© 2000, Cisco Systems, Inc. CSPFF Chapter 1 Network Security and the Cisco Secure PIX Firewall

© 2000, Cisco Systems, Inc. CSPFF Objectives Upon completion of this chapter, you will be able to perform the following tasks: State the reasons for securing computer networks. Define computer hacking and describe the four primary threats associated with that activity. Define the four primary types of threats against network security. Describe the three primary methods of attack against todays computer networks. Describe the purpose of the Security Wheel.

© 2000, Cisco Systems, Inc. CSPFF Network Security

© 2000, Cisco Systems, Inc. CSPFF Network Security Is Essential Network security is essential because the Internet has made networked computers accessible and vulnerable.

© 2000, Cisco Systems, Inc. CSPFF Network Security Threats There are four primary threats to network security: Unstructured threats Structured threats External threats Internal threats

© 2000, Cisco Systems, Inc. CSPFF Three Primary Network Attacks There are three types of network attacks: Reconnaissance attacks Access attacks Denial of service attacks

© 2000, Cisco Systems, Inc. CSPFF Network Security as a Continuous Process Network security is a continuous process built around a security policy. Step 1: Secure Step 2: Monitor Step 3: Test Step 4: Improve Secure Monitor Test Improve Security Policy

© 2000, Cisco Systems, Inc. CSPFF Secure Monitor Test Improve Security Policy Secure the Network Implement security solutions to stop or prevent unauthorized access or activities, and to protect information. Authentication Encryption Firewalls Vulnerability Patching

© 2000, Cisco Systems, Inc. CSPFF Secure Monitor Test Improve Security Policy Monitor Security Detects violations to the security policy Involves system auditing and real-time intrusion detection Validates the security implementation in Step 1

© 2000, Cisco Systems, Inc. CSPFF Secure Monitor Test Improve Security Policy Test Security Validates effectiveness of the security policy through system auditing and vulnerability scanning

© 2000, Cisco Systems, Inc. CSPFF Secure Monitor Test Improve Security Policy Improve Security Use information from the monitor and test phases to make improvements to the security implementation. Adjust the security policy as security vulnerabilities and risks are identified.

© 2000, Cisco Systems, Inc. CSPFF Summary

© 2000, Cisco Systems, Inc. CSPFF Summary Network security is essential because networked computers are accessible and vulnerable from any computer in the world. There are four primary threats to network security: unstructured threats, structured threats, external threats, and internal threats. There are three types of network attacks: reconnaissance attacks, access attacks, and denial of service attacks. The Security Wheel is the graphical representation of security as a continuous process.

© 2000, Cisco Systems, Inc. CSPFF Review Questions

© 2000, Cisco Systems, Inc. CSPFF Review Questions Q1) Why is there a need for network security? Q2) Why should network security be a continuous process? Q3) Define the term hacking. Q4) Name and describe the three primary types of network attacks. Q5) Name the four steps of the Security Wheel.