SlideShare una empresa de Scribd logo

Security Design Considerations Module 3 - Training Sample

Descargar como PPT, PDF
Content Rules, Inc.
Content Rules, Inc.

Sample of training materials produced by Content Rules Inc. for Extreme Networks.

EducaciónTecnología
1 de 28
Module 3 Security Design Considerations © 2006 Extreme Networks, Inc. All rights reserved.
Description This module provides an overview of the network vulnerabilities and security threats companies face today. It reviews the factors that should be taken into consideration when designing a security solution. It describes basic Sentriant CE150 network design configurations. Finally, it lists the technical information needed before you install the Sentriant CE150. page 2 © 2006 Extreme Networks, Inc. All rights reserved.
Objectives Upon completion of this module the successful student will be able to: • List the factors taken into consideration when designing a network security solution. • Understand the network vulnerabilities that are addressed by the Sentriant CE150. • Describe basic Sentriant CE150 network design configurations. • Identify the technical information required before you install a Sentriant CE150 in a customer site. page 3 © 2006 Extreme Networks, Inc. All rights reserved.
Traditional Defenses: Firewalls and IDS Firewall • Enforce access control policies between networks • Determine which inside services may be available from outside and vice versa • Provide a single “Choke point” where security audits may be performed • Provide information about who has been “sniffing” around Intrusion Detection Systems (IDS) • Excellent at detecting many types of network attacks page 4 © 2006 Extreme Networks, Inc. All rights reserved.
Firewall and IDS Limitations Cannot protect from attacks that bypass it • Internal attacks or unrestricted dial-outs Cannot protect data that is traversing the network • Financial data, corporate secrets, etc. Cannot protect against data being “changed” as it moves across the network Cannot stop any attacks that come from the inside page 5 © 2006 Extreme Networks, Inc. All rights reserved.
Network Vulnerabilities Unauthorized Access of Data in Motion • Unauthorized monitoring – Network users believe the data they send over networks will be viewed only by the intended receiver. • Unauthorized modification – A simple route traced between any two corporate networks may provide an opportunity for an intruder to inconspicuously modify data. Common Inside Attacks • Insider breaches – Employees, contractors and others with legitimate network access can easily bypass perimeter security to access sensitive data on the network. • Man-in-the-middle attacks (also known as TCP Hijacking) – An attacker sniffs packets from the network, modifies them and inserts them back into the network. • Port mirroring – Port mirroring is a method of monitoring network page 6 traffic that forwards a copy of each incoming and outgoing packet from one port of a network switch to another port where the packet can be studied. © 2006 Extreme Networks, Inc. All rights reserved.
Mitigate Network Vulnerabilities: Inside the Perimeter It is important to secure your data as it travels within your organization’s network. • Insiders account for up to 50% of network security breaches. A layered approach to network security provides the best defense possible. This means that in addition to perimeter security e.g., firewall perimeter security, data traversing the internal network must also be secured. page 7 The only way to protect data traversing internal networks is to encrypt it. Sentriant CE150 provides the ideal solution for encrypting and safeguarding data in motion. © 2006 Extreme Networks, Inc. All rights reserved.
Elements of a Comprehensive Security Solution Physical protection • Where are you? User authentication • Who are you? Encryption • Which information should be hidden? Access control • Which assets are you allowed to use? page 8 Management • What is going on within the network? © 2006 Extreme Networks, Inc. All rights reserved.
Security Design Considerations Performance • Security solutions cannot become bottlenecks on the network. Security appliances must provide low latency and high throughput. User Transparency • Security appliances should not require reconfiguration of routers, gateways, or end-user devices Centralize management and administration • Security solutions should provide centralized management and control, including: SNMP, MIB, audit and syslog Regulatory compliance • Security solutions must be able to support the every evolving Federal and State government regulations, e.g., HIPAA Resiliency • Security solutions must be available 7/24 with the ability to update page 9 security policies on the fly © 2006 Extreme Networks, Inc. All rights reserved.
Review 3 Minutes © 2006 Extreme Networks, Inc. All rights reserved.
Sentriant CE150 Non-Router Network - Outbound Switch Switch Fiber backbone, Pt-Pt Wireless Switch network Sentriant CE150 Sentriant CE150 Layer 2 Outbound Traffic Non-Router Network Outbound traffic: • This example explains the steps network equipment performs when sending data from a company site out to an external entity in a nonrouter environment. page 11 © 2006 Extreme Networks, Inc. All rights reserved.
Sentriant CE150 Non-Router Network - Inbound Switch Switch Fiber backbone, Pt-Pt Wireless Switch network Sentriant CE150 Sentriant CE150 Layer 2 Inbound Traffic Non-Router Network Inbound traffic: • This example explains the steps network equipment performs when receiving data from an external entity into a company site in a nonrouter environment. page 12 © 2006 Extreme Networks, Inc. All rights reserved.
Sentriant CE150 Router WANs - Outbound Switch Switch Router Router Sentriant CE150 Sentriant CE150 Internet Outbound Traffic Router WAN/Backbone Outbound traffic: • This example explains the steps network equipment performs when sending data from a company site out to an external entity in a router environment. page 13 © 2006 Extreme Networks, Inc. All rights reserved.
Sentriant CE150 Router WANs - Inbound Switch Switch Router Router Sentriant CE150 Sentriant CE150 Internet Inbound Traffic Router WAN/Backbone Inbound traffic: • This example explains the steps network equipment performs when receiving data from an external entity into a company site in a router environment. page 14 © 2006 Extreme Networks, Inc. All rights reserved.
Resiliency Non-VRRP Example Router 1 Router A Sentriant CE150 C Router Router 2 Sentriant CE150 Internet Router B Router D Dual active-path redundancy • This example has two Sentriant CE150 appliances at each end of the connection creating two active paths between the locations. page 15 © 2006 Extreme Networks, Inc. All rights reserved.
Resiliency VRRP Example Router 1 A Router Sentriant CE150 Router Internet C B Router 2 Sentriant CE150 D Single active-path redundancy • A pair of Sentriant CE150 appliances can be configured to form a virtual security gateway (VSG). • One appliance is active and the other waits in a backup state Virtual Router Redundancy Protocol • Allows two security gateways (Sentriant CE150) to share one IP address page 16 © 2006 Extreme Networks, Inc. All rights reserved.
Review 3 Minutes © 2006 Extreme Networks, Inc. All rights reserved.
Configuration Planning Worksheet Interface Configuration page 18 © 2006 Extreme Networks, Inc. All rights reserved.
Configuration Planning Worksheet Management Access page 19 © 2006 Extreme Networks, Inc. All rights reserved.
Configuration Planning Worksheet FTP Client page 20 © 2006 Extreme Networks, Inc. All rights reserved.
Configuration Planning Worksheet Network Interoperability page 21 © 2006 Extreme Networks, Inc. All rights reserved.
Configuration Planning Worksheet Manual Key Policies page 22 © 2006 Extreme Networks, Inc. All rights reserved.
Configuration Planning Worksheet Negotiated IPSec page 23 © 2006 Extreme Networks, Inc. All rights reserved.
Configuration Planning Worksheet Negotiated IPSec (cont’d) page 24 © 2006 Extreme Networks, Inc. All rights reserved.
Configuration Planning Worksheet Discard and Clear Policy page 25 © 2006 Extreme Networks, Inc. All rights reserved.
Summary This module provided an overview of the network vulnerabilities and security threats companies face today. The module also reviewed the factors that should be taken into consideration when designing a security solution. It described basic Sentriant CE150 network design configurations. And finally, it provided the technical information worksheets used to assist with the installation of the Sentriant CE150. page 26 © 2006 Extreme Networks, Inc. All rights reserved.
Summary continued You should now be able to: • List the factors taken into consideration when designing a network security solution. • Understand the network vulnerabilities that are addressed by the Sentriant CE150. • It describe basic Sentriant CE150 network design configurations. • Identify the technical information required before you install a Sentriant CE150 in a customer site. page 27 © 2006 Extreme Networks, Inc. All rights reserved.
End of Module Review 5 Minutes © 2006 Extreme Networks, Inc. All rights reserved.

Recomendados

CCNA 1 Routing and Switching v5.0 Chapter 11
CCNA 1 Routing and Switching v5.0 Chapter 11CCNA 1 Routing and Switching v5.0 Chapter 11
CCNA 1 Routing and Switching v5.0 Chapter 11
Nil Menon
 
Security assignment (copy)
Security assignment (copy)Security assignment (copy)
Security assignment (copy)
Amare Kassa
 
VMware vShield - Overview
VMware vShield - OverviewVMware vShield - Overview
VMware vShield - Overview
Irsandi Hasan
 
Securing Critical Iot Infrastructure, IoT Israel 2014
Securing Critical Iot Infrastructure, IoT Israel 2014Securing Critical Iot Infrastructure, IoT Israel 2014
Securing Critical Iot Infrastructure, IoT Israel 2014
iotisrael
 
Lessson 2 - Application Layer
Lessson 2 - Application LayerLessson 2 - Application Layer
Lessson 2 - Application Layer
MLG College of Learning, Inc
 
White paper scada (2)
White paper scada (2)White paper scada (2)
White paper scada (2)
Ivan Carmona
 
Sb fortinet-nozomi
Sb fortinet-nozomiSb fortinet-nozomi
Sb fortinet-nozomi
Ivan Carmona
 
Remote Access Security
Remote Access SecurityRemote Access Security
Remote Access Security
syrinxtech
 

Recomendados

CCNA 1 Routing and Switching v5.0 Chapter 11
CCNA 1 Routing and Switching v5.0 Chapter 11CCNA 1 Routing and Switching v5.0 Chapter 11
CCNA 1 Routing and Switching v5.0 Chapter 11
Nil Menon
 
Security assignment (copy)
Security assignment (copy)Security assignment (copy)
Security assignment (copy)
Amare Kassa
 
VMware vShield - Overview
VMware vShield - OverviewVMware vShield - Overview
VMware vShield - Overview
Irsandi Hasan
 
Securing Critical Iot Infrastructure, IoT Israel 2014
Securing Critical Iot Infrastructure, IoT Israel 2014Securing Critical Iot Infrastructure, IoT Israel 2014
Securing Critical Iot Infrastructure, IoT Israel 2014
iotisrael
 
Lessson 2 - Application Layer
Lessson 2 - Application LayerLessson 2 - Application Layer
Lessson 2 - Application Layer
MLG College of Learning, Inc
 
White paper scada (2)
White paper scada (2)White paper scada (2)
White paper scada (2)
Ivan Carmona
 
Sb fortinet-nozomi
Sb fortinet-nozomiSb fortinet-nozomi
Sb fortinet-nozomi
Ivan Carmona
 
Remote Access Security
Remote Access SecurityRemote Access Security
Remote Access Security
syrinxtech
 
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...
Community Protection Forum
 
Critical Infrastructure Security Talk At Null Bangalore 13 Feb 2010 Sundar N
Critical Infrastructure Security Talk At Null Bangalore 13 Feb 2010 Sundar NCritical Infrastructure Security Talk At Null Bangalore 13 Feb 2010 Sundar N
Critical Infrastructure Security Talk At Null Bangalore 13 Feb 2010 Sundar N
null The Open Security Community
 
Mapping document
Mapping documentMapping document
Mapping document
Suresh Kesavan
 
Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012
henkpieper
 
Build Redundant and Resilient Networks with Micro-Segmentation
Build Redundant and Resilient Networks with Micro-SegmentationBuild Redundant and Resilient Networks with Micro-Segmentation
Build Redundant and Resilient Networks with Micro-Segmentation
Westermo Network Technologies
 
Critical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiCritical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh Belgi
ClubHack
 
Firewalls
FirewallsFirewalls
Firewalls
IGZ Software house
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Community Protection Forum
 
Automotive Security (Connected Vehicle Security Issues)
Automotive Security (Connected Vehicle Security Issues)Automotive Security (Connected Vehicle Security Issues)
Automotive Security (Connected Vehicle Security Issues)
Priyanka Aash
 
IRJET- Data Security in Local Network for Mobile using Distributed Firewalls
IRJET- Data Security in Local Network for Mobile using Distributed FirewallsIRJET- Data Security in Local Network for Mobile using Distributed Firewalls
IRJET- Data Security in Local Network for Mobile using Distributed Firewalls
IRJET Journal
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Honeywell
 
IRJET- Data Security in Local Network through Distributed Firewalls: A Review
IRJET- Data Security in Local Network through Distributed Firewalls: A ReviewIRJET- Data Security in Local Network through Distributed Firewalls: A Review
IRJET- Data Security in Local Network through Distributed Firewalls: A Review
IRJET Journal
 
How I learned to Stop Worrying and Start Loving the Smart Meter
How I learned to Stop Worrying and Start Loving the Smart MeterHow I learned to Stop Worrying and Start Loving the Smart Meter
How I learned to Stop Worrying and Start Loving the Smart Meter
EnergySec
 
Network Architecture Review Checklist
Network Architecture Review ChecklistNetwork Architecture Review Checklist
Network Architecture Review Checklist
Eberly Wilson
 
Microsegmentation for enterprise data centers
Microsegmentation for enterprise data centersMicrosegmentation for enterprise data centers
Microsegmentation for enterprise data centers
Narendran Vaideeswaran
 
Study Wireless Security Deployment - PKL
Study Wireless Security Deployment - PKLStudy Wireless Security Deployment - PKL
Study Wireless Security Deployment - PKL
Aaron ND Sawmadal
 
Talk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2bTalk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2b
Sylvain Martinez
 
A Guide to 802.11 WiFi Security by US-CERT
A Guide to 802.11 WiFi Security by US-CERTA Guide to 802.11 WiFi Security by US-CERT
A Guide to 802.11 WiFi Security by US-CERT
David Sweigert
 
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015
James Nesbitt
 
Lowering Industrial Network Total Cost of Ownership
Lowering Industrial Network Total Cost of OwnershipLowering Industrial Network Total Cost of Ownership
Lowering Industrial Network Total Cost of Ownership
Creekside Marketing Group, LLC
 
WAN Services Planning Checklist
WAN Services Planning ChecklistWAN Services Planning Checklist
WAN Services Planning Checklist
XO Communications
 
UCB Corporate Compliance Training - Module 10 Security Awareness-Timothy Ledo...
UCB Corporate Compliance Training - Module 10 Security Awareness-Timothy Ledo...UCB Corporate Compliance Training - Module 10 Security Awareness-Timothy Ledo...
UCB Corporate Compliance Training - Module 10 Security Awareness-Timothy Ledo...
Timothy Ledoux, MSCS, CISSO, CPTE
 

Más contenido relacionado

La actualidad más candente

Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012
henkpieper
 
Build Redundant and Resilient Networks with Micro-Segmentation
Build Redundant and Resilient Networks with Micro-SegmentationBuild Redundant and Resilient Networks with Micro-Segmentation
Build Redundant and Resilient Networks with Micro-Segmentation
Westermo Network Technologies
 
Critical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiCritical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh Belgi
ClubHack
 
How I learned to Stop Worrying and Start Loving the Smart Meter
How I learned to Stop Worrying and Start Loving the Smart MeterHow I learned to Stop Worrying and Start Loving the Smart Meter
How I learned to Stop Worrying and Start Loving the Smart Meter
EnergySec
 
Microsegmentation for enterprise data centers
Microsegmentation for enterprise data centersMicrosegmentation for enterprise data centers
Microsegmentation for enterprise data centers
Narendran Vaideeswaran
 
Study Wireless Security Deployment - PKL
Study Wireless Security Deployment - PKLStudy Wireless Security Deployment - PKL
Study Wireless Security Deployment - PKL
Aaron ND Sawmadal
 
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015
James Nesbitt
 
Lowering Industrial Network Total Cost of Ownership
Lowering Industrial Network Total Cost of OwnershipLowering Industrial Network Total Cost of Ownership
Lowering Industrial Network Total Cost of Ownership
Creekside Marketing Group, LLC
 

La actualidad más candente (20)

How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...
 
Critical Infrastructure Security Talk At Null Bangalore 13 Feb 2010 Sundar N
Critical Infrastructure Security Talk At Null Bangalore 13 Feb 2010 Sundar NCritical Infrastructure Security Talk At Null Bangalore 13 Feb 2010 Sundar N
Critical Infrastructure Security Talk At Null Bangalore 13 Feb 2010 Sundar N
 
Mapping document
Mapping documentMapping document
Mapping document
 
Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012
 
Build Redundant and Resilient Networks with Micro-Segmentation
Build Redundant and Resilient Networks with Micro-SegmentationBuild Redundant and Resilient Networks with Micro-Segmentation
Build Redundant and Resilient Networks with Micro-Segmentation
 
Critical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiCritical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh Belgi
 
Firewalls
FirewallsFirewalls
Firewalls
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT Approach
 
Automotive Security (Connected Vehicle Security Issues)
Automotive Security (Connected Vehicle Security Issues)Automotive Security (Connected Vehicle Security Issues)
Automotive Security (Connected Vehicle Security Issues)
 
IRJET- Data Security in Local Network for Mobile using Distributed Firewalls
IRJET- Data Security in Local Network for Mobile using Distributed FirewallsIRJET- Data Security in Local Network for Mobile using Distributed Firewalls
IRJET- Data Security in Local Network for Mobile using Distributed Firewalls
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
 
IRJET- Data Security in Local Network through Distributed Firewalls: A Review
IRJET- Data Security in Local Network through Distributed Firewalls: A ReviewIRJET- Data Security in Local Network through Distributed Firewalls: A Review
IRJET- Data Security in Local Network through Distributed Firewalls: A Review
 
How I learned to Stop Worrying and Start Loving the Smart Meter
How I learned to Stop Worrying and Start Loving the Smart MeterHow I learned to Stop Worrying and Start Loving the Smart Meter
How I learned to Stop Worrying and Start Loving the Smart Meter
 
Network Architecture Review Checklist
Network Architecture Review ChecklistNetwork Architecture Review Checklist
Network Architecture Review Checklist
 
Microsegmentation for enterprise data centers
Microsegmentation for enterprise data centersMicrosegmentation for enterprise data centers
Microsegmentation for enterprise data centers
 
Study Wireless Security Deployment - PKL
Study Wireless Security Deployment - PKLStudy Wireless Security Deployment - PKL
Study Wireless Security Deployment - PKL
 
Talk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2bTalk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2b
 
A Guide to 802.11 WiFi Security by US-CERT
A Guide to 802.11 WiFi Security by US-CERTA Guide to 802.11 WiFi Security by US-CERT
A Guide to 802.11 WiFi Security by US-CERT
 
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015
 
Lowering Industrial Network Total Cost of Ownership
Lowering Industrial Network Total Cost of OwnershipLowering Industrial Network Total Cost of Ownership
Lowering Industrial Network Total Cost of Ownership
 

Destacado

WAN Services Planning Checklist
WAN Services Planning ChecklistWAN Services Planning Checklist
WAN Services Planning Checklist
XO Communications
 
UCB Corporate Compliance Training - Module 10 Security Awareness-Timothy Ledo...
UCB Corporate Compliance Training - Module 10 Security Awareness-Timothy Ledo...UCB Corporate Compliance Training - Module 10 Security Awareness-Timothy Ledo...
UCB Corporate Compliance Training - Module 10 Security Awareness-Timothy Ledo...
Timothy Ledoux, MSCS, CISSO, CPTE
 
Security Awareness Training - Basic Module
Security Awareness Training - Basic ModuleSecurity Awareness Training - Basic Module
Security Awareness Training - Basic Module
Dario Ciro Vietri
 
How to prepare a basic training module
How to prepare a basic training moduleHow to prepare a basic training module
How to prepare a basic training module
KALYANASUNDARAM Ar_Umu
 
Security training module
Security training moduleSecurity training module
Security training module
pagare_c
 
Visually impaired as a design challenge
Visually impaired as a design challenge Visually impaired as a design challenge
Visually impaired as a design challenge
Husam AlMuzainy
 
payroll process
payroll processpayroll process
payroll process
onearbaein
 
The hospitality industry – concepts, ideas and future
The hospitality industry – concepts, ideas and futureThe hospitality industry – concepts, ideas and future
The hospitality industry – concepts, ideas and future
klx1967
 
CUSTOMER SERVICE POWERPOINT
CUSTOMER SERVICE POWERPOINTCUSTOMER SERVICE POWERPOINT
CUSTOMER SERVICE POWERPOINT
Andrew Schwartz
 

Destacado (16)

WAN Services Planning Checklist
WAN Services Planning ChecklistWAN Services Planning Checklist
WAN Services Planning Checklist
 
UCB Corporate Compliance Training - Module 10 Security Awareness-Timothy Ledo...
UCB Corporate Compliance Training - Module 10 Security Awareness-Timothy Ledo...UCB Corporate Compliance Training - Module 10 Security Awareness-Timothy Ledo...
UCB Corporate Compliance Training - Module 10 Security Awareness-Timothy Ledo...
 
Security Awareness Training - Basic Module
Security Awareness Training - Basic ModuleSecurity Awareness Training - Basic Module
Security Awareness Training - Basic Module
 
East Sussex Hootsuite | Lesley Fairbairn
East Sussex Hootsuite | Lesley FairbairnEast Sussex Hootsuite | Lesley Fairbairn
East Sussex Hootsuite | Lesley Fairbairn
 
Rationalization and Defense in Depth - Two Steps Closer to the Cloud
Rationalization and Defense in Depth - Two Steps Closer to the CloudRationalization and Defense in Depth - Two Steps Closer to the Cloud
Rationalization and Defense in Depth - Two Steps Closer to the Cloud
 
Security guard training
Security guard trainingSecurity guard training
Security guard training
 
How to prepare a basic training module
How to prepare a basic training moduleHow to prepare a basic training module
How to prepare a basic training module
 
Security training module
Security training moduleSecurity training module
Security training module
 
Visually impaired as a design challenge
Visually impaired as a design challenge Visually impaired as a design challenge
Visually impaired as a design challenge
 
Architecture for hot and humid climate
Architecture for hot and humid climateArchitecture for hot and humid climate
Architecture for hot and humid climate
 
NoSQL Design Considerations and Lessons Learned
NoSQL Design Considerations and Lessons LearnedNoSQL Design Considerations and Lessons Learned
NoSQL Design Considerations and Lessons Learned
 
payroll process
payroll processpayroll process
payroll process
 
How To Prepare A Basic Training Module
How To Prepare A Basic Training ModuleHow To Prepare A Basic Training Module
How To Prepare A Basic Training Module
 
Meet Henry
Meet HenryMeet Henry
Meet Henry
 
The hospitality industry – concepts, ideas and future
The hospitality industry – concepts, ideas and futureThe hospitality industry – concepts, ideas and future
The hospitality industry – concepts, ideas and future
 
CUSTOMER SERVICE POWERPOINT
CUSTOMER SERVICE POWERPOINTCUSTOMER SERVICE POWERPOINT
CUSTOMER SERVICE POWERPOINT
 

Similar a Security Design Considerations Module 3 - Training Sample

Background Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docxBackground Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docx
ikirkton
 
WWTC Office Layout Diagram.htmlBackground Information for Wo.docx
WWTC Office Layout Diagram.htmlBackground Information for Wo.docxWWTC Office Layout Diagram.htmlBackground Information for Wo.docx
WWTC Office Layout Diagram.htmlBackground Information for Wo.docx
ericbrooks84875
 
Advantages And Disadvantages Of Nc
Advantages And Disadvantages Of NcAdvantages And Disadvantages Of Nc
Advantages And Disadvantages Of Nc
Kristen Wilson
 
Authentic Assessment Project (AAP) Jan 2017Background Informat.docx
Authentic Assessment Project (AAP) Jan 2017Background Informat.docxAuthentic Assessment Project (AAP) Jan 2017Background Informat.docx
Authentic Assessment Project (AAP) Jan 2017Background Informat.docx
rock73
 
Chapter 11 : It’s a network
Chapter 11 : It’s a networkChapter 11 : It’s a network
Chapter 11 : It’s a network
teknetir
 
Chapter 11 - It’s a Network
Chapter 11 - It’s a NetworkChapter 11 - It’s a Network
Chapter 11 - It’s a Network
Yaser Rahmati
 
Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2
Srinivasa Addepalli
 

Similar a Security Design Considerations Module 3 - Training Sample (20)

Background Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docxBackground Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docx
 
WWTC Office Layout Diagram.htmlBackground Information for Wo.docx
WWTC Office Layout Diagram.htmlBackground Information for Wo.docxWWTC Office Layout Diagram.htmlBackground Information for Wo.docx
WWTC Office Layout Diagram.htmlBackground Information for Wo.docx
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
 
ITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdfITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdf
 
It nv51 instructor_ppt_ch11
It nv51 instructor_ppt_ch11It nv51 instructor_ppt_ch11
It nv51 instructor_ppt_ch11
 
Introduction_to_Network_Security lecture
Introduction_to_Network_Security lectureIntroduction_to_Network_Security lecture
Introduction_to_Network_Security lecture
 
Advantages And Disadvantages Of Nc
Advantages And Disadvantages Of NcAdvantages And Disadvantages Of Nc
Advantages And Disadvantages Of Nc
 
Authentic Assessment Project (AAP) Jan 2017Background Informat.docx
Authentic Assessment Project (AAP) Jan 2017Background Informat.docxAuthentic Assessment Project (AAP) Jan 2017Background Informat.docx
Authentic Assessment Project (AAP) Jan 2017Background Informat.docx
 
Ccna v5-S1-Chapter 11
Ccna v5-S1-Chapter 11Ccna v5-S1-Chapter 11
Ccna v5-S1-Chapter 11
 
CompTIA Security Plus Overview
CompTIA Security Plus OverviewCompTIA Security Plus Overview
CompTIA Security Plus Overview
 
INT 1010 06-6.pdf
INT 1010 06-6.pdfINT 1010 06-6.pdf
INT 1010 06-6.pdf
 
CCNA RS_ITN - Chapter 11
CCNA RS_ITN - Chapter 11CCNA RS_ITN - Chapter 11
CCNA RS_ITN - Chapter 11
 
CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11
 
CCNAv5 - S1: Chapter11 It's A Network
CCNAv5 - S1: Chapter11 It's A NetworkCCNAv5 - S1: Chapter11 It's A Network
CCNAv5 - S1: Chapter11 It's A Network
 
Chapter 11 : It’s a network
Chapter 11 : It’s a networkChapter 11 : It’s a network
Chapter 11 : It’s a network
 
Chapter 11 - It’s a Network
Chapter 11 - It’s a NetworkChapter 11 - It’s a Network
Chapter 11 - It’s a Network
 
Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2
 
CCNA RS_ITN - Chapter 1
CCNA RS_ITN - Chapter 1CCNA RS_ITN - Chapter 1
CCNA RS_ITN - Chapter 1
 
Chapter 1 Exploring the Network. Intoduction.pptx
Chapter 1 Exploring the Network. Intoduction.pptxChapter 1 Exploring the Network. Intoduction.pptx
Chapter 1 Exploring the Network. Intoduction.pptx
 
CCNA RS_NB - Chapter 1
CCNA RS_NB - Chapter 1CCNA RS_NB - Chapter 1
CCNA RS_NB - Chapter 1
 

Más de Content Rules, Inc.

P03 swisher val_developing a global content strategy_swisher
P03 swisher val_developing a global content strategy_swisherP03 swisher val_developing a global content strategy_swisher
P03 swisher val_developing a global content strategy_swisher
Content Rules, Inc.
 

Más de Content Rules, Inc. (20)

Taxonomy and Terminology: The Crossroad of Controlled Vocabulary
Taxonomy and Terminology: The Crossroad of Controlled VocabularyTaxonomy and Terminology: The Crossroad of Controlled Vocabulary
Taxonomy and Terminology: The Crossroad of Controlled Vocabulary
 
Taking Your Content to Global Proportinos - Global Website Best Practices
Taking Your Content to Global Proportinos - Global Website Best PracticesTaking Your Content to Global Proportinos - Global Website Best Practices
Taking Your Content to Global Proportinos - Global Website Best Practices
 
Do Personas Work in a Global Marketplace?
Do Personas Work in a Global Marketplace?Do Personas Work in a Global Marketplace?
Do Personas Work in a Global Marketplace?
 
Processing Source Terminology - Localization World 2014
Processing Source Terminology - Localization World 2014Processing Source Terminology - Localization World 2014
Processing Source Terminology - Localization World 2014
 
Global content strategy meetup 10_16_14
Global content strategy meetup 10_16_14Global content strategy meetup 10_16_14
Global content strategy meetup 10_16_14
 
Your Brain on XML: Structured Content and Operational Efficiency
Your Brain on XML: Structured Content and Operational EfficiencyYour Brain on XML: Structured Content and Operational Efficiency
Your Brain on XML: Structured Content and Operational Efficiency
 
WikiProject Medicine: Breaking Down Barriers to Save Lives
WikiProject Medicine: Breaking Down Barriers to Save LivesWikiProject Medicine: Breaking Down Barriers to Save Lives
WikiProject Medicine: Breaking Down Barriers to Save Lives
 
Content rules overview and global readiness
Content rules overview and global readinessContent rules overview and global readiness
Content rules overview and global readiness
 
Preparing the Sentriant CE150 for Operation Module 7
 - - Training Sample
Preparing the Sentriant CE150 for Operation Module 7
 - - Training SamplePreparing the Sentriant CE150 for Operation Module 7
 - - Training Sample
Preparing the Sentriant CE150 for Operation Module 7
 - - Training Sample
 
NetApp Word Cloud - Marketing Sample
NetApp Word Cloud - Marketing SampleNetApp Word Cloud - Marketing Sample
NetApp Word Cloud - Marketing Sample
 
How to Write Using International English - Excerpt
How to Write Using International English - ExcerptHow to Write Using International English - Excerpt
How to Write Using International English - Excerpt
 
P03 swisher val_developing a global content strategy_swisher
P03 swisher val_developing a global content strategy_swisherP03 swisher val_developing a global content strategy_swisher
P03 swisher val_developing a global content strategy_swisher
 
Planning Your Global Content Strategy
Planning Your Global Content StrategyPlanning Your Global Content Strategy
Planning Your Global Content Strategy
 
The Seven Components of a Global Content Strategy
The Seven Components of a Global Content StrategyThe Seven Components of a Global Content Strategy
The Seven Components of a Global Content Strategy
 
Using Language to Change the World - Translators Without Borders
Using Language to Change the World - Translators Without BordersUsing Language to Change the World - Translators Without Borders
Using Language to Change the World - Translators Without Borders
 
Google Course Lecture
Google Course LectureGoogle Course Lecture
Google Course Lecture
 
Thinking Strategically About Content Destined for Machine Translation
Thinking Strategically About Content Destined for Machine TranslationThinking Strategically About Content Destined for Machine Translation
Thinking Strategically About Content Destined for Machine Translation
 
Shepherding Your Content for Operational Efficiency
Shepherding Your Content for Operational EfficiencyShepherding Your Content for Operational Efficiency
Shepherding Your Content for Operational Efficiency
 
It Starts With The Source - Source English Terminology in a Multi-Channel, Gl...
It Starts With The Source - Source English Terminology in a Multi-Channel, Gl...It Starts With The Source - Source English Terminology in a Multi-Channel, Gl...
It Starts With The Source - Source English Terminology in a Multi-Channel, Gl...
 
Silver Peak Case Study
Silver Peak Case StudySilver Peak Case Study
Silver Peak Case Study
 

Último

1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
discovermytutordmt
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
fonyou31
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
heathfieldcps1
 

Último (20)

social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 

Security Design Considerations Module 3 - Training Sample

  • 1. Module 3 Security Design Considerations © 2006 Extreme Networks, Inc. All rights reserved.
  • 2. Description This module provides an overview of the network vulnerabilities and security threats companies face today. It reviews the factors that should be taken into consideration when designing a security solution. It describes basic Sentriant CE150 network design configurations. Finally, it lists the technical information needed before you install the Sentriant CE150. page 2 © 2006 Extreme Networks, Inc. All rights reserved.
  • 3. Objectives Upon completion of this module the successful student will be able to: • List the factors taken into consideration when designing a network security solution. • Understand the network vulnerabilities that are addressed by the Sentriant CE150. • Describe basic Sentriant CE150 network design configurations. • Identify the technical information required before you install a Sentriant CE150 in a customer site. page 3 © 2006 Extreme Networks, Inc. All rights reserved.
  • 4. Traditional Defenses: Firewalls and IDS Firewall • Enforce access control policies between networks • Determine which inside services may be available from outside and vice versa • Provide a single “Choke point” where security audits may be performed • Provide information about who has been “sniffing” around Intrusion Detection Systems (IDS) • Excellent at detecting many types of network attacks page 4 © 2006 Extreme Networks, Inc. All rights reserved.
  • 5. Firewall and IDS Limitations Cannot protect from attacks that bypass it • Internal attacks or unrestricted dial-outs Cannot protect data that is traversing the network • Financial data, corporate secrets, etc. Cannot protect against data being “changed” as it moves across the network Cannot stop any attacks that come from the inside page 5 © 2006 Extreme Networks, Inc. All rights reserved.
  • 6. Network Vulnerabilities Unauthorized Access of Data in Motion • Unauthorized monitoring – Network users believe the data they send over networks will be viewed only by the intended receiver. • Unauthorized modification – A simple route traced between any two corporate networks may provide an opportunity for an intruder to inconspicuously modify data. Common Inside Attacks • Insider breaches – Employees, contractors and others with legitimate network access can easily bypass perimeter security to access sensitive data on the network. • Man-in-the-middle attacks (also known as TCP Hijacking) – An attacker sniffs packets from the network, modifies them and inserts them back into the network. • Port mirroring – Port mirroring is a method of monitoring network page 6 traffic that forwards a copy of each incoming and outgoing packet from one port of a network switch to another port where the packet can be studied. © 2006 Extreme Networks, Inc. All rights reserved.
  • 7. Mitigate Network Vulnerabilities: Inside the Perimeter It is important to secure your data as it travels within your organization’s network. • Insiders account for up to 50% of network security breaches. A layered approach to network security provides the best defense possible. This means that in addition to perimeter security e.g., firewall perimeter security, data traversing the internal network must also be secured. page 7 The only way to protect data traversing internal networks is to encrypt it. Sentriant CE150 provides the ideal solution for encrypting and safeguarding data in motion. © 2006 Extreme Networks, Inc. All rights reserved.
  • 8. Elements of a Comprehensive Security Solution Physical protection • Where are you? User authentication • Who are you? Encryption • Which information should be hidden? Access control • Which assets are you allowed to use? page 8 Management • What is going on within the network? © 2006 Extreme Networks, Inc. All rights reserved.
  • 9. Security Design Considerations Performance • Security solutions cannot become bottlenecks on the network. Security appliances must provide low latency and high throughput. User Transparency • Security appliances should not require reconfiguration of routers, gateways, or end-user devices Centralize management and administration • Security solutions should provide centralized management and control, including: SNMP, MIB, audit and syslog Regulatory compliance • Security solutions must be able to support the every evolving Federal and State government regulations, e.g., HIPAA Resiliency • Security solutions must be available 7/24 with the ability to update page 9 security policies on the fly © 2006 Extreme Networks, Inc. All rights reserved.
  • 10. Review 3 Minutes © 2006 Extreme Networks, Inc. All rights reserved.
  • 11. Sentriant CE150 Non-Router Network - Outbound Switch Switch Fiber backbone, Pt-Pt Wireless Switch network Sentriant CE150 Sentriant CE150 Layer 2 Outbound Traffic Non-Router Network Outbound traffic: • This example explains the steps network equipment performs when sending data from a company site out to an external entity in a nonrouter environment. page 11 © 2006 Extreme Networks, Inc. All rights reserved.
  • 12. Sentriant CE150 Non-Router Network - Inbound Switch Switch Fiber backbone, Pt-Pt Wireless Switch network Sentriant CE150 Sentriant CE150 Layer 2 Inbound Traffic Non-Router Network Inbound traffic: • This example explains the steps network equipment performs when receiving data from an external entity into a company site in a nonrouter environment. page 12 © 2006 Extreme Networks, Inc. All rights reserved.
  • 13. Sentriant CE150 Router WANs - Outbound Switch Switch Router Router Sentriant CE150 Sentriant CE150 Internet Outbound Traffic Router WAN/Backbone Outbound traffic: • This example explains the steps network equipment performs when sending data from a company site out to an external entity in a router environment. page 13 © 2006 Extreme Networks, Inc. All rights reserved.
  • 14. Sentriant CE150 Router WANs - Inbound Switch Switch Router Router Sentriant CE150 Sentriant CE150 Internet Inbound Traffic Router WAN/Backbone Inbound traffic: • This example explains the steps network equipment performs when receiving data from an external entity into a company site in a router environment. page 14 © 2006 Extreme Networks, Inc. All rights reserved.
  • 15. Resiliency Non-VRRP Example Router 1 Router A Sentriant CE150 C Router Router 2 Sentriant CE150 Internet Router B Router D Dual active-path redundancy • This example has two Sentriant CE150 appliances at each end of the connection creating two active paths between the locations. page 15 © 2006 Extreme Networks, Inc. All rights reserved.
  • 16. Resiliency VRRP Example Router 1 A Router Sentriant CE150 Router Internet C B Router 2 Sentriant CE150 D Single active-path redundancy • A pair of Sentriant CE150 appliances can be configured to form a virtual security gateway (VSG). • One appliance is active and the other waits in a backup state Virtual Router Redundancy Protocol • Allows two security gateways (Sentriant CE150) to share one IP address page 16 © 2006 Extreme Networks, Inc. All rights reserved.
  • 17. Review 3 Minutes © 2006 Extreme Networks, Inc. All rights reserved.
  • 18. Configuration Planning Worksheet Interface Configuration page 18 © 2006 Extreme Networks, Inc. All rights reserved.
  • 19. Configuration Planning Worksheet Management Access page 19 © 2006 Extreme Networks, Inc. All rights reserved.
  • 20. Configuration Planning Worksheet FTP Client page 20 © 2006 Extreme Networks, Inc. All rights reserved.
  • 21. Configuration Planning Worksheet Network Interoperability page 21 © 2006 Extreme Networks, Inc. All rights reserved.
  • 22. Configuration Planning Worksheet Manual Key Policies page 22 © 2006 Extreme Networks, Inc. All rights reserved.
  • 23. Configuration Planning Worksheet Negotiated IPSec page 23 © 2006 Extreme Networks, Inc. All rights reserved.
  • 24. Configuration Planning Worksheet Negotiated IPSec (cont’d) page 24 © 2006 Extreme Networks, Inc. All rights reserved.
  • 25. Configuration Planning Worksheet Discard and Clear Policy page 25 © 2006 Extreme Networks, Inc. All rights reserved.
  • 26. Summary This module provided an overview of the network vulnerabilities and security threats companies face today. The module also reviewed the factors that should be taken into consideration when designing a security solution. It described basic Sentriant CE150 network design configurations. And finally, it provided the technical information worksheets used to assist with the installation of the Sentriant CE150. page 26 © 2006 Extreme Networks, Inc. All rights reserved.
  • 27. Summary continued You should now be able to: • List the factors taken into consideration when designing a network security solution. • Understand the network vulnerabilities that are addressed by the Sentriant CE150. • It describe basic Sentriant CE150 network design configurations. • Identify the technical information required before you install a Sentriant CE150 in a customer site. page 27 © 2006 Extreme Networks, Inc. All rights reserved.
  • 28. End of Module Review 5 Minutes © 2006 Extreme Networks, Inc. All rights reserved.