Cyber Security
Trust and Identity Management, responsible for security of critical assets
Threat Defence, respond to problems caused by security outbreaks
Physical Security
Potential security breaches should be evaluated.
Asses the potential impact of stolen netwokr resources and equipments
Secure Connectivity, ensures privacy and confidentiality
Properties of a Self Defending Network
Network Availability: remain active when under attack
Ubiquitous Access: provide secure access from any location
Admission Control: authenticate all users, devices and their posture
Application Intelligence: extend application visibility controls into the network
Day-Zero Protection: ensure endpoints are immune to new threats
Infection Containment: rapidly identify & contain virulent attacks
Network Monitoring:
- Syslog maintans a lot of data, feature of Cisco IOS
- Simple Network Management Protocol (SNMP) Cisco IOS feature for network management
Monitoring Analysis Response System (MARS) provides security monitoring for networks and hosts
- Netflow provides packet level stats
- Cisco Traffic Anomaly Detector Module - detects high speed DoS attacks
- Firewall and IDS - IPS Sensor Application, Adaptive Security Appliance (ASA) and Cisco Security Agent (CSA)
Key Components and Necessary Behaviours
- 100% Network Up Time. Keep functioning in the presence of viruses and related infections.
- Network Admission Control (NAC) program. NAC allows customers to determine what level of network access to grant to an endpoint based on its security posture
- Infection Containment as a third-order dampener to the virus and worm propagation effect.
- Adaptive Threat Defense (ATD) capabilities, which enhances the ability of a network to respond to threats based on a new set of Anti-X technologies.
- Network Intrusion Detection Systems (NIDS), integrate NIDS into its router and switching platforms and transforms aspects of into an intrusion prevention system (IPS) with inline filtering capabilities.
- Beyond endpoints, apply to points of presence (POPs) in the network (firewalls, network intrusion detection systems -NIDS, routers, switches, and hosts) with context while learning the L2 and L3 network topology.
Summary of Cisco Threat Detection Technologies
IPS Sensor Application
Adaptive Security Appliance (ASA)
Cisco Security Agent (CSA)
Cisco PIX Firewall
FWSM Catalyst 6500 Firewall Services Module
IOS Firewall (feature of Cisco IOS)
IPS (feature of Cisco IOS)
Movies on Network Security
War Game (script kiddies break into the Pentagon computers)
Hackers (Angelina Jolie, 1995. Hacking, dial-up modems, social engineering, dumpster diving)
The Net (not so much hacker movie, but privacy issues online)
Mission Impossible 4: Ghost Protocol (breaking network security and halting a nuclear disaster)
No comments:
Post a Comment