Protecting with network security strategies a medium size enterprise and implementing scenarios attacks and countermeasures on cisco equipment
SubjectInternet telephony -- Security measures ; Computer network protocols ; Δίκτυα υπολογιστών -- Μέτρα ασφαλείας
Security has been important for a long time, with an increasing focus on it over the years. When LANs connecting personal computers began to emerge back in the early 1980s, security was not goal number one, and maybe not even in the top two or three when implementing a network. It was more of an afterthought. Today, however, security for corporate networks is at or near the top of the list. One challenge to network security is that the threats to a network constantly change. So the security network engineer has to design the network with the best practices for security, and then monitor and vigilantly update it. This thesis presents the tactics and methods of protecting the local network of a small-medium size company by implementing security measures, protecting the communications and data according to CIA (Confidentiality, Integrity, Availability) and the network devices from crashing, maintaining them functional. More specifically, initially the Network Foundation Protection (NFP) takes place breaking the infrastructure down into smaller components, and then systematically focusing on how to secure each of those components. There is a strategic approach of hardening the network so that we can manage it and allow it to correctly maintain the routing tables, and most important, so that the network stays functional and can forward traffic. Subsequently, there is a detailed reference to the concept of the management plane, which is a collection of protocols and access methods we use to configure, manage, and maintain a network device, and of course examines how to protect it. The next chapter has to do with the security of Layer 2 technologies. This describes Layer 2 security steps and security features on switches available to combat network security threats. These threats result from weaknesses in Layer 2 of the OSI model - the Data-Link Layer. Switches act as arbiters to forward and control all the data flowing across the network. The current trend is for network security to be solidified through the support of switch security features that build feature-rich, high-performance, and optimized networks. It also examines the integrated security features available on Cisco Catalyst switches to mitigate threats and configures these features in order to build robust networks. The following chapter highlights some of the most common mitigation techniques available on Cisco platforms and commonly applied on specific Layer 3 devices, such as routers or Layer 3 switches. There are references to the types of Access Control Lists (ACLs), the Firewall and Intrusion Prevention System (IPS) features of the Cisco routers IOS, in order to enhance the security of a network. These options help us to control the incoming and outgoing network traffic by analyzing the data packets and determining whether they should be allowed through or not, based on applied rule sets and policies. At the last chapter, there are presented five types of network attacks and countermeasures. These attacks are conducted at a simulated environment of the Graphical Network Simulator – GNS3 using virtual network devices loaded with the proper Cisco IOS. Virtual machines are also used as hosts in the network which run the Ubuntu, Windows-XP and Backtrack operating systems. At the role of attacker is the host with Backtrack OS and the role of victims or testing results are the hosts with Ubuntu and Windows-XP OS.