handbook,.

Description Network security covers such issues as network communication privacy, information confidentiality and integrity over network, controlled access to restricted network domains and sensitive information, and using the public network such as Internet for private communications. To address these issues, various network and information security technologies have been developed by various organizations and technology vendors. Here is a summary of the technologies:

AAA: Authorization, Authentication and Accounting is a technology for intelligently controlling access to network resources, enforcing policies, auditing usage, and providing the information necessary to bill for services. Authentication provides a way of identifying a user, typically by having the user enter a valid user name and valid password before access is granted. The authorization process determines whether the user has the authority to access certain information or some network sub-domains. Accounting measures the resources a user consumes while using the network, which includes the amount of system time or the amount of data a user has sent and/or received during a session, which could be used for authorization control, billing, trend analysis, resource utilization, and capacity planning activities. A dedicated AAA server or a program that performs these functions often provides authentication, authorization, and accounting services.

VPN: Virtual Private Network is a technology allowing private communications by business and individuals, such as remote access to a corporate network or using a public telecommunication infrastructure, such as the Internet. A virtual private network can also be a specially configured network over the public network infrastructure that is only used by one organization. Various network-tunneling technologies such as L2TP have been developed to reach this goal. Using encryption technologies such as IPsec could further enhance information privacy over network and virtual private networks.

Firewall: Firewall is a software program or hardware device that filters the information coming through the Internet connection into a private network or computer system. Firewalls use one or more of three methods to control traffic flowing in and out the network:

• Packet filtering - Packets are analyzed against a set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded.

• Proxy service - Information from the Internet is retrieved by the firewall and then sent to the requesting system and vice versa.

• Stateful inspection - compares certain key parts of packets passing through with a database of trusted information. Outgoing information from inside the firewall is monitored for specific defining characteristics, and incoming information is then compared with these characteristics. If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded.

Protocols The key protocols for AAA and VPN:

Authentication Authorization Accounting	Kerberos: Network Authentication Protocol
	RADIUS: Remote Authentication Dial In User Service
	SSH: Secure Shell Protocol
	TACACS: Terminal Access Controller Access Control Protocol (and TACACS+)
Tunneling	L2F: Level 2 Forwarding protocol
	L2TP: Layer 2 Tunneling Protocol
	PPTP: Point to Point Tunneling Protocol
Secured Routing	DiffServ: Differentiated Service
	GRE: Generic Routing Encapsulation
	IPsec: Security Architecture for IP network
	IPsec AH: IPsec Authentication Header
	IPsec ESP: IPsecEncapsulating Security Payload
	IPsec IKE: Internet Key Exchange Protocol
	IPsec ISAKMP: Internet Security Association and Key Management Protocol
	TLS: Transport Layer Security Protocol
Others	Socks: Protocol for sessions traversal across firewall securely

Reference

http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/security.htm
Securities Technologies