Chapter05 - Security+ Guide to Network Security...

Info iconThis preview shows pages 1–12. Sign up to view the full content.

View Full Document Right Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 5 Network Defenses
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Objectives Explain how to enhance security through network design Define network address translation and network access control List the different types of network security devices and explain how they can be used 2
Background image of page 2
Security+ Guide to Network Security Fundamentals, Third Edition Crafting a Secure Network A common mistake in network security Attempt to patch vulnerabilities in a weak network that was poorly conceived and implemented from the start Securing a network begins with the design of the network and includes secure network technologies 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Security through Network Design Subnetting IP addresses are actually two addresses: one part is a network address and one part is a host address Classful addressing The split between the network and host portions of the IP address originally was set on the boundaries between the bytes Subnetting or subnet addressing Allows an IP address to be split anywhere Networks can essentially be divided into three parts: network, subnet, and host 4
Background image of page 4
Security+ Guide to Network Security Fundamentals, Third Edition 5
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition 6 Security through Network Design (continued)
Background image of page 6
Security+ Guide to Network Security Fundamentals, Third Edition Security through Network Design (continued) Security is enhanced by subnetting a single network Multiple smaller subnets isolates groups of hosts Network administrators can utilize network security tools Makes it easier to regulate who has access in and out of a particular subnetwork Subnets also allow network administrators to hide the internal network layout 7
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Security through Network Design (continued) Virtual LAN (VLAN) In most network environments, networks are divided or segmented by using switches A VLAN allows scattered users to be logically grouped together even though they may be attached to different switches Can reduce network traffic and provide a degree of security similar to subnetting: VLANs can be isolated so that sensitive data is transmitted only to members of the VLAN 8
Background image of page 8
Security+ Guide to Network Security Fundamentals, Third Edition 9
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition 10
Background image of page 10
Security through Network Design (continued) VLAN communication can take place in two ways All devices are connected to the same switch Traffic is handled by the switch itself Devices are connected to different switches A special “tagging” protocol must be used, such as the IEEE 802.1Q-2005 A VLAN is heavily dependent upon the switch for correctly directing packets
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 12
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 06/13/2010 for the course CITX CITX 1150 taught by Professor P.whalen during the Fall '09 term at British Columbia Institute of Technology.

Page1 / 49

Chapter05 - Security+ Guide to Network Security...

This preview shows document pages 1 - 12. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online