PACE-IT, Security+1.1: Introduction to Network Devices (part 3)

Introduction to network devices III.

Page 2

Instructor, PACE-IT Program – Edmonds Community College

Areas of Expertise Industry Certification PC Hardware Network

Administration IT Project

Management

Network Design User Training IT Troubleshooting

Qualifications Summary

Education M.B.A., IT Management, Western Governor’s University B.S., IT Security, Western Governor’s University

Entrepreneur, executive leader, and proven manger with 10+ years of experience turning complex issues into efficient and effective solutions. Strengths include developing and mentoring diverse workforces, improving processes, analyzing business needs and creating the solutions required— with a focus on technology.

Brian K. Ferrill, M.B.A.

Page 3


– Spam filter.

– Network devices.

PACE-IT.

Page 4

Spam filter.Introduction to network devices III.

Page 5

Spam filter.

– Spam defined.» In most cases, spam is defined as unsolicited bulk email

(UBE), or junk email. The spammer (the person sending the spam) is hoping that the recipient will buy a product or service.

• While in most cases the receiving of spam isn’t a security threat, it considered a waste of resources.

– Filters for spam.» Various filters can be put in place—usually on an SMTP

server—to reduce the amount of spam that is received.• Real-time blacklist (RBL): a subscription service that

provides a list of known IP addresses of spam hosts, which then allows them to be blocked.

• Connection filter: prohibiting a list of specific IP addresses from connecting to a SMTP server.

• Recipient filter: blocking messages sent to a particular recipient.

• Sender filter: blocking messages sent from a particular entity.

• Sender ID filter: allows an SMTP server to review the Sender Policy Framework (SPF) record of the sender in DNS. If the sending SMTP server is listed, the message is accepted.


Page 6

Spam filter.

The first known instance of spam occurred in 1978 and involved an advertisement for Digital Equipment Corporation (DEC) computers.

While the reaction from this UBE was largely negative, it did result in some sales. When the term spam became associated with UBE is unknown. We can blame Monty Python’s Flying Circus for the term. In 1970 they aired a skit in which the word spam keeps getting used, effectively blocking useful communication.


Page 7

Network devices.Introduction to network devices III.

Page 8

Network devices.

– Web security gateway.» A system designed to protect networks from malicious

content that is on the Internet.• It can be used to filter out prohibited content.• It can be used to scan for malicious code.

» These systems can also be used as a data loss prevention (DLP) measure.

• Outgoing content is scanned. If sensitive content is discovered in the scan, it is not allowed to leave the network.

– Protocol analyzer.» Often called a packet sniffer.» Examines the network behavior at a very basic level;

they allow for the examination of the individual packets of data.

» Can be used to see what is consuming network resources (e.g., is a broadcast storm occurring or is an interface going bad?).

» Can be used to identify a network breach or attack.» Can be used to study the methods used to create a

network breach.» Wireshark is a common protocol analyzer that is often

used.


Page 9

Network devices.

The Web application firewall is an application layer (Layer 7) firewall that is used to control HTTP traffic that is allowed to reach the Web server.This allows for greater inspection and control

of messages and traffic that is destined to a network’s Web servers. They are configured to protect the servers from common attacks.They differ from normal network firewalls in that they are only concerned about what is attempting to reach the Web server. Network firewalls, on the other hand, attempt to protect the network as a whole.


Page 10

What was covered.Introduction to network devices III.

Spam is usually defined as unsolicited bulk email. While not a security threat, it does waste resources. Various filters can be put in place—usually on an SMTP server—to help keep spam from reaching the end user. The filters include: RBLs, connection filters, recipient filters, sender filters, and sender ID filters. The first known instance of spam occurred in 1978. The term spam comes from a Monty Python skit that was aired in 1970.

Topic

Spam filter.

Summary

Web security gateways are used to protect against malicious content on the Internet. They can also be used for DLP purposes. Protocol analyzers allow for the examination of the network packets that are on the network. They can be used to help identify a breach or attack and to help determine the methods used. A Web application firewall is a Layer 7 firewall that controls what messages and traffic are allowed to reach a Web server.

Network devices.

Page 11

THANK YOU!

This workforce solution was 100 percent funded by a $3 million grant awarded by the U.S. Department of Labor's Employment and Training Administration. The solution was created by the grantee and does not necessarily reflect the official position of the U.S. Department of Labor. The Department of Labor makes no guarantees, warranties, or assurances of any kind, express or implied, with respect to such information, including any information on linked sites and including, but not limited to, accuracy of the information or its completeness, timeliness, usefulness, adequacy, continued availability or ownership. Funded by the Department of Labor, Employment and Training Administration, Grant #TC-23745-12-60-A-53.PACE-IT is an equal opportunity employer/program and auxiliary aids and services are available upon request to individuals with disabilities. For those that are hearing impaired, a video phone is available at the Services for Students with Disabilities (SSD) office in Mountlake Terrace Hall 159. Check www.edcc.edu/ssd for office hours. Call 425.354.3113 on a video phone for more information about the PACE-IT program. For any additional special accommodations needed, call the SSD office at 425.640.1814. Edmonds Community College does not discriminate on the basis of race; color; religion; national origin; sex; disability; sexual orientation; age; citizenship, marital, or veteran status; or genetic information in its programs and activities.