Premium Essay

Perimeter Defense Research Paper

Submitted By
Words 521
Pages 3
Mr. Cameron, Sir, I would be happy to discuss our perimeter defenses.

When defining the perimeter we must first ask, are we discussing a physical or a logical (computer) layer of defense? When you observed the guards, fences, and TV cameras, you were observing the physical perimeter defenses. When your colleague mentioned his network perimeter, he was referring to the defenses established to protect your information technology systems (networks, computers, data storage devices, and information). Network defenses include a variety of both hardware and software resources that mimic the function of guards, fences, and TV cameras, but focus on the protection of computer systems and information. What follows is not an all-inclusive list of network defenses, however, they are some of the more common examples that support information security.

Like traffic cops, routers direct electronic media traffic in and out of our networks. A router is typically the first and last line of defense as it is commonly on the outskirts of the network defense perimeter.

Picking up where the router left off, a firewall operates on a specified set of rules which determine what is allowed to pass. The different types of firewalls include: (a) static packet filters, (b) stateful firewalls, and (c) proxies. Firewalls do not necessarily know what legitimate traffic …show more content…
There are two basic types of IDS: (a) host-based, and (b) network-based. Host-based IDS reside in and monitor resources such as employee computers. These are typically designed to identify users conducting unauthorized activities but can also be used to detect threats that have managed to breach the other defenses. A network-based IDS monitor the network traffic and are often connected in close proximity to the

Similar Documents

Free Essay

Wireless

...Coursework Assignment Title: Perimeter Network Security System Outline Requirements The University is based in Glasgow, and provides higher education services to its students and staff. It is located on a single campus called Campus A. Students and staff use the network services from hosts on various different user networks, as shown in Figure 1 . Due to an increasing number of security violations, a possible redesign of the network infrastructure is to be investigated. You have been hired as a consultant to propose security enhancements, and produce a report. The aim of the exercise is to present a possible solution to the problem at hand by creating a prototype of the new network security infrastructure. This new design should tackle the following components:  Provide best practice network egress and ingress filtering at the network perimeter.  Create a perimeter firewall, with an appropriate topology to provide the organisations services, including public web, and mail servers. The firewall should have a closed security stance, and provide public services in a secure way.  Provide secure access to all devices, from the security management subnet. Additionally, research should be carried out into increasingly common Advanced Persistent Threats (APT), and ways to defend against these using network defenses. This part of the coursework will be research only and be confined to a part of the Research Section. You will be required...

Words: 607 - Pages: 3

Free Essay

Deploying Application Firewall in Defense in Depth Principle

...Deploying Application Firewall in Defense in Depth Principle Abstract Information security should be a priority for businesses, especially when they are increasingly involved in electronic commerce. With the understanding that securing an operating system successfully requires taking a systematic and comprehensive approach, security practitioners have recommended a layered approach called defense-in-depth. The cost and complexity of deploying multiple security technologies has prevented many organizations from achieving their information security goal. In view of these constraints and in compliance with recent with recent corporate and industry regulations like Sarbanes-Oxley Act and Payment Card Industry Data Security Standard, businesses now deploy application firewalls as security measures. Based on the foregoing, the author has recommended the use of application firewalls as a single platform for achieving layered security through network protection, application protection and data protection. This paper commences by examining the defense in depth theory and the types of application firewall and the author concludes by citing the Institute for Computing Applications (IAC) of the Italian National Research Council (CNR) as an example of an organization which engaged application firewalls in resolving its network security problem. Research Analysis/ Body The development of Information security is of paramount importance to organizations that have online presence...

Words: 1701 - Pages: 7

Premium Essay

Artificial Intelligence in Cyber Defense

...granted providing that copies bear this notice and a full citation on the first page. Any other reproduction or transmission requires prior written permission.   Artificial Intelligence in Cyber Defense Enn Tyugu R&D Branch Cooperative Cyber Defense Center of Excellence (CCD COE) and Estonian Academy of Sciences Tallinn, Estonia tyugu@ieee.org Abstract- The speed of processes and the amount of data to be used in defending the cyber space cannot be handled by humans without considerable automation. However, it is difficult to develop software with conventional fixed algorithms (hard-wired logic on decision making level) for effectively defending against the dynamically evolving attacks in networks. This situation can be handled by applying methods of artificial intelligence that provide flexibility and learning capability to software. This paper presents a brief survey of artificial intelligence applications in cyber defense (CD), and analyzes the prospects of enhancing the cyber defense capabilities by means of increasing the intelligence of the defense systems. After surveying the papers available about artificial intelligence applications in CD, we can conclude that useful applications already exist. They belong, first of all, to applications of artificial neural nets in perimeter defense and some other CD areas. From the other side – it has become obvious that many CD problems can be solved successfully only when methods of artificial intelligence are being used. For example,...

Words: 4861 - Pages: 20

Premium Essay

Test

...an Enterprise Setting Daniel Joel Clark A Capstone Presented to the Information Technology College Faculty of Western Governors University in Partial Fulfillment of the Requirements for the Degree Master of Science in Information Security Assurance January 9, 2014 1 SECURING WI-FI ROGUE ACESS WITHIN AN ENTERPRISE SETTING 2 A1 - Abstract Since 1999 wireless devices have become a necessity in enterprises. While increasing convenience, connectivity, and productivity, they also pose an unprecedented threat to network security guarding, which has literally taken to the airwaves. This paper will deal with vulnerabilities and risks regarding access points (APs) in a wireless network (WLAN) connecting to a wired local area network (LAN) in enterprises. Data for this paper will come from published academic papers, industry publications including white papers and surveys, and industry specialists. It will also include definitions of terms, policy and procedures that affect access points, and current practices regarding rogue APs. A case study will be presented for a fictional enterprise with multiple locations that has standard procedures, policies, and protocols in place, but recent events have questioned their ability to control access points with the discovery of rogue devices hidden in several office locations. Industry warnings about access points span the past thirteen years, and still new articles appear saying similar warnings, with only the solutions...

Words: 18577 - Pages: 75

Premium Essay

Network Security

...together”. An attack is defined as “an aggressive and violent act against a person or place”. Lastly, security is defined as “the state of being free from danger or threat”. Since the beginning of networking there have been users out there with malicious intent to either gain information or disrupt it. Technicians may not be able to stop the initiation of attack but there are certainly tools and techniques to fight back. This paper will discuss the protocol layers of networking, the associated threats and applicable solutions. This research paper will include an analysis of networking and examples of attacks. While not all solutions will be touched upon, this paper will give you a basic understanding of the way forward. Many references sited in my research are scholarly, peer reviewed journals and are considered experts in their field of Information Technology Technology is the basis of many operations in society today. While technological advances have made numerous processes easier and faster, it has also introduced an equal number of negative practices. This paper will discuss the theoretical model of networking which breaks up the data transmission process into multiple layers. We will first take a look at the original networking model and its functions compared to the newer model. Next we will take a look at vulnerabilities that are susceptible to attacks within each layer. Finally we will take a look at possible solutions to thwart malicious activity. Before we begin, let’s...

Words: 3311 - Pages: 14

Premium Essay

Introduction to Security

...Security………..………........................................................................vi Emergency and Response Planning...............................................................................................vii OSHA Standards and Violaton….…………………………………………….……………..….xiii Hiring Practices……………...….…………………………………………….……………..….xiii Legal Issues…..……………...….…………………………………………….……………..……ix Conclusion……………...….…………………………………………….……………..………...ix References…………………………………………………………………….……………..…….x Introduction The purpose of this paper is to design a security plan for the Maryland Public Safety Education and Training Center (MPSETC) that, at a minimum, identifies the facility assets requiring protection, the criticality of those assets, the various threats directed at the assets and the probability of loss. Through my research, I will identify various problems and offer possible solutions to those listed issues. Facility Overview The MPSETC is currently located in Sykesville, Maryland. It is operated under the Maryland Police and Correctional Training (MPCT) commission, which is a division of the...

Words: 3218 - Pages: 13

Premium Essay

Maritime Terrorism in Southeast Asia

...CREATE Research Archive Non-published Research Reports 2007 A Brief Analysis of Threats and Vulnerabilities in the Maritime Domain Niyazi Onur Bakir CREATE, nbakir@usc.edu Follow this and additional works at: http://research.create.usc.edu/nonpublished_reports Recommended Citation Bakir, Niyazi Onur, "A Brief Analysis of Threats and Vulnerabilities in the Maritime Domain" (2007). Non-published Research Reports. Paper 5. http://research.create.usc.edu/nonpublished_reports/5 This Article is brought to you for free and open access by CREATE Research Archive. It has been accepted for inclusion in Non-published Research Reports by an authorized administrator of CREATE Research Archive. For more information, please contact gribben@usc.edu. A BRIEF ANALYSIS OF THREATS AND VULNERABILITIES IN THE MARITIME DOMAIN1 N.O. BAKIR University of Southern California, Center for Risk and Economic Analysis of Terrorism Events (CREATE) 3710 McClintock Avenue, RTH 322, Los Angeles, CA 90089-2902 USA Abstract The attacks of September 11 have exposed the vulnerability of the American homeland against terrorism. Terrorists have already expressed their intentions to continue their aggression towards United States. Their goal is to incur maximum economic damage, inflict mass casualty, spread unprecedented fear among citizens and thus destabilize the nation to further their agenda. Many critical sites lay across US maritime borders, all of which could be potential targets to accomplish these goals...

Words: 14868 - Pages: 60

Free Essay

Evaluating the Security of Computer Networks

...Evaluating the Security of Computer Networks Security in Systems Architecture and Applications SE579 2 Table of Contents Evaluating the Security of Computer Networks I. Vulnerabilities A. Design Flaws B. Poor Security Management C. Incorrect Implementation II. Firewalls A. Packet Filtering B. Circuit Level Gateway Proxy Server C. Application Gateway III. Antivirus A. Scans IV. Intrusion Detection Systems V. Disadvantages VI. Conclusion 3 One of the major computing challenges in today’s economy is the lack of adequate security over the information computer networks, and internet applications in which business, government, and economy depend on. Businesses have become more dependent on information. The gathering, organizing, managing, finding, and analyzing of information are crucial to businesses. Computer viruses created by hackers cost businesses $55 billion in 2003. In 2011, a single instance of hacking on the Play Station cost Sony more than $170 million, while Google lost $500,000 due to hacking in 2005.(Coyne) 2003 Single instances of hacking may cost as much as $600,000 to $7m a day for...

Words: 2281 - Pages: 10

Free Essay

Rootkit Technology Analysis

...Table of Contents CHAPTER 1 …………………………………………………………………….. 4 INTRODUCTION………..……………………………………………………….4Aim & Objective of Research …………………………………………………..4 Research Questions …………………………………………………………….5 Hypothesis ………………………………………………………………………..5 CHAPTER 2 ……………………………………………………………………...6 LITERATURE REVIEW …………………………………………………………6 Overview of Rootkit Technology ……………………………………………….6 How a Rootkit Functions ….……………………………………………………6 Functionality Approaches of Rootkit ……………………………….…………..7 Types of Rootkit ………………………………………………………………….8 CHAPTER 3 …………………………………………………………………….11 DISCUSSION ………………………………………………………………….11 Rootkit Detection & Prevention ……………………………………………….11 Rootkit Prevention & Removal Approaches …………………………………12 Rootkit Detection & Prevention Tools ………………………………………..13 CHAPTER 4 …………………………………………………………………….14 CONCLUSION……………………………………………………………..……14 CHAPTER 5 ………………………………………………………….…………15 REFERENCES …………………………………………………………………15 EXECUTIVE SUMMARY This research paper is divided into 5 main chapters like introduction, literature review, discussion, conclusion and references. The major points of this detailed research are summarized as below. * Rootkit technologies cause severe security attacks in today’s cyber world. This research discusses the significance of effective security strategies that should be formulated against security attacks. * Detailed analysis of rootkit technologies and functionalities are done. Different rootkit types, attack...

Words: 2465 - Pages: 10

Free Essay

North Korea War

...Korean War Korean War The Korean War (25 June 1950 - armistice signed 27 July 1953[1] ) was a military conflict between the Republic of Korea, supported by the United Nations, and the Democratic People's Republic of Korea, supported by the People's Republic of China (PRC), with military material aid from the Soviet Union. The war was a result of the physical division of Korea by an agreement of the victorious Allies at the conclusion of the Pacific War at the end of World War II. The Korean peninsula was ruled by Japan from 1910 until the end of World War II. Following the surrender of Japan in 1945, American administrators divided the peninsula along the 38th Parallel, with United States troops occupying the southern part and Soviet troops occupying the northern part.[2] The failure to hold free elections throughout the Korean Peninsula in 1948 deepened the division between the two sides, and the North established a Communist government. The 38th Parallel increasingly became a political border between the two Koreas. Although reunification negotiations continued in the months preceding the war, tension intensified. Cross-border skirmishes and raids at the 38th Parallel persisted. The situation escalated into open warfare when North Korean forces invaded South Korea on 25 June 1950.[3] It was the first significant armed conflict of the Cold War.[4] The United Nations, particularly the United States, came to the aid of South Korea in repelling the invasion. A...

Words: 23177 - Pages: 93

Premium Essay

The Rookie Chief Information Security Officer

...WEEK 10 TERM PAPER “The Rookie Chief Information Security Officer” Terri Cooks Professor Parker SEC 402 June 15, 2014 Part 1: Organization Chart When looking at the many different roles within the management of any organization’s security program there are some titles that stand out. One would be the CISO. The CISO is the executive whose responsibility is to maintain entire security backbone, both physical and digital. In an article written for the Sans Institute by Matthew Cho, “CISO Roles and Responsibilities: According to the latest information, almost sixty percent of the organizations in the United States acknowledge the existence of a CISO dedicated entirely to security (Ware). Responsibilities for these individuals include ensuring proper protection for all physical and technical aspects of the organization. Technical aspects ranging from securing communications, applications, and business systems to performing risk assessments of IT assets exposed to outsiders on the Internet. Physical aspects including non-electronic factors such as physical site access as well as drafting policies and procedures for secure daily operations. Along with overseeing the organization’s physical and technical security implementation, CISOs are also responsible for security management activities. These activities may include training others for security awareness, purchasing security products, planning for and managing disaster recovery, developing secure business and communication...

Words: 4742 - Pages: 19

Premium Essay

Csec Individual Assignment

...CSEC 610, University of Maryland University College July 12, 2014 Cybersecurity Vulnerabilities Facing IT Managers Cybersecurity Vulnerabilities Facing IT Managers Table of Contents Introduction ………………………………………………………………………………………………………………… 3 Types of Vulnerabilities ………………………………………………………………………………………………. 5 Important Vulnerability, Impact & Solutions ……………………………………………………………….. 8 References …………………………………………………………………………………………………………………… 12 Cyber-security demands are ever increasing in the field of Information Technology with the globalization of the internet. Disruptions due to cyber-attacks are affecting the economy, costing companies billions of dollars each year in lost revenue. To counter this problem corporations are spending more and more on infrastructure and investing to secure the cyber security vulnerabilities which range anywhere from software to hardware to networks and people that use them. Due to the complexity of information systems that interact with each other and their counter parts, the requirement to meet specific cyber security compliances have become a challenging issues for security professionals worldwide. To help with these issues, security professionals have created different standards and frameworks over the years for addressing this growing concern of vulnerabilities within enterprise systems and the critical information they hold (“Critical Security Controls,” n.d.). Before we get into the details let first examine what exactly...

Words: 2784 - Pages: 12

Premium Essay

Network Security

...Network Security Clint Tipps September 21, 2014 ISSC340/ APUS Prof. Bryan Jensen Abstract This paper will cover several aspects of network security. Numerous different aspects of wired and wireless network security, including protocols applied to secure a network, penetration testing, digital forensics, and network hardening will be covered. There are numerous methods for providing security to a network, and even more to gain access to one. The challenge is to be one step ahead of anyone who may wish to penetrate the network. For this reason, many owners of large networks perform penetration testing in order to identify potential holes in their network. If malicious activity is detected, using digital forensics can help identify where the attack came from. This would, in turn, lead to a network engineer to harden the network against the identified threat. Network Security Over the last decade, computer systems have increased in speed and capacity while decreasing in price. Computers that where once used in corporate environments are now less powerful than a typical household computer. While this sea change occurred, network communications have grown and improved, to allow computers to communicate easily from remote locations, adding vast opportunities for illegal activities. Data can maliciously be changed or destroyed, systems can be made to malfunction and long distance charges can be avoided. One of the biggest challenges today is to control the security of the...

Words: 3488 - Pages: 14

Premium Essay

2012 Us Cost of Cyber Crime Study Final6

...Publication Date: October 2012 Ponemon Institute© Research Report 2012 Cost of Cyber Crime Study: United States Benchmark Study of U.S. Companies Ponemon Institute October 2012 Part 1. Executive Summary We are pleased to present the 2012 Cost of Cyber Crime Study: United States, which is the third annual study of US companies. Sponsored by HP Enterprise Security, this year’s study is based on a representative sample of 56 organizations in various industry sectors. While our research focused on organizations located in the United States, many are multinational corporations. For the first time, Ponemon Institute conducted cyber crime cost studies for companies in the United Kingdom, Germany, Australia and Japan. The findings from this research are presented in separate reports. Cyber attacks generally refer to criminal activity conducted via the Internet. These attacks can include stealing an organization’s intellectual property, confiscating online bank accounts, creating and distributing viruses on other computers, posting confidential business information on the Internet and disrupting a country’s critical national infrastructure. Consistent with the previous two studies, the loss or misuse of information is the most significant consequence of a cyber attack. Based on these findings, organizations need to be more vigilant in protecting their most sensitive and confidential information. Key takeaways from this research include:  Cyber crimes continue to be...

Words: 9057 - Pages: 37

Premium Essay

Cyber Security and Its Challenges to Society

...------------------------------------------------- Cyber security and its challenges to society Final Project Report Group Members Abdul Majid Qayyum Umair Arshad Hasnat Ahmed Gulraiz Shabbir Contents Introduction: 3 Why is cyber security important? 4 The Impact of Cyber Security 5 The Cultural Impact 5 The Official Impact 5 The Solution Impact 5 Defining Cyber Security 6 Technology & Modern Life 6 What is Cyberspace? 6 What is Cyber Warfare? 6 Cyber is not Hype 7 What Cyber Security Isn’t 7 Cyber-crime 8 Types of Cyber-crimes 8 Hacking: 8 Theft: 8 Cyber Stalking: 9 Identity Theft: 9 Malicious Software: 9 Child soliciting and Abuse: 9 Cyber Bullying 10 Causes of Cyber-crime 10 History of Cyber-crime 10 Cyber-crime in Modern Society 11 Categories of Cyber-crime 11 Individual: 12 Property: 12 Government: 12 How to Tackle Cyber-crime 12 RECENT SURVEY ISSUES ON CYBER SECURITY TRENDS 14 Mobile Devices and Apps 14 Social Media Networking 14 Cloud Computing 14 Protect systems rather Information 15 New Platforms and Devices 15 Everything Physical can be Digital 15 Survey Questions 16 Conclusion 16 Cyber Security and its Challenges to Society Introduction: Over the past several years, experts and policy makers have expressed increasing concerns about protecting internet from cyber-attacks—deliberate attempts by unauthorized persons to access. Many experts expect the number and severity of cyber-attacks to increase over the next several years...

Words: 3707 - Pages: 15