Network Security: Firewalls, IPS/IDS, and Client Access, Summaries of Network Design

Download Network Security: Firewalls, IPS/IDS, and Client Access and more Summaries Network Design in PDF only on Docsity!

Designing Network Security

F I R E W A L L S , I P S / I D S , A N D C L I E N T A C C E S S

Types of Security

• (^) If someone has physical access, they can bring you down Physical Security
• (^) There are safeguards like secure boot-config and secure boot-image
• (^) 802.1x implemented in a wired network authenticates a device before allowing access to the port Client Access Security
• (^) WPA2 is the modern wireless security measure, soon to be superseded
• (^) Stateful firewalls are ubiquitous, allowing a trusted network to access untrusted Network Security
• (^) Intrusion prevention and detection devices are highly recommended

Security Contexts

• (^) Much like a virtual machine, but virtual firewalls
  • (^) Allows for assigning an interface or sub-interface to a context
• (^) Commonly used in FWSMs where there are many possible interfaces
• (^) Allow for flexible firewall placement due to ability to have many firewalls

Firewall Placement

• (^) Firewalls can be placed just about anywhere, the key is managing them
• (^) Most commonly a WAN router is placed outside the firewall
• (^) Should be placed between security zones within your org

IPS / IDS Placement

• (^) IDS monitors but takes no action, so no need to place in-line
  • (^) Generally placed on a SPAN port to receive all traffic from a port/VLAN
• (^) IPS placed in-line, after firewall
• (^) To only inspect filtered traffic

Q&A Which option can use deep-packet inspection to determine the specific nature of an attack? A. Stateful firewall B. Network IPS C. Syslog server D. Netflow collector