Security has one purpose, to protect assets. For most of history, this meant
building strong walls to stop the bad guys, and establishing small,
well-guarded doors to provide secure access for the good guys. This strategy
worked well for the centralized, fortress-like world of mainframe computers and
closed networks
. The closed
network typically consists of a network designed and implemented in a corporate
environment, and provides connectivity only to known parties and sites without
connecting to public networks. Networks were designed this way in the past and
thought to be reasonably secure because of no outside connectivity.
With
the advent of personal computers, LANs, and the wide-open world of the
Internet, the networks of today are more open
. As
e-business and Internet applications continue to grow, finding the balance
between being isolated and being open will be critical, along with the ability
to distinguish the good guys from the bad guys. Furthermore, the rise of mobile
commerce and wireless networks will be as the cannon was to the castle walls,
exploding the old model and demanding that security solutions become seamlessly
integrated, more transparent, and more flexible.
With the increased
number of LANs and personal computers, the Internet began to create untold
numbers of security risks. Firewall devices, which are software or hardware
that enforce an access control policy between two or more networks, were
introduced. This technology gave businesses a balance between security and
simple outbound access to the Internet which was mostly used for e-mail and Web
surfing.
This balance was short lived however as the use of extranets
began to grow, which connected internal and external business processes.
Businesses were soon realizing tremendous cost savings by connecting
supply-chain management and enterprise resource planning systems to their
business partners, and by connecting sales-force automation systems to mobile
employees, and by providing electronic commerce connections to business
customers and consumers. The firewall began to include intrusion detection,
authentication, authorization, and vulnerability assessment systems. Today,
successful companies have once again struck a balance by keeping the bad guys
out with increasingly complex ways of letting the good guys in.
Most
people expect security measures to ensure the following:
Users can perform only authorized tasks.
Users can obtain only authorized information.
Users cannot cause damage to the data, applications, or operating
environment of a system.
The word security means protection against malicious attack by
outsiders, and involves controlling the effects of errors and equipment
failures. Anything that can protect against an attack will probably prevent
random misfortune as well.
Throughout this course many definitions,
acronyms and logical device symbols dealing with security will be introduced
. Refer to the
glossary for further explanation when encountering unknown terms and
acronyms.
In this lab students will review the
lab bundle equipment. Students will also gain an understanding of the
"pod" topology, naming scheme, and addressing scheme. Students will
learn to load the IOS firewall image and the default lab configurations.
Students will also cable the standard lab topology and test for
connectivity.