Advertise Search Members Free Magazines Newest Links Categories Register Login

Application Security Architecture Authentication Certifications Corporate Compliance Cryptology Disaster Recovery Enterprise Security Exploits Firewalls Incident Handling Intrusion Detection Link Directory OS Security Policies and Procedures Security Basics Security Management Security Tools Servers Standards Techie Humor VoIP Vulnerability Management Web Security WIFI Security Worms and Viruses Definition of Architecture What is Architecture? Architecture is the overall design or structure of a computer system, including the hardware and the software required to run it, especially the internal structure of the microprocessor. Most Popular Sponsor 802.1X Authentication Standard for Network Access Control

Architecture Defense in Depth DNS Logging VLAN Designing a DMZ Start by asking yourself what do I want to protect? Or what is most valuable to me? Then ask yourself what is the entrance point into this system? Or what is my front door? These questions might sound easier to answer than they actually are. You may actually find that you have more than one entrance to your system such as an Internet connection and dial-up connections. It is suggested in this situation that you have two different DMZ's. This is because you're going to have different configurations for each of those access types. That means extra vulnerabilities. Remember security is minimalism. Read the Article Is Your Storage Area Network Secure? An Overview of Storage Area Network from Security Perspective In this paper, I will discuss about Storage Area Network (SAN) architecture in general, such as topology, SAN components, and terminologies to give you an idea about SAN. Then I will go over the potential security threats and solutions available in SAN environments such as in SAN network, implementation, and management. I will also cover some of the attacks that will impact your SAN, and actions necessary for protecting it. Finally, future SAN protocols and technologies such as iSCSI, InfiniBand, FCIP and iFCP will be discussed. SAN is indeed a very exciting technology, looking forward to years to come. Read on. Read the Article Security Features in IPv6 This paper will present a brief overview of some of the new features provided by the Internet Protocol version 6 (IPv6). It will take an in-depth view of the new security features in IPv6, namely the use of the Authentication Header and Encapsulating Security Payload (ESP) Header. This document will examine how these security features can prevent certain types of network attacks currently occurring over the Internet and discuss some of the open issues with the IPV6 security features. Read the Article Layer 2 Attacks and their Mitigation This is a slide show that describes attacks and mitigation techniques assuming a switched ethernet network running IP. Read the Article Securing Extranet Connections This paper will present one solution to securing a large number of extranet connections. In particular, the focus will be on the corporation who is the extranet network provider, or at the hub of a large extranet. The extranet network provider's responsibility for security is not only between it and its business partners and customers, but also making sure that partner A can't access systems at customer B (unless specifically requested). Read the Article Securing SNMP: A Look at Net-SNMP (SNMPv3) This paper addresses the many improvements, enhancements, and additions that comprise net-snmp, as well as the benefits of using SNMP to monitor network devices and computers. A discussion on the benefits of systems monitoring is included for relevance. Shortcomings of previous versions of SNMP are explained, and solutions to these faults are described in terms of net-snmp's capabilities. The bulk of this practical focuses on the specific additions to SNMP that make net-snmp the ideal candidate for systems monitoring. The User-based Security Model is explained with regard to SNMP, and encryption is topically dealt with for completeness. Throughout the paper, various topics within network security and operation are discussed to emphasize the improvements with net-snmp. Overall, SNMPv3 provides the best of both worlds: ready access to system monitoring information, and sophisticated security. Read the Article Security Measures to couple mixed IPv4/IPv6 Networks over a pure IPv6 Infrastructure by making Use of NAT-PT The next generation of the Internet Protocol (IPv6) was developed to improve the within the Internet widespread deployed Internet Protocol (IPv4). Among other things it enlarges the available addressing space and improves security. Due to lack of unique IPv4 address space one strategy to couple existing IPv4 networks that uses private IPv4 addresses is to define a unique IPv6 network on top of the coupled IPv4 networks. Read the Article Understanding Security Using the OSI Model This paper is written as a guide for those who do not labour through the wee hours of the morning (yet) studying every new Information Technology (IT) vulnerability. This paper will provide a breakdown of the OSI (Open Source Interconnection) model, and using that model, explain some well-known vulnerabilities. The paper will take each layer of the OSI model (there are seven) and describe a relevant vulnerability with a solution to that problem area. The reader will become more aware of the vulnerabilities that exist in the IT environment. More importantly, the reader will be able to use the OSI model as a guide to simplify the security process. Read the Article Applying the OSI Seven Layer Network Model To Information Security Data networking is a critical area of focus in the study of information security. This paper focuses on reviewing a key area of data networking theory - The Open Systems Interconnect (OSI) Seven Layer Network Model. This paper demonstrates the application of the model's concepts into the context of information security. This paper overall presents the perspective that common information security problems map directly to the logical constructs presented in the OSI Seven Layer Network Model, and seeks to demonstrate the Seven Layer Model's usefulness in evaluating information security problems and solutions. The OSI Model is presented by way of both formal definition and practical terms that affect information security on a layer-by-layer basis. For each layer, examples of common information security threats and controls are evaluated by how they fit into the OSI Seven Layer Model's layers of classification, with notes on exceptions and special cases. Read the Article Architecting, Designing and Building a Secure Information Technology Infrastructure, a case study This case study follows the building of an Information Technology Infrastructure with an integrated Security Architecture. Describing this project as a case study indicates that this is a practical discussion not a theoretically one. This paper follows the process from concept to implementation. It shows the results of a pre-project analysis, follows the project through completion, examining the steps along the way. It concludes with a discussion of the post-project analysis and a comparison of the results from the two analyses. The paper will discuss what was done, why it was done and how it was accomplished. Conclusions are drawn on the relative success of the project. Although the project involves building an entire ITI this paper focuses on the security aspects. It will cover the high-level architecture and some of the low-level implementation details. The paper is written from the perspective of a System Administrator who has an intense interest in information security. Read the Article Page: 1 2 3 4 Members currently browsing this category:

Copyright 2008 AttackPrevention