Security Devices Flashcards
What can firewalls be?
They can be both softwarr and hardware depending on the type of firewall being discussed.
Where do sofwtare firewalls typically occur?
In an integrated router.
What do firewalls do?
They protect data and equipment from unauthorized network access. They do this by reffering to an Access Control List. If the form of traffic trying to enter does not fit on the ACL, then access is denied.
How do ACLs work?
This is a file that routers use that conatins rules about data traffic between networks.
Do firewalls use client resources?
No. This emans they do no timpact on their clients performance.
What are IDS and IPS?
Intrusion Detection System and Intrusion Prevention System.
How does IDS work?
IDS monitors traffic that has been copied for any problems. This allows for them to spot problems, but it may be too late for them to do anything about them.
IDS systems have become mostly legacy, with some of thier systems being integrated into IPS system.
How does IPS work?
IPS systems are very popular.
These systems read all traffic befroeit even interacts with the system. If it reads as okay then it is allowed in. If not then it is simply shwon the door.
A poorly configured IPS can negatively affect the flow of traffic within a network.
What does UTM mean?
Unified Threat Management.
What are UTMs? What do stateful firewalls do?
They are an all-in-one security appliance, blending together IDS/IPS and stateful firewalls.
IN the firewall market today, UTMs are typically known as next-generation firewalls.
Stateful firewalls work byfiltering data using connection information maintained in a stae table.
Stateful firewalls document each connection by noting the source and destination addresses. This inludes their port numbers.
What extra features do UTMs provide?
Features vary significantly depending on the vendor. Common features though are :
Zero Day Protection.
Denail of Service and Distributed Denial of Service Protection.
Proxy Filtering of Applications.
Email filtering for spam and phishing attacks.
Antispyware.
Network access control.
VPNs.
What is an endpoint management server?
They are servers responsible for managening all end devices such as Desktops.
They can restrict and end devices access to the network, if the device does not meet predefined requirements. Such as not having the right OS or anti-virus capabilities.
What si an example of Endpoint Management?
Cisco’s DNA (Digital Network Architechture) Center.
This provides management for all endpoint devices connected to the network.
It allows for the user to optimize their network and its performance through this.
