Methods of network access security Flashcards
ACL(Access control lists)
Are rules, typically applied to router interfaces, that specify permitted and denied traffic
eg of A device that filters traffic based on ACL-like rules is a packet filtering firewall.
-ACL MAC filtering: Configure FW to the HW configures MAC address to grant access
-AC IP filtering:using the IP address as a parameter, to allow or deny traffic based on the source or destination IP address through the ACL FW.
ACL Port filtering: You might, for example, open port 80 on the firewall to allow Hypertext Transfer Protocol (HTTP) requests from users on the Internet to reach the corporate web server.
Tunnelling and encryption
Secure Sockets Layer(SSL): For secure connections- TSL is an improvement. (TSL1.2)
SSL VPN: can be used to connect locations that would run into trouble with firewalls and NAT
VPN; Using the Internet as a backbone to connect two or more private networks.. VPNs can also be used as a means of establishing secure remote connectivity between a remote system and another network.
VPN client: The computer that initiates the connection to the VPN server.
VPN server: Authenticates connections from VPN clients.
req protocols: Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP) These protocols enable authentication and encryption in VPNs.
Categories of VPN: Client-to-site and site to site
Get more info in notes
IPSec:The IP Security (IPSec) protocol is designed to provide secure communications between systems. This includes system-to-system communication in the same network, as well as communication to systems on external networks. IPSec is an IP layer security protocol that can both encrypt and authenticate network transmissions. In a nutshell, IPSec is composed of two separate protocols Authentication Header (AH) and Encapsulating Security Payload (ESP).
AH provides the authentication and integrity checking for data packets, and ESP provides encryption services.
IPSec operates at the network layer
3 key security services of IPSec:
1 data received is from the intended source
2 data has not been tampered with or changed
3 sending and receiving devices is unreadable by any other devices (Private transactions)
Internet Security Association and Key Management Protocol (ISAKMP)
-not a protocol: it outlines how secure communications should take place
Remote access
Point-to-Point Protocol (PPP): PPP is a family of protocols that work together to provide connection services.
PPP provides a number of security enhancements compared to regular SLIP(Serial Line Internet Protocol),(encryption of usernames and passwords)
(authentication protocols include CHAP, MS-CHAP, MS-CHAP v2, EAP, and PAP)
Point-to-Point Protocol over Ethernet (PPPoE): is a protocol used to connect multiple network users on an Ethernet local area network to a remote site through a common device. For example, using PPPoE, you can have all users on a network share the same link, such as a DSL, cable modem, or wireless connection to the Internet. PPPoE is a combination of PPP and the Ethernet protocol, which supports multiple users in a local area network.
It is an efficient way to create a separate connection to a remote server for each user.
PPPoE communication process:initiation, offer, request, and session confirmation.
Remote Access Service (RAS):Most commonly, the clients are Windows systems that use the dialup networking feature, Connection to a RAS server can be made over a standard phone line, using a modem, over a network, or via an ISDN connection.
Remote Desktop Protocol (RDP):is used in a Windows environment. Terminal Services provides a way for a client system to connect to a server.
Such a configuration is known as thin client computing, whereby client systems use the resources of the server instead of their local processing power.
RDP is a low-bandwidth protocol used to send mouse movements, keystrokes, and bitmap images of the screen on the server to the client computer. RDP does not actually send data over the connection—only screenshots and client keystrokes.
ICA(Independent Computing Architecture): Citrix ICA enables clients to access and run applications on a server, using the server’s resources. Only the user interface, keystrokes, and mouse movements transfer between the client system and the server. In effect, even though you work at the remote computer, the system functions as if you were actually sitting at the computer itself. As with Terminal Services and RDP, ICA is an example of thin client computing.
SSH(Secure Shell) Secure Shell (SSH) is a tunneling protocol originally created for UNIX systems. It uses encryption to establish a secure connection between two systems and provides alternative, security-equivalent applications for such utilities as Telnet, FTP, and other communications-oriented applications. Although it is available with Windows and other operating systems, it is the preferred method of security for Telnet and other cleartext-oriented programs in the UNIX environment. SSH uses port 22 and TCP for connections.