪ Keep noise out

Virtual Private ▪ Remote access ▪ Private tunnel ▪ Man-in-the-middle

Network (VPN) ▪ Encrypted tunnel ▪ Extends Cover ▪ Not traffic oriented

Intrusion ▪ Monitor traffic ▪ Notification ▪ Relies on signatures

Detection/Prevention ▪ May block attacks ▪ Prevention ▪ False positives
System (IDS/IPS) ▪ Host or Network

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 39
All rights reserved.
 Security Countermeasures (Continued)
Common Uses Benefits Limitations
Countermeasures

Data Loss Prevention ▪ Monitor data loss ▪ Sensitive config ▪ Signature reliant
▪ Block data loss ▪ Breach notification ▪ False positives
▪ Circumventable

Network Address ▪ Translates internal ▪ Thwarts hackers ▪ Requires IP

Translation (NAT) IP addresses into ▪ Extends use of forwarding
external public IPv4 addresses ▪ Can make some
addresses apps difficult to
▪ Reduces number of run
public IP addresses
needed
Security Incident and ▪ Aggregate sec logs ▪ Monitor and review ▪ False positives
Event Management ▪ Correlate sec logs ▪ Generate alerts ▪ Data heavy
▪ Limit to log info

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 40
All rights reserved.
 Security Countermeasures (Continued)
Common Uses Benefits Limitations
Countermeasures

Continuous Control ▪ Checks config ▪ Automate monitors ▪ Emerging tech

Monitoring ▪ Standard compliant ▪ Self correction ▪ Policy dependent
▪ Real time monitor

Vulnerability ▪ Tests systems ▪ Proactive address ▪ Limited to known

Assessment ▪ Centralize tracking ▪ Create noise

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 41
All rights reserved.
 Summary
▪ Confidentiality, integrity, and availability
mandates for network resource security
▪ Network security and its value to the enterprise
▪ Roles and responsibilities in network security
▪ Network infrastructure design on security
▪ Features, uses, and benefits of network security
countermeasures

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Network Security, Firewalls, and VPNs www.jblearning.com Page 42
All rights reserved.