Library items tagged: security

Anonymous
The degree of security of a system is largely governed by the quality of the authentication procedures that are employed. Authentication may be defined as the process by which proof of identity or of integrity is established in response to some form of challenge. This chapter examines authentication methodologies based on asymmetric algorithms and their application to VPNs.
Anonymous
Cryptography is one of the essential technologies used in building a secure VPN. Different applications of the same basic algorithms can provide both encryption that keeps data secret and authentication that ensures the two security peers in a VPN are who they claim to be. This chapter introduces some basic concepts in cryptography and demonstrates how they can be used in practice to provide data confidentiality. The next chapter continues this theme with a discussion of mutual authentication using cryptographic algorithms.
Anonymous
A number of diverse computing topics contribute to the subject of VPNs and this can make the subject appear daunting to a newcomer. This section seeks to provide a roadmap for readers interested in implementing a straightforward IPSec or SLL VPN with minimal background reading. A discussion of the practicalities of implementing an IPSec VPN using Windows® and Cisco® routers is provided in Section 7 along with some examples. SSL VPNs are covered in more detail in Section 8 followed by a configuration guide in Section 9.
Anonymous
Testing Before any system is introduced into the production environment, it must undergo a period of testing and evaluation. This is usually done in a test environment away from the production infrastructure.
Anonymous
There are a number of issues that need to be considered before a new firewall is deployed or an existing one replaced on an organisation’s network. Requirements Analysis Defining a requirements specification will allow a successful evaluation of the various solutions available. There are many different elements involved in a firewall solution and the balance which needs to be achieved between these will differ significantly between organisations.
Anonymous
Overview Cisco offers the PIX firewall solution, acquired from Network Translation in 1995, along with the original Centri firewall which ran on the Windows NT® operating system. The Cisco PIX, however, runs its own proprietary system called PIX OS, currently at version 7. The PIX is a packet filtering firewall with stateful inspection, and there are several DPI features in the newer versions which enhance the rules that can be created.
Anonymous
SmoothWall and IPCop For some time, projects have been running to establish dedicated appliances based upon Linux, such as firewalls and web caches. These projects provide a pre-configured tool specific to one task which is easy to implement and configure.
Anonymous
Why use UNIX/Linux? Firstly, unless a network administrator is familiar with the UNIX/Linux platform, then it is not recommended that a UNIX/Linux firewall is implemented. It will be easier to maintain a secure system if the administrator has skills in maintaining the underlying operating system. UNIX/Linux systems typically rely on a CLI more than a GUI, making navigating the system more difficult for the first time user.
Anonymous
Good Practice All firewalls work on the premise of rules configured to implement the site security policy. Rules are so critical to the operation of the firewall that it is vital they are fully understood before a firewall implementation is deployed.
Anonymous
Design The perimeter of an organisation’s LAN is the obvious place to locate its security protection. However, the perimeter has moved: no longer is there just one ingress to a LAN, but many points of access. Wireless networks, modems, secondary Internet connections and the migration of laptops between networks mean the boundary is constantly moving.