Network Security

Jul 18, 2024

Network Security

Introduction to Network Security

  • Importance of securing networks due to increasing network-based attacks.
  • Overview of the course: network architecture, network tools, network operations, common network attacks, security hardening practices.
  • Instructor: Chris, CISO for Google Fiber, with 20+ years of experience.

Understanding Network Basics

What is a Network?

  • A group of connected devices (e.g., laptops, cell phones, workstations, printers).
  • Devices communicate via network cables or wireless connections.
  • Types of networks: Local Area Network (LAN) and Wide Area Network (WAN).
    • LAN: A small area like an office or home.
    • WAN: Spans large geographical areas, e.g., the internet.
  • Importance of unique addresses (IP and MAC) for device communication.

Common Network Devices

Hub

  • Broadcasts information to all devices on the network.

Switch

  • Sends and receives data between specific devices, more secure and performance-efficient than hubs.

Router

  • Connects multiple networks together.

Modem

  • Connects a router to the internet, provides internet access to LAN.

Virtualization Tools

  • Perform network operations using software, offered by cloud service providers, providing cost savings and scalability.

Cloud Computing and Network Design

Cloud Computing

  • Using remote servers, applications, and network services hosted on the internet.
  • Benefits: cost savings, streamlined operations, access to more network resources.

Cloud Networks

  • Collection of servers storing resources and data in remote data centers.
  • Allow web and business analytics, on-demand storage, and processing power.

Network Communication

Data Packets

  • Basic units of information in a network.
  • Contains sender and receiver IP and MAC addresses, protocol number, and message content.

Bandwidth and Speed

  • Bandwidth: amount of data received per second.
  • Speed: rate at which data packets are received or downloaded.

Packet Sniffing

  • Capturing and inspecting data packets to analyze network performance.

TCP/IP Model

Layers

  1. Network Access Layer: Data packet transmission and hardware devices.
  2. Internet Layer: IP addresses and network connectivity.
  3. Transport Layer: Flow control, communication protocols, error control.
  4. Application Layer: Data packet interaction with receiving devices (e.g., file transfers, email).

IP Addresses

  • IPv4: Four sets of numbers separated by decimal points.
  • IPv6: 32-character addresses for more devices.
  • Public vs. Private IP Addresses: Public assigned by ISP; private used within a local network.

MAC Address

  • Unique identifier assigned to network devices.
  • MAC address tables used for directing data packets.

Network Protocols

Common Network Protocols

  • TCP: Transmission Control Protocol, data connection and streaming.
  • ARP: Address Resolution Protocol, linking MAC addresses.
  • HTTPS: Hypertext Transfer Protocol Secure, secure communication for web browsing.
  • DNS: Domain Name System, translating domain names into IP addresses.

Wireless Protocols

  • IEEE 802.11 (Wi-Fi): Defines wireless communication standards.
  • WPA, WPA2, WPA3: Wireless security protocols.

Network Security Measures

Firewalls

  • Hardware & Software Firewalls: Monitor network traffic.
  • Cloud-based Firewalls: Protect cloud resources.
  • Stateless vs. Stateful Firewalls: Stateless based on rules, stateful with advanced tracking.
  • Next-Generation Firewalls (NGFWs): Advanced inspection and intrusion protection.

Virtual Private Networks (VPNs)

  • Encrypts data and hides virtual locations.

Security Zones

  • Network segmentation for enhanced security, e.g., DMZ (demilitarized zone), internal, and restricted zones.

Proxy Servers

  • Forward Proxy: Hides user IPs and controls outgoing requests.
  • Reverse Proxy: Regulates internet access to internal servers.
  • Email Proxy Servers: Filter spam and phishing attempts.

Common Network Attacks

Denial of Service (DoS) and Distributed Denial of Service (DDoS)

  • Overloading a network/server with traffic to disrupt operations.
  • Sin Flood, ICMP Flood, Ping of Death: Types of DoS attacks.

Packet Sniffing

  • Capturing and reading data packets without authorization.
  • Prevention: Use of VPNs, HTTPS, and avoiding unsecured Wi-Fi.

IP Spoofing

  • Attacker masquerades as authorized system.
  • Types: On-path, replay, and Smurf attacks.
  • Prevention: Encryption, firewall rules.

Security Hardening

OS Hardening

  • Regular tasks: patch updates, device configurations, access control.
  • Secure configuration practices, e.g., password policies, multi-factor authentication (MFA).

Network Hardening

  • Port filtering, network access control, encryption standards.
  • Network segmentation for privacy and security.
  • Log analysis using tools like Security Information and Event Management (SIEM).

Cloud Hardening

  • Compare data in cloud servers to Baseline images for security.
  • Separate internal and user-facing applications.

Summary

  • Importance of securing networks: understanding structure, operations, and common threats.
  • Tools, measures, and best practices for network security.
  • Preparedness against network attacks and hardening practices for protection.
  • Next steps: Learning about Computing basics for security analysts.

Full transcript