abhas
/
selfhosted-education
1
0
Fork 0
Code Releases 0 Activity
Free Software Solutions For Educational Institutions https://selfhosted.education
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
374 KiB
Tree: 1a6baa6bee
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '1a6baa6bee'
${ noResults }
selfhosted-education/network/security.md

64 lines
2.5 KiB
Raw Normal View History

Initial site
3 years ago
 
  1. ---
  2. layout: default
  3. parent: Network Solutions
  4. nav_order: 2
  5. title: Security
  6. ---
  7. 

  8. # Network Security and Intrusion / Malware Detection

  9. 

  10. ## Overview

  11. 

  12. Keeping the network secure is as important as keeping it fully-
  13. functional. The traditional approach of just using an equipment at the
  14. gateway is not sufficient. The threats can emanate from inside the
  15. networks as much as they come from the Internet.
  16. 

  17. A functional and up-to-date Intrusion Detection and Prevention System
  18. (IDS/IPS) is an integral part of a secure network in addition to anti-
  19. malware software. An IDS/IPS inspects all the traffic passing through
  20. the network in real-time and matches them with pre-defined signatures
  21. to generate alerts and/or block the malicious activities from outside
  22. or inside the network.
  23. 

  24. A SIEM (Security Incident and Events Monitoring) system can collect
  25. logs generated from various components like firewalls, servers,
  26. IDS/IPS, network access controllers, DHCP Servers etc to provide a
  27. holistic view of the security situation of the network.
  28. 

  29. ## Common Problems

  30. 

  31. * There are infected machines in the network which are generating huge amount
  32.   of traffic affecting the whole network. These things can happen silently
  33.   without any outward symptoms till it begins to affect users in a negative way.
  34. 

  35. * There are Trojans installed in the machines which spread through the network
  36.   or can be part of a bigger attacks and are just waiting for a trigger from
  37.   “Command and Control” (CnC) server on the Internet
  38. 

  39. * You are not even aware that there are a lot of Intrusion or Denial-of-Service
  40.   (DoS) attacks are happening on your network which are eating system resources
  41.   of your gateway firewall
  42. 

  43. * Students could be trying to learn about security by attacking the servers
  44.   inside the college network (or on the Internet)
  45. 

  46. * Unauthorised access attempts to the servers or computers inside the network
  47.   are not noticed
  48. 

  49. ## Benefits

  50. 

  51. * Visibility into malicious activity present in the network - originating from
  52.   either the Internet or within the local network
  53. 

  54. * Automatic blocking of the hosts generating such activities from the Internet
  55. 

  56. * Automatic isolation of the hosts generating malicious traffic from within the
  57.   network with the users and administrators get notified of the same
  58. 

  59. * Various vulnerabilities get highlighted on the SIEM which when fixed on time
  60.   save the network from catastrophic downtime
  61. 

  62. * The possibility of machines inside the network getting involved in large
  63.   scale attacks on the Internet gets minimised to a great extent
  64.