Network Security
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
12 hours 57 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:00
>> We just talked about the fundamental aspects of
00:00
networking and some of
00:00
the security concerns that come with that.
00:00
Now we're going to get more in depth in the controls
00:00
regarding security networking in cloud environments.
00:00
In this lesson, we're going to talk about
00:00
the important considerations when evaluating
00:00
cloud providers network security controls.
00:00
We want to talk about why network security in
00:00
the cloud contexts is largely
00:00
the responsibility of the hosting provider.
00:00
Then based on the controls that we describe,
00:00
you'll be able to identify red flags in the absence
00:00
of those controls for given hosting provider.
00:00
Across our service models,
00:00
network security is largely
00:00
in the cloud providers responsibility quadrant.
00:00
That's true of software as a service,
00:00
platform as a service,
00:00
and infrastructure as a service is really
00:00
shared between the customer and the cloud provider.
00:00
The network security controls that we're going to
00:00
talk about really should be
00:00
implemented whether it's an
00:00
on-premise or cloud-based solution.
00:00
They're just some caveats.
00:00
They're slightly different in cloud environments.
00:00
First and foremost, there should be a firewall.
00:00
A firewall is set up around
00:00
>> the perimeter of the network.
00:00
>> It regulates what traffic can go in and go out.
00:00
The firewall rules should be
00:00
administered very carefully to ensure that
00:00
no malicious actors can get in or
00:00
no unwanted services or different packets of
00:00
information can traverse the firewall that could be
00:00
potential points of exploit.
00:00
We don't want to monitor
00:00
any traffic that's leaving your firewall.
00:00
We talked about egress monitoring
00:00
that can be administered at the firewall.
00:00
There should be strict logical access controls
00:00
regarding who can administer
00:00
the firewall and change the rules.
00:00
Let's say someone were to slip past the firewall,
00:00
>> well, thankfully you should have
00:00
>> an intrusion detection system
00:00
>> or an intrusion prevention system in place.
00:00
As the same would imply,
00:00
intrusion detection and identify
00:00
based on different traffic signatures
00:00
or activity on the network,
00:00
whether malicious or suspicious
00:00
activity has been detected.
00:00
Intrusion prevention system can go a step further,
00:00
and it can potentially isolate segments or shut
00:00
down processes if its suspects malicious activity.
00:00
Another mechanism for detecting malicious activity
00:00
>> on a network is the use of Honeypots.
00:00
>> Honeypots are machines that
00:00
are intentionally set up to appear
00:00
to be valuable or vulnerable systems
00:00
that attract would be attackers to investigate them.
00:00
However, instead of finding
00:00
the valuable information they seek,
00:00
the Honeypot actually registers
00:00
the signature of the attacker,
00:00
and alerts the company
00:00
to activity on the Honeypot itself.
00:00
Honeypots are often used by
00:00
security researchers to determine and
00:00
identify new attack vectors and threat actors.
00:00
From a network security perspective,
00:00
you want to protect communication in the network.
00:00
We've talked about virtual private networks before,
00:00
setting up encrypted tunnels.
00:00
We'd also talked about
00:00
>> the use of encryption extensively
00:00
>> in Domain 2 for data in transit,
00:00
at rest and in process.
00:00
Another very important aspect is
00:00
ensuring that there's strong authentication for
00:00
any of the devices regarding network administration.
00:00
You want to ensure that
00:00
only the correct people have access to
00:00
the network and that they have
00:00
to go through a series of steps to authenticate them.
00:00
Then, although you've got your network setup,
00:00
you have all these various controls,
00:00
you want to ensure that you're improving,
00:00
that you're really trying to
00:00
find the vulnerabilities within the
00:00
network and address them.
00:00
That can be done really in two ways.
00:00
Passively, there should be network scanning
00:00
to ensure that you know
00:00
any ports or services that are running on
00:00
your network and close down any unnecessary ones.
00:00
You want to try to identify
00:00
any known network vulnerabilities through scanning.
00:00
Then you may also want to engage in
00:00
active vulnerability assessments where
00:00
you have a penetration testing firm
00:00
or an internal red team continue to look for
00:00
and actively try to
00:00
exploit vulnerabilities in the network.
00:00
After these assessments are done,
00:00
you're presented with the findings
00:00
and the deficits in your controller should
00:00
be remediated.
00:00
>> Quiz question.
00:00
>> What is the key difference between
00:00
an Intrusion Detection Systems
00:00
and Intrusion Prevention System?
00:00
An IDS uses analysis of behavior and
00:00
an IPS uses a defined rule set.
00:00
An IDS actively closes ports
00:00
>> and services upon detection,
00:00
>> but an IPS prevent attackers from entering the network.
00:00
An IDS only reports suspicious activity
00:00
and IPS also takes defensive action.
00:00
If you said number 3, you're correct.
00:00
An IDS only reports,
00:00
it detects suspicious activity and
00:00
the prevention system it
00:00
actually can take defensive action,
00:00
which could be closing down ports or services.
00:00
In summary, we talked about
00:00
the cloud providers responsibility for maintaining
00:00
network security across virtually
00:00
all of the Cloud-based service models.
00:00
We talked about most of
00:00
the common network security controls.
00:00
We talked about firewalls,
00:00
the use of IDS and IPS.
00:00
We talked about the use of encryption
00:00
>> within the network.
00:00
>> Then we also talked about
00:00
different ways of continually improving
00:00
network security through
00:00
both passive and active vulnerability assessments.
00:00
I'll see you in the next lesson.
Up Next
Instructed By
Similar Content
