Professional Documents
Culture Documents
Firewall
The most important strategic pieces in your network security design is the
firewall.
Understand other network security concepts such as packet filtering, access
control lists, proxy servers, and honeypots.
Packet filtering
Inspects each packet passing through the firewall and accepts or rejects it based
on rules
NAT filtering
Filters traffic according to ports (TCP or UDP)
Application-level gateway
Applies security mechanisms to specific applications, such as FTP
Circuit-level gateway
Works at the session layer of the OSI model and applies security mechanisms
when a TCP or UDP connection is established
Proxy Server
HTTP proxies (known as proxy servers) act as a go-between for the clients on the
network and the Internet. Simply stated, they cache website information for the
clients, reducing the amount of requests that need to be forwarded to the actual
corresponding web server on the Internet.
Honeypot
Generally, a single computer but could also be a file, group of files, or an area of
unused IP address space.
Honeynet
One or more computers, servers, or an area of a network; these are used when a
single honeypot is not sufficient.
Network intrusion detection system (NIDS)
A type of IDS that attempts to detect malicious network activities, for example
port scans and DoS attacks.
Network intrusion prevention system (NIPS)
Designed to inspect traffic, and based on its configuration or security policy, it can
remove, detain, or redirect malicious traffic.
The protocol analyzer (NIDS and/or NIPS)
Protocol analyzers such as Wireshark (Ethereal) or Network Monitor are loaded
on a computer and are controlled by the user in a GUI environment; they capture
packets enabling the user to analyze them and view their contents.
Some NIDS and NIPS integrate these into their system.
Part #2.