soluciones de red.ppt
TRANSCRIPT
-
7/27/2019 Soluciones de Red.ppt
1/21
Installing Windows XP Professional Using Attended Installation
Slide 1 of 21Ver. 1.0
In this session, you will learn about:
Best practices for implementing VPNs and VoIP
Tips and tricks on network documentation
FAQs related to network planning
Objectives
Planning Network Solutions
Planning Network Solutions / Chapter 5
-
7/27/2019 Soluciones de Red.ppt
2/21
Installing Windows XP Professional Using Attended Installation
Slide 2 of 21Ver. 1.0
When planning for a VPN for an enterprise, you have to
consider the following best practices:
Place the VPN gateway outside the firewall.
Determine the location of the VPN gateway within the existing
network topology.
Place the firewall after the VPN gateway and allow the firewall
to inspect the traffic that the VPN decrypts.
Do not locate the VPN gateway parallel to or behind the
firewall. The firewall will not be able to inspect clear-text traffic.
Place a VPN gateway such that any Network Address
Translation (NAT) for data packets takes place outside theVPN tunnel.
Do not place the IDS outside the network firewall.
Best Practices
Planning Network Solutions
Planning Network Solutions / Chapter 5
-
7/27/2019 Soluciones de Red.ppt
3/21
Installing Windows XP Professional Using Attended Installation
Slide 3 of 21Ver. 1.0
When planning for VoIP, you should consider the following
best practices:
Conduct an audit of the network technology implemented in the
enterprise to check if it is compatible with VoIP.
Prioritize voice traffic over data on corporate networks.
Determine bandwidth requirements.
Consider global governmental toll-bypass regulations.
Increase the visibility and performance of the VoIP network.
Stick to one VoIP provider.
Choose equipment that are compatible with each other.
Best Practices (Contd.)
Planning Network Solutions
Planning Network Solutions / Chapter 5
-
7/27/2019 Soluciones de Red.ppt
4/21
Installing Windows XP Professional Using Attended Installation
Slide 4 of 21Ver. 1.0
Documenting a network helps reduce the maintenance and
management costs.
An analysis of the following questions helps in selecting an
appropriate network documentation package:
What should be documented?Why should it be documented?
Where is the information source?
Is all the required information readily available?
Who are the users?
What structure and naming conventions should be used?What is the feedback process?
Tips and Tricks
Planning Network Solutions
Planning Network Solutions / Chapter 5
-
7/27/2019 Soluciones de Red.ppt
5/21
Installing Windows XP Professional Using Attended Installation
Slide 5 of 21Ver. 1.0
What is a VPN gateway?
A VPN gateway is a device that connects a LAN to a VPN. A VPN
gateway is a device that connects a LAN to a VPN. VPN gateways
are installed at both ends of a VPN tunnel. The VPN gateway
installed at the sending end encrypts the data and the VPN
gateway installed at the receiving end decrypts the data.
Does WLAN support Internet connectivity?Yes. WLAN works just like a LAN but communication takes place
without wires.
How reliable is VoIP?
Just as traditional phone lines depend on telephone companies for
their maintenance and quality, the reliability of VoIP depends on the
Internet Service Provider (ISP). The effectiveness of network lines in
VoIP entirely depends on the level of maintenance provided by the
ISP.
FAQs
Planning Network Solutions
Planning Network Solutions / Chapter 5
-
7/27/2019 Soluciones de Red.ppt
6/21
Installing Windows XP Professional Using Attended Installation
Slide 6 of 21Ver. 1.0
How much bandwidth does VoIP require?
You need a broadband connection to make VoIP work
successfully. Having more bandwidth allows you to make a
greater number of simultaneous calls.
Do VoIP phones require specific hardware to work properly?
You need to have a Private Branch Exchange (PBX) that
supports an IP phone.
FAQs (Contd.)
Planning Network Solutions
Planning Network Solutions / Chapter 5
-
7/27/2019 Soluciones de Red.ppt
7/21
Installing Windows XP Professional Using Attended Installation
Slide 7 of 21Ver. 1.0
How does understanding availability requirements help plan
an IT infrastructure?
Practice Questions
Planning Network Solutions
Planning Network Solutions / Chapter 5
Understanding availability requirements help determine the level of
network services required and thereby help determine the cost of
setting up an IT infrastructure to fulfill the level of service.
-
7/27/2019 Soluciones de Red.ppt
8/21
Installing Windows XP Professional Using Attended Installation
Slide 8 of 21Ver. 1.0
What is the difference between scalability and obsolescence
protection?
Practice Questions (Contd.)
Planning Network Solutions
Planning Network Solutions / Chapter 5
Scalability is the ability of a network to cope up with future
requirements, such as increase in the number of users, expansion
of the network, acquisition of new network sites, and installation of
new software applications.Obsolescence protection involves planning the purchase of your
network devices in such a way that they are able to keep pace with
fast changing technologies and higher capacity devices that might
be installed in future.
-
7/27/2019 Soluciones de Red.ppt
9/21
Installing Windows XP Professional Using Attended Installation
Slide 9 of 21Ver. 1.0
How does network sizing affect network planning?
Practice Questions (Contd.)
Planning Network Solutions
Planning Network Solutions / Chapter 5
Network sizing takes care of the number of users using the
network and the future requirements that might arise. Thereby,
network sizing helps determine the quality and level of network
services required. Network sizing helps you estimate the cost of
setting up a network that will meet the business as well astechnical requirements of an enterprise.
-
7/27/2019 Soluciones de Red.ppt
10/21
Installing Windows XP Professional Using Attended Installation
Slide 10 of 21Ver. 1.0
What are the various options available for setting up a WAN
infrastructure?
Practice Questions (Contd.)
Planning Network Solutions
Planning Network Solutions / Chapter 5
The various options for setting up a WAN infrastructure are:
Frame relay
X.25
WAN ATM
Leased line
ISDN
ADSL
Analog Modems
SMDS
-
7/27/2019 Soluciones de Red.ppt
11/21
Installing Windows XP Professional Using Attended Installation
Slide 11 of 21Ver. 1.0
What are VPNs? How does a VPN help provide low cost yet
secure WAN communication?
Practice Questions (Contd.)
Planning Network Solutions
Planning Network Solutions / Chapter 5
VPNs are networks that use encryption in the lower protocol layers
to provide a secure connection through an otherwise insecure
network, such as the Internet. VPNs are cheaper than real private
networks using private lines.VPNs use encryption to make the data safe on public networks,
such as the Internet. In addition, they use the IPsec protocol to
ensure better safety of information traveling through VPNs.
-
7/27/2019 Soluciones de Red.ppt
12/21
Installing Windows XP Professional Using Attended Installation
Slide 12 of 21Ver. 1.0
In this session, you will learn about:
Best practices for planning IDS
Tips and Tricks on planning a security solution
FAQs on security measures, such as firewalls and digital
signatures
Objectives
Planning Security Solutions
Planning Security Solutions / Chapter 6
-
7/27/2019 Soluciones de Red.ppt
13/21
Installing Windows XP Professional Using Attended Installation
Slide 13 of 21Ver. 1.0
The best practices for planning IDS are:
Employ measures to use the data gathered from the IDS
effectively, such as software tools to evaluate and report IDS
findings.
Choose a logging system that allows you to gather a large
amount of data, backup and recovery procedures, and storagefacilities.
Ensure that system logs are checked daily for critical incidents
and weekly for all other incidents.
Develop a standard response procedure to tackle any
malicious attempt made on the enterprises network.
Best Practices
Planning Security Solutions
Planning Security Solutions / Chapter 6
-
7/27/2019 Soluciones de Red.ppt
14/21
Installing Windows XP Professional Using Attended Installation
Slide 14 of 21Ver. 1.0
The tips and tricks for implementing IDS are:
Use host-based IDS to secure the computers of mobile users
in your network.
Use network-based IDS to secure your IT infrastructure if you
do not want to place an additional workload on the computers
of your network.
Use hardware instead of software firewalls if securityrequirements are not very high.
Tips and Tricks
Planning Security Solutions
Planning Security Solutions / Chapter 6
-
7/27/2019 Soluciones de Red.ppt
15/21
Installing Windows XP Professional Using Attended Installation
Slide 15 of 21Ver. 1.0
How does a firewall work?
A firewall checks the data packets leaving or entering a
network to ensure that they are authorized to go to the people
they are addressed to. It also checks whether the person or
application sending the data is authorized to use the Internet.
What is the difference between a hardware and softwarefirewalls?
A hardware firewall is implemented on network devices, such
as routers. Hardware firewalls use packet filtering to know the
source and destination addresses of a data packet.
Software firewalls are implemented on computers. A softwarefirewall allows only secure applications to communicate over
the Internet.
FAQs
Planning Security Solutions
Planning Security Solutions / Chapter 6
-
7/27/2019 Soluciones de Red.ppt
16/21
Installing Windows XP Professional Using Attended Installation
Slide 16 of 21Ver. 1.0
What is a digital signature and how do you acquire one?
A digital signature needs to be different each time it is created,
and is used to secure objects, such as an electronic document, a
picture, or a program. It is created by performing a mathematical
calculation on the data that needs securing, such as a password
for a Web site. This mathematical calculation produces a unique
numerical value, which is encrypted using a private cryptographic
key. You cannot buy a digital signature. To create a digitalsignature, one needs to generate or buy a private cryptographic
key, a public key and certificate.
Who recognizes the Certification Authorities (CAs) for digital
certificates?
CAs are recognized by vendors that provide Web browsers.Different companies, such as Microsoft and Netscape, recognize
different CAs.
What is the lifecycle of a certificate?
Personal and server certificates have a validity of one year.
However, the issuing CA can decide the life of a certificate.
FAQs (Contd.)
Planning Security Solutions
Planning Security Solutions / Chapter 6
-
7/27/2019 Soluciones de Red.ppt
17/21
Installing Windows XP Professional Using Attended Installation
Slide 17 of 21Ver. 1.0
What do you mean by physical security?
Practice Questions
Planning Security Solutions
Planning Security Solutions / Chapter 6
Physical security concerns securing various physical devices that
form part of an IT infrastructure. The physical devices might
include computers, printers, routers, hard disks, and wiring
components.
-
7/27/2019 Soluciones de Red.ppt
18/21
Installing Windows XP Professional Using Attended Installation
Slide 18 of 21Ver. 1.0
What are the measures available to ensure physical
security?
Practice Questions (Contd.)
Planning Security Solutions
Planning Security Solutions / Chapter 6
The various measures to ensure physical security are:
Keeping devices under lock and key
Implementing biometric measures, such as keycards,fingerprint readers, and retinal scanners
Implementing surveillance measures
-
7/27/2019 Soluciones de Red.ppt
19/21
Installing Windows XP Professional Using Attended Installation
Slide 19 of 21Ver. 1.0
Define a security policy?
Practice Questions (Contd.)
Planning Security Solutions
Planning Security Solutions / Chapter 6
Every enterprise needs to define a set of rules and regulations to
secure its IT infrastructure from various critical situations, such as
unauthorized access to data, disclosure of confidential information,
and virus attacks. This set of rules and regulations is known as the
security policy. A security policy enables you devise appropriate
mechanisms and choose technologies to ensure the security of theIT infrastructure.
-
7/27/2019 Soluciones de Red.ppt
20/21
Installing Windows XP Professional Using Attended Installation
Slide 20 of 21Ver. 1.0
Describe how the QoS requirements of an enterprise
determine the level of security required in the enterprise.
Practice Questions (Contd.)
Planning Security Solutions
Planning Security Solutions / Chapter 6
Depending on the QoS requirements of the enterprise, the
enterprise can select an appropriate security method. If the
enterprise requires fast access to data, the security will be kept at
a low level because it might affect the speed of data access.
Alternately, if the enterprise requires highly secure data, the level
of security employed will be high.
-
7/27/2019 Soluciones de Red.ppt
21/21
Installing Windows XP Professional Using Attended Installation
Slid 21 f 21V 1 0
What are the differences between host-based and
network-based IDS.
Practice Questions (Contd.)
Planning Security Solutions
Pl i S it S l ti / Ch t 6
Network-based IDS are deployed on a network. They use raw
network packets as the data source to check for any sort of
intrusion in a network. Network-based IDS utilize network adapters
to monitor and analyze network traffic. You can deploy network-
based IDS to protect a specific segment of the network, in which it
is installed.
Host-based IDS are installed on different types of computers such
as desktops, servers, or laptops. They can provide a second level
check and can detect problems missed out by network-based IDS.Therefore, identifying location of the IDS on internal networks can
be crucial for providing broad security coverage for an enterprise.
You can decide to implement host-based IDS on those computers
which are more prone to attack by intruders.