Network access control for dummies pdf

  1. Network Access Control For Dummies® [Book]
  2. Fundamentals of Information Systems Security/Access Control Systems
  3. Network Access Control For Dummies®
  4. 9 Top Network Access Control (NAC) Solutions

Network access control (NAC) is how you manage network security when your employees, partners, and guests need to access your network using laptops and . How can the network be protected from your own users? 4 Only users with VPN access have the protection provided by local firewall policy enforcement. There is no . Source: Feasibility. Network Access Control (NAC). Allied Telesis provides advanced edge security for Enterprise networks. Solutions Guide. NETWORK SMARTER.

Language:English, Spanish, Japanese
Genre:Academic & Education
Published (Last):08.09.2016
Distribution:Free* [*Registration Required]
Uploaded by: WYNELL

76402 downloads 97057 Views 10.56MB PDF Size Report

Network Access Control For Dummies Pdf

Extreme Networks Network Access Control (NAC) is a complete standards-based , multi-vendor interoperable . can be generated as PDF files. In addition, the. Network Access Control. What is it and why do you need it? • Harden your network. • Prevent network breaches. • Eliminate unauthorized network connections. What is NAC? Network Access Control (“NAC”) enforces security of a network by restricting the

Popular Spoofing Techniques Man-in-the-middle attack MITM :An attack in which an attacker is able to read, insert and modify at will messages between two parties without either party knowing that the link between them has been compromised. URL spoofing: A Spoofed URL describes one website that poses as another Phishing :An attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Referrer spoofing:It is the sending of incorrect referrer information along with an HTTP request, sometimes with the aim of gaining unauthorized access to a web site. It can also be used because of privacy concerns, as an alternative to sending no referrer at all. Spoofing of file-sharing Networks: Polluting the file-sharing networks where record labels share files that are mislabeled, distorted or empty to discourage downloading from these sources. Caller ID spoofing :This allows callers to lie about their identity, and present false names and numbers, which could of course be used as a tool to defraud or harass E-mail address spoofing:A technique commonly used for spam e-mail and phishing to hide the origin of an e-mail message by changing certain properties of the e-mail, such as the From, Return-Path and Reply-To fields. The user is presented with an ordinary looking login prompt for username and password, which is actually a malicious program, usually called a Trojan horse under the control of the attacker. When the username and password are entered, this information is logged or in some way passed along to the attacker, breaching security. Countermeasures Be skeptical of e-mails indicating that you need to make changes to your accounts or warnings indicating that accounts will be terminated without you doing some type of activity online. Call the legitimate company to find out if this is a fraudulent message. Review the address bar to see if the domain name is correct. Do not click on an HTML link within an e-mail. Type the URL out manually instead. Do not accept e-mail in HTML format. Emanations[ edit ] Overview All electronic devices emit electrical signals.

This email address is already registered.

Please login. You have exceeded the maximum character limit.

Network Access Control For Dummies® [Book]

First Name: You forgot to provide your first name. Last Name: You forgot to provide your last name. Company Name: You forgot to provide a company name.

Job Title: You forgot to provide a job title. Seniority: You forgot to select your seniority.

Fundamentals of Information Systems Security/Access Control Systems

Job Function: You forgot to select your job function. Industry: You did not select which industry you are in. You did not select which industry you are in. Address 1: You did not provide a full local address. Tempest Technologies: Tempest technology is complex, cumbersome, and expensive, and therefore only used in highly sensitive areas that really need this high level of protection. Two alternatives to Tempest exist White Noise: White noise is a uniform spectrum of random electrical signals.

It is distributed over the full spectrum so that the bandwidth is constant and an intruder is not able to decipher real information from random noise or random information. Control Zone: Some facilities use material in their walls to contain electrical signals.

This prevents intruders from being able to access information that is emitted via electrical signals from network devices. This control zone creates a type of security perimeter and is constructed to protect against unauthorized access to data or compromise of sensitive information.

Shoulder Surfing[ edit ] Overview Shoulder surfing refers to using direct observation techniques, such as looking over someone's shoulder, to get information. Shoulder surfing is particularly effective in crowded places because it's relatively easy to observe someone as they: Fill out a form Enter their PIN at an automated teller machine or a POS Terminal Use a calling card at a public pay phone Enter passwords at a cybercafe, public and university libraries, or airport kiosks. Enter a digit code for a rented locker in a public place such as a swimming pool or airport.

Shoulder surfing is also be done at a distance using binoculars or other vision-enhancing devices. Inexpensive, miniature closed-circuit television cameras can be concealed in ceilings, walls or fixtures to observe data entry.

To prevent shoulder surfing, it is advised to shield paperwork or the keypad from view by using one's body or cupping one's hand. Recent automated teller machines now have a sophisticated display which discourages shoulder surfers. It grows darker beyond a certain viewing angle, and the only way to tell what is displayed on the screen is to stand directly in front of it.

Certain models of credit card readers have the keypad recessed, and employ a rubber shield that surrounds a significant part of the opening towards the keypad. This makes shoulder-surfing significantly harder, as seeing the keypad is limited to a much more direct angle than previous models.

Network Access Control For Dummies®

Taken further, some keypads alter the physical location of the keys after each keypress. Also, security cameras are not allowed to be placed directly above an ATM. Object Reuse[ edit ] Overview Object reuse issues pertain to reassigning to a subject media that previously contained one or more objects. The sensitive information that may be left by a process should be securely cleared before allowing another process the opportunity to access the object.

This ensures that information not intended for this individual or any other subject is not disclosed. For media that holds confidential information, more extreme methods should be taken to ensure that the files are actually gone, not just their pointers.

Countermeasures Sensitive data should be classified by the data owners.

How the data is stored and accessed should also be strictly controlled and audited by software controls. Before allowing one subject to use media that was previously used, the media should be erased or degaussed. If media holds sensitive information and cannot be purged, there should be steps on how to properly destroy it so that there is no way for others to obtain this information.

Data Remanence[ edit ] Overview Data remanence is the residual representation of data that has been in some way been nominally erased or removed. This residue may be due to data being left intact by a nominal delete operation, or through physical properties of the storage medium.

9 Top Network Access Control (NAC) Solutions

Data remanence may make inadvertent disclosure of sensitive information possible, should the storage media be released into an uncontrolled environment. Countermeasures Classes of Countermeasures Clearing Clearing is the removal of sensitive data from storage devices in such a way that there is assurance, proportional to the sensitivity of the data, that the data may not be reconstructed using normal system functions.

The data may still be recoverable, but not without unusual effort. Clearing is typically considered an administrative protection against accidental disclosure within an organization. For example, before a floppy disk is re-used within an organization, its contents may be cleared to prevent their accidental disclosure to the next user. Purging Purging or sanitizing is the removal of sensitive data from a system or storage device with the intent that the data can not be reconstructed by any known technique.

Purging is generally done before releasing media outside of control, such as before discarding old media, or moving media to a computer with different security requirements.

Methods to Countermeasure Overwriting A common method used to counter data remanence is to overwrite the storage medium with new data. This is often called a wiping or shredding a file or disk. Because such methods can often be implemented in software alone, and may be able to selectively target only part of a medium, it is a popular, low-cost option for some applications. The simplest overwrite technique writes the same data everywhere—often just a pattern of all zeros.

At a minimum, this will prevent the data from being retrieved simply by reading from the medium again, and thus is often used for clearing. Degaussing Degaussing is the removal or reduction of a magnetic field. Applied to magnetic media, degaussing may purge an entire media element quickly and effectively.

A device, called a degausser, designed for the media being erased, is used. Degaussing often renders hard disks inoperable, as it erases low-level formatting which is only done at the factory, during manufacture.

Similar articles

Copyright © 2019 All rights reserved.