Menu

30480030480000University of Business and Technology College of Engineering Information Security SE 541 Fall 2018 Assignment II Student Name

February 11, 2019 0 Comment

30480030480000University of Business and Technology College of Engineering Information Security SE 541 Fall 2018
Assignment II
Student Name: Nayyar FadenID: QB0134
Date: NOVEMBER 27, 2018
Achieved Mark: ___ / 05
Page 1 of 1

Network Security
INTRODUCTION
“Cyberwar is the battlefield of now.” This was the response of Geoff Livingston, the president of Tenacity 5 Media, when he was asked about the future of the internet. He thinks that the battlefields in some countries around the world are real, but there is new kind of battlefields and wars that occur everyday and results a huge loss and damage between individuals and companies. This war called cyberwar. According to some statics published by “The Identity Theft Resource Center,” most of the internet traffic of the world nowadays is done though mobile devices which results new issues for network. Another static shows that half of that internet traffic is done by different automated source like hacking. In 2018, the United States received 1579 reported data breaches. All these statics prove how important network security is. So before we continue, lets know what do we mean by network security. Network is any works, events, or even activates developed and designed to secure and protect the integrity which is safety, availability, and confidentiality which is the private of the network, including information and data of hardware and software. Network security controls and manages the access to the network by stopping and preventing any threat that is trying to access to the network. Network security has several types, some of them are access control, Antivirus software, Web security, Wireless security, Mobile device security, Firewalls, VPN, and IDS. In this essay, I will be focusing on the last three types of network security by defining and explaining them.

FIREWALL
Firewall is a type of network security that watch for getting in network traffic and getting out of network traffic depending on a pack of rules and principles of security, it allows or denies a traffic to be access. Firewall is the very first type of protection in network security for over 20 years in internet. Firewall has different types which are proxy firewall, stateful inspection firewall, unified threat management (UTM), next-generation firewall (NGFW). Let’s explain some of them.

Proxy Firewall
Proxy firewall is an early type of firewall. It exists as a gateway for software from a network to another network. Proxy firewall provide discovering of the content and security by stopping and preventing any connection not with the network or outside the network.

Stateful Inspection Firewall
Stateful inspection firewall check all of the state, port, and protocols to authorize or reject the internet traffic depending on rules and context defined by the master user. It also monitors the activities from the opening port of the connection until it is closed. Firewall has several techniques to prevent harmful information, let’s explain some of them.

Packet Filter
It checks each packet that enters or leaves the network and allow or deny it depending on user rules.

Application Gateway:
Proxy firewall uses this technique as I explained above. It applies security to specific application like FTP.

Circuit-level Gateway
In this technique, packets can access between the hosts without any addition checking only when TCP or UDP connection is made.

Proxy Server
All the messages that entre the network or leave the network will be objection and the true network address will be hidden.

507555561595Personal Computer
0Personal Computer
Hardware Firewall Network Diagram
5084445643255Personal Computer
0Personal Computer
313499560960Hardware-Based Firewall
0Hardware-Based Firewall
2451735408940154051068580DSL Modem
DSL Modem
10801354089405143566040Internet
Internet

Intrusion Detection System (IDS)
Intrusion Detection System is a system that observe and watch for network traffic for suspect activities and issues alerts and notification when an activity is discovered. Even thought the main and primary job of IDS is to report of anomaly detection, some of intrusion detection system take actions like blocking traffic when they found anomalous traffic. On the other hand, even though intrusion detection system work for discovering malicious activities, sometime false alerts occur. For that reason, companies and organization need to adjust their IDS products while installation. Scene we talked about some false alerts, let’s know what the types of IDS alerts are:
True Positive: Traffic is bad, an alert is raised
False Positive: Traffic is good, but an alert is raised.
True Negative: Traffic is good, no alert is raised
False Negative: Traffic is bad, but no alert is raised.

IDS has several types, some of them are:
A network intrusion detection system (NIDS) is deployed inside the network at some points where it can watch for the inbound/outbound traffic to/from all devices of network.

Host intrusion detection systems (HIDS) has the ability to detect bad packets that are inside the organization, or that malicious traffic which NIDS couldn’t detect. HIDS deployed at all computers/devices in the network with direct access to both the internet and internal network.

Signature-based intrusion detection systems watch all the packets in the network and compare them with know malicious threat. This type is very similar to the antivirus applications.

This diagram of IDS is taken form juniper.net
Virtual Private Network (VPN)
VPN is a private connection or a private network over an open network/public network. VPN protects data integrity, availability, and confidentiality by using authentication and encryption. So to redefine the VPN we can say that it is a technology that creates an encrypted connection over a less secure network which is the public internet. The most purpose of using VPN technology is to allow employees or branch offices to access corporate applications to transfer data through secure tunnel. To do that, VPN users use passwords and other identification in order to access to VPN server. There are different types of VPN, which are:
Remote Access VPN: It allows access to internal corporate network over public internet and that reduces the long distance.

Site-to-Site VPN: It allows multiple offices to be connected with each other over public internet and that reduces the dependencies on leased lines.

Extranet VPN: It allows business partner to reach the critical basic data and that reduces the number of transactions.

Client/Server VPN: It protects the sensitive internal communications.

VPN diagram taken from TOZNY.com
Enhancement Security System by using Next-generation firewall (NGFW).

The technique of next-generation firewall combines all of Firewall including packet filtering, URL blocking, IDS, virtual private network VPN, and other functions and features that are not found in traditional firewalls in order to enhance and improve the security of the system. Next- generation firewall is the 3rd generation of firewall technology that implemented in hardware and software to detect and block advanced attacks by applying security polices at port, protocols, and applications. Next- generation firewall is used by most of the companies to prevent and block modern threats like new malwares and layer attacks. There are many benefits of next-generation firewalls, one if the important one is NGFW is able to block malware before entering into a network, which wasn’t possible before.

As we mentioned before that NGFW and traditional firewall has the same purpose of protection organization’s network, but they have some several differences.

One difference is that NGFW inspect a deep packet that goes beyond simple port and protocol. Also. “NGFWs extend the traditional firewall functionality of NAT, PAT and VPN support to operate both in routed mode – when firewall is a router – and transparent mode – when firewall is a bump -.”

REFERENCES
Rouse, Margaret. ” What is Firewall.” TechTarget. Nov 21, 2014. Website. November 24, 2018.

Rouse, Margaret. ” What is intrusion detection system (IDS).” TechTarget. May 25, 2007. Website. November 25, 2018.

Rouse, Margaret. ” What is VPN.” TechTarget. Jul 5, 2016. Website. November 26, 2018.

LEE RAINIE, JANNA ANDERSON AND JENNIFER CONNOLLY. ” Cyber Attacks Likely to Increase.” Pew Research Center. Oct 29, 2014. Website. November 24, 2018.

consoltech. ” Network Security: What it is and Why it’s More Important Than Ever.” consoltech. Sept 12, 2017. Website. November 24, 2018

TABLE OF CONTENTS
INTRODUCTION …………………………………………………………………… PAGE 1
FIREWALL…………………………………………………………………………… PAGE 2
IDS …………………………………………………………………………….……… PAGE 4
VPN …………………………………………………………………………….………… PAGE 5
Next-generation firewall (NGFW)……………………………………………………… PAGE 6
REFERENCES ……………………………………………………………………….… PAGE 7