Proteccion de redes lan y wan
Network Backbone Threats 1
• Backbone carries all inter-LAN traffic • Confidentiality
– All data could be eavesdropped
• Integrity
– Any errors could affect all the networktraffic
• Availability
– Loss of backbone means that workgroups would be unable to communicate with each other
Network Backbone Threats 2
• Overview of Threats
– Point of interconnection betweenworkgroup and backbone is a sensitive area – From security viewpoint it:
• Provides a point of access to the backbone • Provides a point of access to all the data associated with a workgroup • Damageat this point could affect both the workgroup and the backbone
1
06/06/2010
LAN Safeguards - 1
• Partitioning
– With a building network there will be different types of information beingprocessed – Some types of data will require extra protection e.g.
• • • • Finance Personnel / Human Resources Internal Audit Divisional heads
– Two situations where extra controls are needed
•Physically separate group or team • Widely distributed group of staff
LAN Safeguards - 2
• Partitioning
– Network configured so that:
• Group workstations cabled to their own switch • Switchesprogrammed to restrict data flow onto the backbone
– Add a Firewall
• Control use of any network services • Control systems that can be contacted
2
06/06/2010
LAN Safeguards – 3
• OtherConsiderations
– If workgroup users are not located in a single area, different measures must be adopted – In most cases, addressing is used to control traffic flow but does not prevent traffic beingread in transit – Higher level of security can be provided by encryption, but:
• • • • Does encryption mechanism understand the network protocol? What is the performance impact of encryption? How areencryption keys generated, distributed, and stored? Will a workstation on the encrypted workgroup be able to communicate with an unencrypted server?
WAN - 1
• Wide Area Network
– National or...
Regístrate para leer el documento completo.