Network security is a broad term that can refer to the security of devices that comprise the network infrastructure, the traffic sent over that infrastructure, the hosts (clients and servers) attached to the infrastructure, the applications that utilize the network, the user community and the policies that govern usage of that network.
In this course, we will use the first four layers of the OSI protocol stack (physical, link, network, and transport) to introduce many aspects of network security. In particular, we will consider how devices at each layer provide “defense in depth” by securing communications traffic as well as preventing unauthorized access. Our examination will be enhanced by using various security tools to observe network traffic that illustrates how security can be applied throughout today’s enterprise.
At the end of the course, students will be able to:
• Identify security services used at layers 1-4 of the OSI protocol stack, and compare and contrast the benefits and disadvantages of implementing security services at each layer.
• Differentiate between secret key and public key encryption, list the elements of a Public Key Infrastructure, and analyze the challenges of implementing a key management system.
• Apply general security design principles to a network infrastructure, and demonstrate how design patterns can provide a basis for those decisions.
• Enhance security by demonstrating how VLANs and Private VLANs can segregate traffic at the link layer.
• Compare WEP, WPA, and WPA2 security, with respect to authentication and authorization issues that arise in the course of implementing a wireless LAN (WLAN).
• Justify the use of router ACLs as a means of protecting the network perimeter
• Research the security effects of introducing IPv6 into an enterprise
• Integrate firewalls and application gateways into the overall security infrastructure.
• Utilize packet analysis software to identify and analyze suspicious network traffic.