S3SS10N Wednesday – Network Services Part 2

Join Cybrary

Begin Learning Cyber Security for FREE Now!

Already a Member Login Here
< Back to S3SS10NS

S3SS10N Wednesday – Network Services Part 2

Published: January 11, 2017 | By: Kelly Handerhan | Views: 3564
This post has been saved to your profile

This Weeks S3SS10N Wednesday

This is the second part in the Session Wednesday series on Network Services presented by Kelly Handerhan. To recap: part 1 covered DNS and DHCP with an overview of the DORA process which is short for Discover, Offer, Request, and Acknowledge. This is the process used by DNS and DHCP to establish a session with a client and then serve up requested information. Kelly concluded the session by pointing out that this process was designed to work, but not necessarily work securely. In this video, Kelly discusses the remaining two essential network services: RADIUS and NAC.

RADIUS, which is short for Remote Authentication Dial-in Service, is a protocol for clients outside of the corporate network to gain access remotely. The connection type can consist of dial-up, VPN client, or Wi-Fi client. It may be difficult to believe, but dial-up connections using a modem are still in use and as such, must still be supported and considered.

The corresponding endpoints for the preceding clients on the corporate LAN are a remote access server for dial-up, a VPN server or concentrator for VPN clients, and wireless access points for Wi-Fi clients. Multiple endpoints can exist simultaneously on a network to accommodate an array of client connections. This is known as a distributed environment and allows for greater flexibility when it comes to remote access. Such a configuration requires that each server have a separate set of rules and this, in turn, introduces more risk.

This is where RADIUS comes into play. It is a means for providing strong authentication for clients wishing access to the network. A centralized authentication policy is maintained on the RADIUS server which provides more control and security. Kelly then mentions a few other authentication protocols such as TACACS+ from Cisco Systems and the IEEE security standard 802.1x. She drops a valuable hint that cert exams LOVE to ask about 802.1x, so consider yourself warned!

Kelly concludes the session by discussing NAC or Network Access Control. NAC protects the network and the resources connected to it. This is particularly vital in today’s “Bring Your Own Device” (BYOD) work environment. BYOD may be a great policy for employees and can also save an organization a lot of money in equipment costs, but with these benefits come heightened risks and threats.

NAC can be configured to enforce inspection of devices prior to being allowed access to the network. A baseline of general health requirements for devices can be maintained as a set of policies on the NAC server. The result of such a scan can then ultimately determine access decisions which are based on the assessed health of a device. Often DHCP is integrated into NAC to limit access if a device’s health is found wanting.

Policies governing device health can consist of determining if AV software is installed and up to date on devices wishing access. Other criteria might be does the device have a firewall? Are the latest patches and security updates installed?  Does it have anti-spyware installed and is that also up to date?

These policies are part of a system health validator installed on the NAC server and are fully configurable based on the standards instituted by the organization. Devices found wanting healthwise can then be redirected to a remediation area of the network where they, in turn, can download AV software, system and security updates, etc. in order to be brought into compliance.

< Back to S3SS10NS

About This S3SS10N Wednesday's Contributor

Kelly Handerhan
Skilled and certified in CISSP, CASP, and PMP, SME Kelly has taught several courses on Cybrary and is highly praised for her ability to effectively communicate important information in a relate-able and understandable way.
Enjoy this S3SS10N Wednesday? Want more Cybytes?
Invite a Friend
and share now
Facebook Twitter LinkedIn Email
Join Cybrary
  1. Excellent sessions I will take the exams soon

  2. Love these weekly sessions…

    Thank You !!

  3. Very Interesting.

    Thank you

Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?