CST311.8 Module Eight

 

CST311.8 Module Eight

What I learned this week:

Our final week was short but we were able to close out the section of Security. Focusing primarily on Operational Security via Firewalls and Intrusion Detection Systems. Ideally, firewalls isolate an organization's internal network from the outside world, allowing some packets to pass while blocking others thought to be malicious. Firewalls are a combination of both hardware and software. Firewalls allow network administrators to control access between the larger net and their own administered network. Primarily composed into three categories: traditional packet filters, stateful filters, and application gateways. Having a variance of these three types is essential to maintaining security amongst multiple levels and degrees of traffic. Considering they can be examined at the datagram level with packet filters and stateful filters, the application gateway is primarily used in order to access the application layer, however, their designation is a little different as each application can have a protocol associated to each instance of an application gateway.

Other things we studied were Intrusion Detection systems, and Intrusion Prevention Systems, where IDS's are devices that generate alerts when it observe potentially malicious traffic, IPS is the device in which filters out suspicious traffic.

Overall that's basically it for the week's reading, I've learned a lot about the network itself. I'd have to say the book was quite thorough and informative and I really appreciate the overall architecture of the network itself and the book and it's top-down approach to teaching, It helped to understand at the beginning the layers in which we are most accustomed to interfacing with, and slowly breaking down how each layer assists and works in tandem with others. Also, the approach taken to problem-solving in the book really emphasized the importance of analysis when solving problems, each potential solution does in fact come with tradeoffs, and its important to establish metrics that you can examine to see if the solution provided matches with your intent when building.