NETOWORK SECURITY MAIL SERVERS

							                    Network Security
                                       CHRISTOPHER D. CONEWAY




under the direction of Dr. Foorood Amirmadhi
for the
CASS/CREST STARS Program
Tennessee State University
Agenda

 Objective
 Basic Network Components
 The Lab Systems
 Securing the Network
 Current Work
 Conclusion
Objective

 Our objective is to better understand
  Network Security issues, and means to
  protect it.
 Our goals are as follows:
     Network Layer
     Host Layer
     Application Layer
OSI Model
      A Conceptual Packet Structure



Control   Source   Destination   Protocol   Data
Basic Network Components
                              PCs
      Firewall


 Router



 Switch



 Hub
The Lab Systems

 Hardware
  components
     Switch, Hub, PC’s
 Operating Systems
     Unix: Sun Os 5.5
     Linux: Red Hat 9.0,
      SuSE 8.2
     Windows: 2000,
      2000 Server, NT4.0
               Network Diagram            Internet




                                 Router                  Hub

   Firewall NG
                                 N   Network Address
                                 A
                                        Translator
                      Firewall   T



   Network 1                                              Network 2
Private Class-C:     Hub         Switch                Private Class-C:
   Address                                                Address
Firewall

 Firewall –Hardware or software that examines
  and controls the traffic between two or more
  networks (i,e; Internal, and Internet)
 Firewall policies are a collection rules:




                                      internet
Policies-Firewall
   Securing the Network:
      Security Tools
 Port Scanner (Protocol holes)
 Security Analyzer (Application Holes)
 Network Analyzer/Sniffer (Decoding)
Security Analyzer Report
Sample
Port Analysis Section
Current Works

    Secure Mail
    Microsoft Active Directory
    VPN (Virtual Private Network)
    Unix systems
Secure Mail
   Virus protection - Server based virus protection using your existing antivirus
    software.

   Spam filtering - Checks to see if the computer which sent a message is
    blacklisted on the major RBL lists. Quarantines or deletes any such messages.

   Content filtering -. Check for unacceptable language.

   Attachment filtering - Part of the content filtering. Removes unwanted types of
    file attachment before they reach the end user.

   IMAP (Internet Message Access Protocol) support - Store all message folders
    centrally, allowing side by side access from a mail client or web-mail.

   Web-based mail client - Provide users with web-based access to their e-mail.

   Web-based administration - Remotely administer mail using a web browser.

   Http-s- An extension to the http protocol to support sending data securely over the
    web.
Secure Mail Diagram




  Mail Server   Client Computers
Active Directory

     Microsoft Active Directory
        Domain Name Service
        User and Group account management

        Organizational units and resources
         management
Active Directory Diagram
VPN (Virtual Private Network)

     VPN (Virtual Private Network)
        Checkpoint   VPN (CP2000, CPNG)
        Data integrity and confidentiality are
         protected through authentication and
         encryption
        Data can be securely transmitted between
         two locations across the Internet or be
         encrypted between a server and a client
          within a Local Area Network
VPN Diagram
VPN Client Connected to Private
      COE-Lab Network
Unix Systems

    Unix systems
               services (web, mail, proxy, etc..)
       Internet

       Redhat & Suse, Sun system platforms
Conclusions

 Security in All Layers Required
 Be Up-to-date in New Security Issues
 Consistency in the process of securing
  systems
Questions