Cisco Security Overview

14.01.99


Click here to start


Table of Contents

PPT Slide

Cisco Security Overview

Agenda

Topic 1: Attacks

Types of Attacks

Attacks from Internet

Protocols under attack

Internet Protocol

IP: Packet Format

IP Normal Fragmentation

IP Normal Fragmentation (Cont.)

IP Normal Reassembly

IP Reassembly Attack

IP Reassembly Attack (Cont.)

Preventing Reassembly Attack

IP: Normal Routing

IP: Source Routing

IP Unwanted Routing

IP Unwanted Routing (Cont.)

IP Spoofing

Preventing IP spoofing

Preventing IP spoofing (Cont.)

Protocols under attack

Transport Control Protocol

TCP Packet Format

TCP connection establishment

SYN attack

Preventing SYN Attacks

TCP blind spoofing

TCP blind spoofing (Cont.)

TCP session hijacking

Preventing Hijacking

Topic 2: Security products and features

Cisco Network Security Products and features

Perimeter security

Reflexive Access List (11.3)

TCP Intercept

Cisco IOS Firewall Feature Set

Cisco 1605R or 2514 with Cisco IOS Firewall Feature Set

Benefits of Cisco IOS Firewall Feature Set

Context-Based Access Control Features

The Cisco IOS Firewall will permit secure FTP

Cisco IOS Firewall Feature Set Provides Java Blocking

Cisco IOS Firewall Feature Set: Attack Detection and Prevention

Cisco IOS Firewall Feature Set: Real-Time Alerts

Cisco IOS Firewall Feature Set TCP/UDP Transaction Log

Cisco PIX Firewall

Cisco PIX Firewall

PIX: User Authentication Cut-Through Proxy

How PIX Works

TCP Connection: Inside --> Outside

UDP Transmission

Cisco Network Security Products and features

Cisco Identity Solutions

AAA Server

Cisco Secure Access Control Server

Authentication—Cut-through Proxy

Authorisation

Lock-and-Key Security (Dynamic Access Lists)

Cisco Network Security Products and features

Cisco Network Integrity Solutions

Encryption

Encryption Terms

Cisco Encryption Solutions

Cisco IOS Cryptosystem

Cisco IOS 11.2 Encryption Services

Encryption with IOS 11.2

Cisco IOS 11.3 Encryption & Authentication Services

Encryption with IOS 11.3

Authentication Header (RFC 1826)

AH Authentication and Integrity

Encapsulating Security Payload (RFC 1827)

ESP Tunnel Mode

IKE (ISAKMP / Oakley)

IOS 11.2 to 11.3 Migration Path

IPSec everywhere

IP SEC Software for Windows

PIX Private Link

Encryption Security Adapter

Cisco Network Security Products and features

Active Audit

Vulnerability Scanning

Active Intrusion Detection

For More Security Information…

PPT Slide

 Author: Frank Roys