Security Management Chapter3

TCP/IP
Application
Internetworking Transmission within a single LAN or WAN
Transport Internet Use OSI Standards Here
2-3
Figure 3-2: Encapsulation • Application Layer
Message with Encapsulating Header
2-5
Figure 3-2: Encapsulation • Session Layer
▫ Establishes direction of communication with remote computer
More Header Added
600 Mpbs
Est. 200 m
OFDM
Firewalls
• First Generation ▫ Static Packet Filtering at Layer 3 (source/dest IP) ▫ Easily fooled by spoofing • Second Generation ▫ Layer 7 filtering by port ▫ Require higher processing power ▫ Layer 5 filtering by “handshake”
UTP cat 5e, UTP cat 6, UTP cat 7, fiber
40 GbE
40 Gbps
fiber
Wireless (Wi-Fi) Network Types
Standard Frequency Potential Speed
11 Mbps
Potential Range
50 m
Spectrum
Simplex Half-Duplex Full-Duplex
2-6
Figure 3-2: Encapsulation • Transport Layer
▫ Segments message into frames/packets
Footer Data Field Header
▫ Sequencing for reassembly at destination ▫ Error Checking
2-7
Figure 3-2: Encapsulation • Network Layer
▫ Addresses and routes packets
Footer Data Field Header
e.g. IP addressing Between-network transmission
▫ Layer 3 & 4 filtering by “stateful inspection” ▫ Much match expected protocols (TCP, UDP, etc.)
A Network Design Using Firewalls
For initial screening - Permits web access - Denies FTP requests
▫ Creates the Message
Nothing but Data
2-4
Figure 3-2: Encapsulation • Presentation Layer
▫ Formats the message for networking use (video, text, HTML, etc.)
Application Presentation Session Transport Network Data Link Physical
Away Pizza Sausage Throw Not Do
Alligator All Pet Steve’s Touch Not Do People Seem To Need Data Processing
802.11b
2.4 GHz
DSSS (Spread across range) OFDM (Orthogonal Freq. MP) DSSS
802.11a
5 GHz
54 Mbps
20 -25 m
802.11g
2.4 GHz
54 Mbps
50 m
802.11n (2009)
2.4 and 5 GHz (MIMO)
When firewalls fail
The Eigenvalue is off Enhance
Maximum Data Rate
10 Mbps 10 Mbps 10 Mbps 100 Mbps
Cables
Coaxial Coaxial UTP cat 3, UTP cat 5 UTP cat 5, fiber
1000Base-T
10 GbE
1 Gbps
10 Gbps
UTP cat 5, UTP cat 5e, UTP cat 6, fiber
2-9
Figure 3-2: Encapsulation • Physical Layer
▫ Converts frame/packet for appropriate medium
Eth Ftr Data Field TCP IP Eth Hdr Hdr Hdr
e.g. MAC addresses Within-network transmission
2-8
Figure 3-2: Encapsulation • Data Link Layer
▫ Handles the hardware addressing of the transmission
Footer Data Field Header
e.g. MAC addresses Withiபைடு நூலகம்-network transmission
Anytime Passwords Secret Tell Not Do Please
All People Standing Totally Naked Don’t Perspire
Programmers Please
Physical Ethernet Media Types
Name
10Base-5 10Base-2 10Base-T 100Base-T
Chapter 3 ISO Model & Network Infrastructure
CISSP Study Guide BIS 4113
Stack Layer Models
Broad Purpose Communication between applications
Hybrid TCP/IP-OSI OSI Application Application (Layer 5) Transport (Layer 4) Internet (Layer 3) Data Link (Layer 2) Physical (Layer 1) Presentation Session Transport Network Data Link Physical