Guide to Operating System Security Chapter 7 Physical
- Slides: 47
Guide to Operating System Security Chapter 7 Physical and Network Topology Security
Objectives l l Explain physical security methods for workstations, servers, and network devices Implement a network topology for security Explain network communications media in relation to security Use structured network design for security Guide to Operating System Security 2
Physical Security l l Limiting physical access Location of equipment Construction quality Devices to protect Workstations u Servers u Network devices and communications media u Guide to Operating System Security 3
Workstation Security l l l Password protect user accounts Configure screen saver with a password Log off or turn off computers when not in use Lock office doors Keep ventilation holes unobstructed Keep liquids away from computer Guide to Operating System Security 4
Workstation Security Guide to Operating System Security 5
Server Security (Continued) l l l Centralized versus decentralized considerations Environmentally controlled computer room Strong access controls Cipher locks on locked doors Power regulation devices Guide to Operating System Security 6
Server Security (Continued) l l Motion sensors Camera-monitored entrances and equipment Fire detection and suppression equipment Screen savers for servers Guide to Operating System Security 7
Configuring Screen Savers l Windows Server u l Red Hat Linux 9. x u l Use screen saver options with passwords for servers Lock a screen using screen saver Net. Ware SCRSAVER command at the console u SECURE CONSOLE command u Guide to Operating System Security 8
Configuring a Net. Ware Screen Saver (Continued) Guide to Operating System Security 9
Configuring a Net. Ware Screen Saver Guide to Operating System Security 10
Network Devices l l l Access servers Bridges Chassis hubs Firewalls Hubs Multiplexers Guide to Operating System Security l l l Repeaters Routers Switches Transceivers UPS 11
Securing Network Devices l Place central wiring and network devices in wiring closets that follow EIA/TIA-569 standards Telecommunications room u Main cross-connect u Intermediate cross-connect u l Locate wiring closets away from sources of EMI and RFI Guide to Operating System Security 12
Designing a Network Topology for Security l Main network topologies Bus u Ring u Star u Bus-star u Guide to Operating System Security 13
Bus Topology l l l Cable runs from one computer to the next, like a chain Terminators connect to each bus cable segment Disadvantages Easily compromised by removing a terminator u Easy for unauthorized person to tap into cable segment u Guide to Operating System Security 14
Bus Topology Guide to Operating System Security 15
Ring Topology l l l Continuous path for data; no logical beginning or ending point; no terminators Easier to manage, more reliable, and more secure than the bus More expensive than the bus Guide to Operating System Security 16
Ring Topology Guide to Operating System Security 17
Star Topology l l Multiple stations attached to central hub or switch Allows you to emphasize security, efficiency, and reliability Guide to Operating System Security 18
Star Topology Guide to Operating System Security 19
Star Topology l Advantages Wide variety of equipment available u Unauthorized taps are difficult u Easier to manage than the bus u Expansion options u l Disadvantages Hub or switch is single point of failure u Requires more cable than bus u Guide to Operating System Security 20
Logical Bus Networks in a Physical Star Layout l l Most common topology Advantages No exposed terminators to pose security risk u Expansion capabilities u Guide to Operating System Security 21
Communications Media and Network Security l l Coaxial cable Twisted-pair cable Fiber-optic cable Wireless technologies Guide to Operating System Security 22
Coaxial Cable l l l Copper wire construction Thick and thin varieties Suitability Older LANs u LANs with strong sources of signal interference u Guide to Operating System Security 23
Thick Coaxial Cable Guide to Operating System Security 24
Thin Coaxial Cable (Thinnet) Guide to Operating System Security 25
Twisted-Pair Cable l l l Copper wire construction Shielded twisted-pair (STP) and unshielded twisted-pair (UTP) Most commonly used cabling Guide to Operating System Security 26
Twisted-Pair Cable Guide to Operating System Security 27
Fiber-Optic Cable l l l Glass (usually) or plastic cable Single mode and multimode Suitability High-speed LAN and WAN access u To connect networks between different locations u In situations with significant electrical interference u Where security is a concern u Guide to Operating System Security 28
Fiber-Optic Cable Guide to Operating System Security 29
Wireless Technologies l l Radio, infrared, or microwave Suitability Difficult or too expensive to use cable u When flexibility to move network hosts and devices is required u Guide to Operating System Security 30
Comparing Cable Types Guide to Operating System Security 31
Using Structured Design l l l Follow accepted guidelines for cable installation Deploy structured wiring design Implement structured network design Guide to Operating System Security 32
Guidelines for Cable Installation (Continued) l l l Meet or exceed maximum bandwidth requirements Category 5 or better UTP cable Multimode fiber-optic riser cable between floors IEEE specifications Single-mode fiber-optic cable for long runs Guide to Operating System Security 33
Guidelines for Cable Installation (Continued) l l l Wireless options where needed Star-based cable plants High-quality cable Building codes (eg, plenum cable) Do not exceed tension limits of twisted-pair cable Guide to Operating System Security 34
Guidelines for Cable Installation (Continued) l l l Follow rules for cable bend radius Extra cable at endpoints Qualified contractor Label all cable Ground cable plants (EIA/TIA-607 standard) Guide to Operating System Security 35
Structured Wiring Requirements l l Flexible cabling Wiring stations into a physical star Adherence to EIA/TIA-568 -A/EIA-TIA-568 -B standards for horizontal wiring Centralizing cable plant in chassis hubs or switches Guide to Operating System Security continued… 36
Structured Wiring Requirements l l l Intelligence built into chassis hubs and switches to detect problems at stations Ability to isolate hosts and servers on their own cable segments Ability to provide high-speed links to hosts and servers and other network devices Guide to Operating System Security 37
Structured Wiring Design Guide to Operating System Security 38
Structured Network Design l Solid horizontal and vertical wiring design enables: Centralizing a network at strategic points u Customization for security and efficiency u Linking together by a fast backbone u Guide to Operating System Security 39
Structured Network for Centralized Management Figure 7 -10 Structured network for centralized management Guide to Operating System Security 40
Vertical Wiring Principles l l Extended star topology between devices High-speed cable to reduce congestion u not susceptible to EMI and RFI EIA/TIA-568 -A/EIA-TIA-568 -B standards for vertical or backbone cabling Riser-rated cable for cable runs through cable ports or vertical shafts Fire-stop material to cover cable between floors u l l l Guide to Operating System Security 41
Centralized Management l l Central points are established for critical network functions Simple Network Management Protocol (SNMP) u l l Community name Network management station (NMS) Network agents Guide to Operating System Security 42
Using Virtual LANs l l Can be used as a central management tool Potential problems Improper configuration exposes network to security risks u Trunks are vulnerable to attacks u Guide to Operating System Security 43
Using Network Redundancy for Security l Vital network areas remain running even if equipment fails or an attack occurs Guide to Operating System Security 44
Designing for Redundancy Figure 7 -11 Designing for redundancy Guide to Operating System Security 45
Building Multiple Redundant Pathways Figure 7 -12 Building multiple redundant pathways Guide to Operating System Security 46
Summary l l How to physically secure workstations and servers How network topologies can be used to enhance security Which network media offer the best security How to combine network topology and media in a structured wiring and networking design for efficiency and security Guide to Operating System Security 47
Security guide to network security fundamentals
Security guide to network security fundamentals
Security guide to network security fundamentals
Privat security
Security and protection in operating system
Security and protection in operating system
Security and protection in operating system
Operating system security trent jaeger
Protection and security in operating system
Linux operating system security features
Operating system security
Operating system security
Operating system security
Operating system security problems
Operating system security features
Operating system security features
Buddy system example
File system in operating system
File system in operating system
File system in operating system
Types of network os
Operating system history
Chapter 4 operating system
Operating system concepts chapter 8 solutions
Operating system concepts chapter 5 solutions
Operating system concepts chapter 5 solutions
Concurrency vs parallelism in os
Operating system chapter 2
Operating system chapter 1
Operating system chapter 3
Operating system chapter 3
System security in system analysis and design
Study guide chapter 35 section 1 the digestive system
Earth moon
Cisco router assessment tool
Nist sp 800-55
Computer security incident handling guide
Cissp guide to security essentials
Cissp guide to security essentials
Osi security services
Wireless security in cryptography and network security
Visa international security model
Electronic mail security in network security
Information security
Electronic commerce security
Software security building security in
Noah carried a skateboard
Physical science eoc study guide
