Stuart Jacobs

Traditional Network Concepts

This chapter focuses on the concepts and technologies currently found in major networks. It begins with the architectural basis of these networks, moves on to how these networks are structured (deployed), and reviews the protocols used within these networks. The primary network architectures are the International Standards Organization (ISO) open systems interconnection model (OSI) and the internet model. There are a number of physical and logical structures that modern networks rely on, including local area networks (LAN), Wireless LAN (WLAN), metropolitan area networks (MAN), wide area networks (WAN), and internet. The chapter examines the general concepts of protocol layering and interfaces. Three primary transport protocols used in the internet protocol stack are transmission control protocol (TCP), unreliable datagram protocol (UDP) and stream control transmission protocol (SCTP). The chapter considers the capabilities and security mechanisms available for use with simple network management protocol (SNMP) and TR-69.

SECURITY SYSTEMS DESIGN??-??DESIGNING NETWORK SECURITY

This chapter first examines protocol layers 1,2, and 3 of the available security mechanisms and explores their deployment possibilities within networking protocols. Network Physical layer media types include: metallic or fiber-optic cables/wires used for interconnecting network elements; radio frequency signals transmitted through air used for wireless communications; or visible, or invisible, laser light signals transmitted through air or water. Within the Data Link layer, the encountered security devices are IEEE 802.1x, IEEE 802. 1ae and IEEE 802.11 WPA and 802.11i. The chapter then considers the security capabilities, uses, and deficiencies for each of these technologies. Next, it covers the advantages and limitations of providing security at the Network layer, via the IP security (IPsec) framework of protocols, for secure channel establishment. Finally, the filtering and inspection of packets are discussed as forms of network and host access control (authorization).

Computer Software Security

This chapter contains sections titled: Specific Operating Systems (OSS) Applications Example Detailed Security Requirements for Specific Operating Systems and Applications Chapter Summary Further Reading and Resources Questions Exercises

Next-Generation Networks

This chapter contains sections titled: Framework and Topology of the NGN The NGN Functional Reference Model Relationship between NGN Transport and Service Domains Enterprise Role Model Security Allocation within the NGN Transport Stratum Example Converged Network Management (TMN and eTOM) General Network Security Architectures Chapter Summary Further Reading and Resources Exercises