Preview

The Importance of a Defense In-depth Approach to Network Security to Provide Protection Against Internal and External Attacks and Vulnerabilities White Paper

Best Essays
Open Document
Open Document
2271 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
The Importance of a Defense In-depth Approach to Network Security to Provide Protection Against Internal and External Attacks and Vulnerabilities White Paper
Table of Contents
EXECUTIVE SUMMARY 4
INTRODUCTION 5
DATA COMMUNICATIONS – THE OSI MODEL 6
MEDIA LAYERS 7
HOST LAYERS 7
DEFENSE IN-DEPTH 8
FIREWALLS 8
NETWORK INTRUSION DETECTION/PREVENTION SYSTEMS (IDPS) 8
Signature Updates 9
User-defined Custom Signatures 10
HOST-BASED INTRUSION DETECTION SYSTEMS 10
ANTIVIRUS 11
SUMMARY 11
REFERENCES 12

Executive Summary
Modern distributed data communication systems are comprised of hardware and software that facilitate the creation, manipulation, and transmission of data across multiple computers, networks, and servers. With so many components that make up these complex systems come numerous vulnerabilities that can be exploited to compromise the integrity or availability of the data they were designed to support. These multiple attack vectors require a multi-tiered defense strategy, known as defense in-depth (Stewart, Tittel & Chapple, 2013).
Data communication networks have multiple ingress and egress points throughout the design where data enters and leaves the network. These boundaries exist between different segments of a corporate network. One such boundary is between the network backbone and the remote sites. Other examples are between the backbone and Internet-facing demilitarized zones (DMZs) where resources such as web servers exist, and between the backbone and the Internet. This logical segmentation is necessary to define limitations for broadcast communication protocols, to isolate types of systems and data, and also to apply security policy specific to those systems and data (Oppenheimer, 2011).
The Open Systems Interconnection (OSI) model of data communication is a model that defines how computers communicate with one another, agnostic of specific hardware, software, and protocols. Purpose-built computers known as ‘firewalls’ are deployed at the ingress and egress points of a network to monitor traffic at the lower layers (one through three) of the OSI model. Network Intrusion



References: Beale, J., Baker, A. R., Esler, J., & Northcutt, S. (2009). Snort, ids and ips toolkit. Syngress Media Inc. Cerf, V. G., & Cain, E. (1983). The DoD internet architecture model. Computer Networks (1976), 7(5), 307-318. doi:10.1016/0376-5075(83)90042-9 Greensmith, J., & Aickelen, U. (2005). Firewalls, intrusion detection systems and anti-virus scanners. School of Computer Science and Information Technology, University of Nottingham, Jubiliee Campus, Nottingham, UK. , Available from Academia.edu. Retrieved August 3, 2013 from http://www.academia.edu/780147/Firewalls_Intrusion_Detection_and_Anti-virus_Scanners McMillan, T. (2012). Cisco networking essentials. Indianapolis, Ind: John Wiley & Sons. McQuade, S. C., & ebrary, I. (2009). Encyclopedia of cybercrime. Westport, Conn: Greenwood Press. Newman, R. C. (2010). Computer security: Protecting digital resources. Sudbury, Mass: Jones and Bartlett Publishers. Oppenheimer, P. (2011). Top-down network design. (3rd ed.). Indianapolis, Ind: Cisco Press. Raymond, E. S. (2001). How to become a hacker. Retrieved from http://catb.org/~esr/faqs/hacker-howto.html Stewart, J. M., Tittel, E., & Chapple, M. (2013). Cissp, certified information systems security professional study guide. (5th ed. ed.). Indianapolis: Sybex.

You May Also Find These Documents Helpful

  • Better Essays

    Whitman, M., & Mattord, H. (2004). Information Security Policy. In Management of information security(Fourth ed., p. 154). Boston, Mass.: Thomson Course…

    • 2101 Words
    • 8 Pages
    Better Essays
  • Satisfactory Essays

    c) Logical IDS: Network and workstation mechanisms that monitors network traffic and provide real-time alarms for network-based attacks Service Network.…

    • 1152 Words
    • 4 Pages
    Satisfactory Essays
  • Powerful Essays

    ITNE455-1204A-01 U3GP3

    • 5030 Words
    • 21 Pages

    Bradley, Tony, (2012). Introduction to Intrusion Detections Systems (IDS). Retrieved September 5, 2012 from http://netsecurity.about.com/cs/hackertools/a/aa030504.htm…

    • 5030 Words
    • 21 Pages
    Powerful Essays
  • Better Essays

    It255 Project Part 1

    • 634 Words
    • 3 Pages

    References: David Kim., and Michael G. Solomon. Fundamentals of Information Systems Security , 2012: Sudbury, MA 2012…

    • 634 Words
    • 3 Pages
    Better Essays
  • Powerful Essays

    INF 325 Week 1: A Case Study

    • 2472 Words
    • 10 Pages

    Olzak, T. & Bunter, B. (2010, May 07). Security basics - components of security policies. Bright…

    • 2472 Words
    • 10 Pages
    Powerful Essays
  • Better Essays

    In today’s computing world, threats come in many different forms. Business and organizations are bombarded with electronic threats every second. Denial of service (DOS), network disruptions, and stealing of confidential information not only hurt businesses, but also hurt customers. With identity theft so prevalent, a business owes its customers the highest level of security possible. Many mechanisms are available protect critical infrastructure and information.…

    • 890 Words
    • 4 Pages
    Better Essays
  • Powerful Essays

    Technical Paper

    • 2659 Words
    • 9 Pages

    Global Finance, Inc. (GFI) is a hypothetical company, which has grown rapidly over the past year. GFI has invested in its network and designed it to be fault tolerant and resilient from any network failures. However, although the company’s financial status has matured and its network has expanded at a rapid pace, its overall network security posture has not kept up with the company growth. The trusted computing base (TCB) internal network within the Global Finance, Inc. Network Diagram hosts the company’s mission critical systems that are vital to the company’s operations that also affect the overall financial situation. The most vital application servers is the company is their Oracle database and email system. GFI cannot afford system or network outages, as its cash flow and financial systems heavily depend on the network stability and availability. GFI has recently experienced multiple network attacks resulting in a total estimated loss at more than $1,000,000.…

    • 2659 Words
    • 9 Pages
    Powerful Essays
  • Good Essays

    MIS 320 Midterm

    • 3629 Words
    • 12 Pages

    A firewall is a combination of hardware and software that controls the flow of incoming and outgoing network traffic. Firewalls prevent unauthorized users from accessing internal networks. They protect internal systems by monitoring packets for the wrong source or destination, or by offering a proxy server with no access to the internal documents and systems, or by restricting the types of messages that get through, for example, e-mail. Intrusion detection systems monitor the most vulnerable points or “hot spots” in a network to detect and deter unauthorized intruders. These systems often also monitor events as they happen to look for security attacks in progress. Sometimes they can be programmed to shut down a particularly sensitive part of a network if it receives unauthorized traffic.…

    • 3629 Words
    • 12 Pages
    Good Essays
  • Satisfactory Essays

    NT2580

    • 1232 Words
    • 14 Pages

     User names and passwords  Patents and copyrights  Source code  Diplomatic information  Financial data NT2580 Introduction to Information Security © ITT Educational Services, Inc.…

    • 1232 Words
    • 14 Pages
    Satisfactory Essays
  • Satisfactory Essays

    NT2580

    • 526 Words
    • 5 Pages

    Introduction to Information Security © ITT Educational Services, Inc. All rights reserved. Page 2 Key Concepts  Attacks, threats, and vulnerabilities in a typical IT infrastructure …

    • 526 Words
    • 5 Pages
    Satisfactory Essays
  • Better Essays

    Cmgt 400 Week 2

    • 1100 Words
    • 3 Pages

    Conklin, A., White, G., Williams, D., Davis, R., & Cothren, C. (2012). Principles of Computer Security: CompTIA Security+ and Beyond (Exam SY0-301) (3rd ed.). New York, NY: McGraw-Hill Company.…

    • 1100 Words
    • 3 Pages
    Better Essays
  • Better Essays

    Cmgt400 Week 3

    • 1752 Words
    • 8 Pages

    References: Conklin, A., White, G., Williams, D., Davis, R., & Cothren, C. (2012). Principles of Computer Security: Comp TIA Security + and Beyond (third ed.). Boston, MA: McGraw-Hill Company.…

    • 1752 Words
    • 8 Pages
    Better Essays
  • Better Essays

    1a. Computer hardware refers to the physical parts or components of a computer such as monitor, keyboard, Computer data storage, hard drive disk, mouse, printers, CPU (graphic cards, sound cards, memory, motherboard and chips), etc. all of which are physical objects that you can actually touch. In contrast, software is untouchable. Software exists as ideas, application, concepts, and symbols, but it has no substance. A combination of hardware and software forms a usable computing system. They are input devices, output devices, storage, and processing.…

    • 4770 Words
    • 20 Pages
    Better Essays
  • Good Essays

    Firewalls are network security tools that operate between the connection of an organization’s internal and the…

    • 2268 Words
    • 7 Pages
    Good Essays
  • Better Essays

    network intrusion detection

    • 10618 Words
    • 43 Pages

    compromised zombies. Within the cloud system, especially the Infrastructure-as-a-Service (IaaS) clouds, the detection of zombie…

    • 10618 Words
    • 43 Pages
    Better Essays

Related Topics