This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Firewall is a tool that filters all network traffic between the internal networks that is controlled by any external network. The main purpose of a firewall is to ensure that resources are not believed to be outside the network from entering the internal network environment.
In general, one may say that firewalls implement network security policy. Network security policy is likely to be in the form of restrictions by accessing the internal information or external sources. In a more flexible, some firewalls may allow access to inside information or the achievement of certain places, certain users for certain activities.
Community firewall depends on the properties or the security policy implemented by the firewall. Thus, one major challenge is to ensure the protection of network security policies that meet the needs of the installation. The image for firewall as shown in appendix figure 2:1
This is the first line of defense used in dealing with security issues. As an analogy, use of a building that has security features such as a security officer or an electronic lock on the door of the building. Although not fully solve the security problem in this way at least to track who is entering the building (or network) and when, and to prevent a user who is not identified in the network. Unfortunately, the logon security system has several shortcomings. ï¿½The user can select easily guessed passwords; users may write the password in place that is easily found by other users or share your password with other usersï¿½. This causes the network defenses can be compromised by a user who does not respect. Windows NT provides many ways or methods that can be used to overcome problem. The image for these authentications as shown in appendix figure 2:2.
The first measure of a system's security is how effective it is in authenticating and identifying
its users. Passwords are used by most every system or network as the first and usually only means of identification and authentication. Even though passwords are the most widely deployed scheme of authentication, they are perhaps the weakest link in any system security scheme. However, there are a number of measures an organization can take to lessen the risks associated with the use of passwords: Obviously, passwords should never be shared between end users. Accordingly, every organization should have a policy that clearly states the users' responsibility to maintain password secrecy and the consequences for failing to do so. Meanwhile, however, people too often use passwords that are too short and/or too easy to guess or decipher, or they simply never change them. ï¿½There are programs known as "crackers" that are easily obtained from the Internet that can be run on most systems to decipher the passwords in the password fileï¿½. Even if a password is encrypted for transmission between a client and a server, it can be captured and retransmitted at a later time as part of a "replay attack." Countermeasures for this include one-time passwords, tokens, or schemes such as Kerberos. The picture for password security measures as shown in appendix figure 2:3.
The term ï¿½virusï¿½ is used to describe self-replicating computer programs that propagate themselves between files on a computer, and even between computers. Viruses usually, but not always, do something malicious, such as overwrite files or waste your bandwidth by sending copies of them to everyone in your address book. Antivirus capabilities are a feature of some network and host-based firewalls. Network firewalls might inspect all incoming email traffic for virus-infected attachments, and filter them out. ï¿½Host-based firewalls might change the configuration of the userï¿½s email client so that the email client sends all requests through the host-based firewallï¿½. The best way to protect your organization against viruses is to use a good-quality commercial antivirus package. These scanners examine the files, folders, mail messages, and Web pages on your computers, looking for the distinctive patterns of viral code. The image for antivirus as shown in appendix figure 2:4.
Encryption software programs incorporate authentication and message integrity in its program to ensure senders and receivers are protected against many of the computer crimes committed on networks and the Internet. Security of data communications is another safety aspect to be considered. Among the data that moves through the network, including sensitive information such as confidential files. ï¿½Security file will be guaranteed if the network traffic between the workstation and the server is located in a safe conditionï¿½. It is impossible to control the user to enter the network without authorization is not just taking action to monitor traffic, unless care has been taken to ensure data security from the beginning. In addition to preventing users who are not allowed to enter the cable and network equipment, data should also be guaranteed the security. Increase the security needed to prevent users not to enter the cable and equipment to make the network. The image for encryption as shown in appendix figure 2:5
When the password entered to see the email in hotmail, the data will be sent in text form is usually through several hosts before eventually accepted by hotmail. Sniffer is a program that reads and analyzes each of the protocols through the machine in which programs are included. By default, a computer in the network workstation just to listen and respond to packets sent to them. However, the network card can be set using a particular program, so as to detect and capture all network traffic is passed without a care to which the package was delivered. One way to guarantee the security of data by using encryption methods encryption. Encryption is a process of random data so it can not be read by others. In this method of data encoded in a specific code this code will only be known by the sender and receiver. Anyone who intercepts the data in this series will only get data that does not mean that. Figure 2.5:1 shows how this method works.
Data security is an issue that small local area networks, but at the same time it is very worrying in a larger network. When the network is connected to the Internet, security of data communications will be critical. Encryption is the process of scrambling the contents of a file or message to make it unintelligible to anyone not in possession of the "key" required to unscramble the file or message. There are two types of encryption: symmetric (private/secret) key and asymmetric (public) key encryption.
Symmetric Key Encryption
When most people think of encryption it is symmetric key cryptosystems that they think of.
Symmetric key, also referred to as private key or secret key is based on a single key and algorithm being shared between the parties who are exchanging encrypted information. The same key both encrypts and decrypts messages. This concept is illustrated in Figure 2:5:2
The strength of the scheme is largely dependent on the size of the key and on keeping it secret. Generally, the larger the key, the more secure the scheme. In addition, symmetric key encryption is relatively fast. The main weakness of the system is that the key or algorithm has to be shared.
As a result, private key cryptosystems are not well suited for spontaneous communication over open and unsecured networks.
ï¿½Administration is another safety aspect should be emphasized. If there is a small network one building and 50 users or less, it requires an administrator onlyï¿½. In this case an administrator will handle all aspects of security within the network. In a large network, which has many users and multiple locations is an area of need to divide the administration into some one. In granting the user access to files in the network, some specific users can be given the right to act as administrator. ï¿½There are many ways to distribute administrative tasks to a networkï¿½. In a simple example, assign an administrator at each company location In a more complex arrangement, each administrator can be assigned specific tasks, such as file systems administrator or Internet gateway administrator. A large and complex network can have a comprehensive administrative hierarchy, and also can allow an administrator at the branch provides the administrative user rights. The image for Netware administrator as shown in appendix figure 2:6.
NTFS is the preferred file system for storing applications and user files Novell NetWare has become a widely used protocol in most of the network that provides file and print services. As can be seen in appendix Figure 2:6:1 Rights to Files and Directories allows network administrators to see all the truth that was given to a graphical user. ï¿½Sever the left window shows the volume where the user "Deb" has been given access. The bottom of the screen will show the specific permission has been granted to the user "Deb" for TALSIN_SYSï¿½.testing directory. Administrator may be heightened authority or reduce rights that were given to users ï¿½Debï¿½.