Trey Shaffer
TreyS @ PostNet.com
Trey.Shaffer @ OneCo.net
Intros, Background
• Trey
• Class
Security, broadly speaking
• Threat assessment
• Approach
• Solution
Risk Assessment
•
•
•
•
Mission Critical Data
Mission Critical Transactions
Public Image
Lost Productivity
– Data recovery
– Virus
Security Overview
• 80/20 rule
• 95/5 rule
• Send attackers to your neighbor
Corporate Data Loss
•
•
•
•
Sneaker Net
Laptops
PDAs
RAS/VPN
•
Hacker
Methods of Protection
• Unplug
• Restrict Access
• Control Access
Restrict Access – Who
•
•
•
•
User/Password
Certificates
Random Generator
Biometric
Certificates
• You Are Who You (say you) Are
• Three Parties
– User
– Host
– Cert Authority
Restrict Access – Where
•
•
•
•
Certificates
Telephone Number
IP Address
DNS Reverse
Methodology
• Choose one
• Thorough
• Repeatable
Break?
Techie Stuff
• TCP/IP Protocol
– How it works
• Barrier Solutions
– Address translation
– Proxy
– Firewall
TCP/IP
• Postal Mail Analogy
• Unique address
– Network
– Host
• Gateway
• Ports
Control Access
• Naked Isolation
• DMZ
• Internal
Solutions
• Meet Various Needs
–
–
–
–
Features
Ease of use
Performance
Cost
• Hybrid Feature Sets
Address Translation
• Mask Addresses
– Many internal
– Single/few external
• Inexpensive
• Universal
• Limited Flexibility
Proxy
• Address Translation
• Caching
– Performance
– Utilization
• Management
– Control
– Reporting
Firewall
•
•
•
•
•
Hardware/Software
Extended Features
Complex/Flexible Policy
Multi-Point Implementation
Complementary Services
– VPN
– Web filtering