design of security architecture in information technology
TRANSCRIPT
Presented By, K.Senthil Kumar,Asst Professor,Sri Eshwar College of Engineering
Example Security Architecture
Presented By, K.Senthil Kumar,Asst Professor,Sri Eshwar College of Engineering
Example Security Architecture
Presented By, K.Senthil Kumar,Asst Professor,Sri Eshwar College of Engineering
Components of Security Architecture
• Spheres of Security– Shows how information is under attack from variety of sources.
• Levels of Control– Safeguards provide three levels of control.
• Defense in Depth– Shows the layered implementation of security.
• Security Perimeter– It defines boundary between outer limit of organization and the
outside world.
Presented By, K.Senthil Kumar,Asst Professor,Sri Eshwar College of Engineering
Spheres of Security
Presented By, K.Senthil Kumar,Asst Professor,Sri Eshwar College of Engineering
Spheres of Security
• Foundation of the security framework,
• Info Sec is designed using three layers
Presented By, K.Senthil Kumar,Asst Professor,Sri Eshwar College of Engineering
Levels of Control
• Managerial Controls– Set the direction and scope of the security process and provides
detailed instruction for its conduct
• Operational Controls– Address personnel security, physical security and protection of
production inputs and outputs
• Technical Controls– It protects information assets.
– Examples – Logical access control identification, authentication, authorization, accountability, cryptography.
Presented By, K.Senthil Kumar,Asst Professor,Sri Eshwar College of Engineering
Defense in Depth
• Defense in depth is called as layered implementation of security.– Policy prepares organization to handle threats
– Training avoids attack enabled by ignorance.
– Technology detects attack and provide reaction.
– Redundancy is important in any implementation
Presented By, K.Senthil Kumar,Asst Professor,Sri Eshwar College of Engineering
Security Perimeter
• A security perimeter is the level of security thatprotects all internal systems from outside attacks.
• Components of Perimeters are
– Firewalls
– DMZ
– Proxy Servers
– IDPS
Presented By, K.Senthil Kumar,Asst Professor,Sri Eshwar College of Engineering
Firewalls
• Firewalls is a computing device or specially configured computer
• It allows or prevent access to defined area based on rules.
• It is placed on security perimeter
Presented By, K.Senthil Kumar,Asst Professor,Sri Eshwar College of Engineering
Firewalls – Screenshots from PIX F
Presented By, K.Senthil Kumar,Asst Professor,Sri Eshwar College of Engineering
DMZ
Presented By, K.Senthil Kumar,Asst Professor,Sri Eshwar College of Engineering
Intrusion Detection and Prevention System
• IDPS detects unauthorized activities within the inner network.
– Host Based IDPS
– Network Based IDPS
Presented By, K.Senthil Kumar,Asst Professor,Sri Eshwar College of Engineering