Wednesday, July 19, 2017

Network Risk and Monitoring


Factor
Example
Something you know.
Client logs in with username and password.
Something you have.
Client logs in using credentials and token.
Something you are.
Client uses fingerprints with credentials.
Something you do.
Required action completed with credentials.
Somewhere you are.
Geo-location confirmation with credentials.


When implementing a single factor authentication, it is best to know all pros and cons that come along with.  One of the first cons is the ability to easily guess a username based on common usage.  Another con is the lack of strong passwords created by the end user.  Even if a policy is in place most users do not abide by it and therefore the security has risks.  The only pro of which I could imagine for single factor authentication is the costs, as it is extremely affordable. 
Utilizing multi-factor authentication may cost more but your network security would overall be stronger.  No matter the factor chosen it will strengthen your security, but at a cost.  A con aside from the costs would be problematic hardware causing clients the inability to login.  A pro aside from a stronger security system, would be the money saved from possible data loss if it was not in use.
The main key to layered security and defense in depth is within the name.  It all comes down to ensuring multiple layers of security has been implemented.  If you only have one layer of security, it is easier to break in and remove the data being protected.  Whereas if multiple layers of security are utilized properly, it would require further layers to break which would be difficult.
An analogy that could be used to explain layered security and defense in depth within the physical world could be the security used for a data center.  For a building that is in the middle of the city, before the front doors there is a security guard and concrete posts.  The next layer of security would be the guards inside and the key card access required to use the elevators.  The third layer of security would be the multiple doors and key card locks to enter the room containing the servers.
Transitive access can be explained simply by if you trust your significant other and he or she trusts another person, therefore you would trust that person.  This can be explained further by stating you trust your significant others family simply because he or she trusts them.  Whereas, if he or she did not trust them then you would not trust them either.
The transitive access technique can be extremely important within larger networks as it is easier to setup and maintain.  Simply there is no intervention required by administrators to establish trusts.  The only problem with this technique is it allows hackers to acquire additional trusts than normal when joining a domain.

Access Control Method
Definition
Mandatory
All predefined and inflexible for how access is allowed.
Discretionary
Some flexibility how access is allowed and allows users to share.
Role-Based
Established roles within specific job function for the period.
Rule-Based
Preconfigured policies to allow or deny users on a list.

Protocol
Definition
Use
PPTP
Encapsulates in a solo point-to-point environment.
VPN Tunneling
L2F
Provides authentication, but no encryption.
Remote connections.
L2TP
PPTP and L2F hybrid, that can be utilized to bridge across multiple systems.
Bridge multiple kinds of systems.
SSH
Utilizes encryption to launch a safe connection between two systems.
Remote connections.
IPSec
Provides safe verification and encryption of data and headers.
VPN Tunneling.

No comments:

Post a Comment

Binary Conversions

The conversion of numbers is common in mathematics and has been used for many generations.   During the creation of computers number co...