Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

class project 5-6 wk4

advertisement 
First topology has to be defined. Topology is defined as the rules for physically connecting and communicating on given network media. Each topology
has its own set of rules for connecting your network systems and even specifies how these systems must "speak" to each other on the wire. By far the
most popular local area network (LAN) topology is Ethernet.
In order to configure a system to read all information it receives. This is common practice is called a promiscuous mode system. Promiscuous mode can
be leveraged by a network administrator to monitor a network from one central station so that errors and network statistics can be gathered. A network
analyzer is effectively a computer operating in promiscuous mode. Since a station is listening to all network traffic anyway, a simple software change
allows a system to actually record all the information it sees.
Wide Area Network (WAN)
Wide area network topologies are network configurations that are designed to carry data over a great distance. WAN topologies are usually point to point.
Point to point means the technology was developed to support only two nodes sending and receiving data. Multiple nodes can be created to accommodate
the need for access to the WAN.\
Private Circuit Topologies
There are a few different security connections in relation to Private Circuit. The first, Leased lines, which are dedicated analog or digital circuits that are
paid for on a flat-rate basis. This means that whether you use the circuit or not, you are paying a fixed monthly fee. Leased lines are point-to-point
connections—they are used to connect one geographical location to another. The maximum throughput on a leased line is 56Kbps. This however, may not
be very plausible in relation to cost.
Second is T1, which is a full-duplex signal (each end of the connection can transmit and receive simultaneously). T1s are used for dedicated point-topoint connections in the same way that leased lines are.
So now let’s discuss the different security topologies. The first is a screening router setup, the router acts as the sole gateway and gatekeeper between
the un-trusted, outside network (i.e. the Internet) and the trusted network (i.e. LAN). The router maintains sole discretion on which traffic to allow in by
implementing an access control list.
Another is called a Dual-Homed Gateway. The dual-home gateway is a screening router setup that implements a bastion host between the screening
(external) router and the trusted network. A bastion host is a host that is configured to withstand most attacks and can additionally function as a proxy
server. By adding the bastion host, no direct communication exists between the external network and the trusted network, masking the internal network
structure and allowing for traffic to be screened twice. It is considered fail-safe in that if one of the components (bastion host, router) fails, the security
system remains available. However, it is cumbersome and rather slow in comparison to other topologies.
Yet another is called a Screened Host Gateway. A screen host gateway is essentially a dual-homed gateway in which outbound traffic (from trusted to untrusted) can move unrestricted. Incoming traffic must first be screened and then sent to the bastion host, like in a dual-homed gateway. This is a less
secure but more transparent system than dual-homed gateway.
Another topology is an intrusion detection system, or IDS, can track or detect a possible malicious attack on a network. There are two types of intrusion
detection systems.
Active and Passive IDS: An active IDS will attempt to thwart any kind of detected attacks without user intervention. A passive IDS simply monitors for
malicious activity and then alerts the operator to act, or in other words, requires intervention. Passive IDS is less susceptible to attacks on the IDS
system as it does not automatically act.
There is also Network and Host IDS: A network-based IDS is one that operates as its own node on a network, while host-based IDS systems require
agents to be installed on every protected host.
Yet there is even more classifications. Knowledge and Behavior IDS: A knowledge-based IDS works by assessing network traffic and comparing it with
known malicious signatures, much like antivirus software. A behavior-based IDS analyzes baselines or normal conditions of network traffic; it then
compares them to possibly malicious levels of traffic. Note that this type of IDS produces more false alarms.
There is also the honeypot, which is designed to lure attackers or malicious users into attempting an attack on a fictional or purposefully-weak host and
then recording the patterns of their activity or the source of the attack. A honeypot can also act as bait for the rest of the network by luring attackers to
an “easy target.”
In conclusion, there are many different topologies and security topologies, and it is up to the company to choose which is best for their use. I would
however, use the LAN with fiber optics, a T-1 full – duplex signal, and an active IDS and a honeypot.
Related documents
Sample Cover Page
Sample Cover Page
Search Jobs
Search Jobs
Security Analyst - Collins McNicholas
Security Analyst - Collins McNicholas
UNIVERSITY OF NAIROBI Institute for Development Studies
UNIVERSITY OF NAIROBI Institute for Development Studies
SNS COLLEGE OF ENGINEERING Kurumbapalayam(Po
SNS COLLEGE OF ENGINEERING Kurumbapalayam(Po
Parent LovNotes #14 - Cobb County School District
Parent LovNotes #14 - Cobb County School District
Exercise 8
Exercise 8
Prep sheet for the 1st midterm
Prep sheet for the 1st midterm
SNORT
SNORT
Download
advertisement