Greetings and welcome back the Siberia's cop TIA Certified advance security practice Nurse certification purpose. Of course, we're gonna continue our discussion of Marshall seven, which is titled Network Security Architecture. Here again are the objectives which in conferences, this particular Marshall,
Let's not take our turn our attention toward discussion off. Explain how
network technology can enhance security.
This is actually Section three of this particular module.
Before we get going with this particular marker, let's take a look at pre assessment question and the course that is as follows was Steven about network address. Translation is true, isn't a It can be state or stateless, be it. Substitute Mac addresses for appear dresses.
Seeing it removes private dresses when a packet
leaves the network or D give you found only on core routers.
If you say Let's see you absolute correct because it removes a private addresses when the package leaves the network.
Let's not turn on teacher toward GAN security through network technologies. You're in that rodders. They Norma drop package with a private address. We have a term call your network address. Translation. It allows the private eye you just be used on the public Internet replaces the private address with public address.
The term port address, translation or pat is a variation of Matt
outgoing package of giving the same happy address, but different TCP ports numbers.
This brings us to security again through technology and this material diagram here, we'll see again. Ah, list office. What we call the beginning addresses off a class eight and then we see the Indian addresses off a class air dress. Well, you see here, listen here would have enforcement point. We see it as the Nats server.
You also have again what has with the nats of a lot easier can allow immediate or quarantine.
So again, this is security through your network technologies.
This race is too interested. Discuss about the advantage of net on network address. Translation. What? It doesn't mast i p address of your internal devices. An attacker who captured a package on in that cannot determine the actual i p address of the center wherever term called a network access control and examines your current state with system or network device
before allowing the network connection device must meet certain set of criteria.
In this case, it is not met. Net allows connection to quarantine never continued. The fishes is all correct. It
here again is that taking a look again at neck from overview perspective
stepped on one, and you attempt to access a webpage or uses an optional client.
Then we see what happened here again and step to the user redirected to a log and Paige
Clean access validates the user. Name and password would happens within three. A. The device is non compliant in terms of devices is income noncompliant or log ins and direct the uses and not access and assign toe. A quarantine role would happen in three B declines. Clean the machine gets
oh, gets on the certified device list and is granted access
to the network. So again, this is looking at no, I knack from our overview.
This raises to a post assessment question, and the question is as follows. How does network address translation or not improve security? Is that a a discarded, insulated package? Be it filters based on protocol. See it mass I P. Address off the net device or net does not improve security.
The great response is a It is the scars, unsolicited packages.
Doing this presentation, we took a look at the days of that, and we learned it. Master I p address with internal devices and attack. Who captured the package on the end there? Can it determined? Actually, I p address of the center. We also discussed network access control, which again?
Basically what it does. Examine the current state of your system or network device before allowing the network connection device in this case was made certain set of criteria. If it's not met, net allows for next to a quarantine network until the deficiency are corrected and our upcoming presentation, we'll be moving on to section four of this particular presentation,
discussing security through network design
elements. Again, I look forward to seeing you in the next video.