In this section we're going to talk about security and the campus network design. We will give you a high level overview of a number of areas of interest around campus security. When we talk about security these are the top level areas that we'll be discussing. This includes policy framework security foundation which is network monitoring and management critical piece encryption protecting your assets against viruses authentication and authorization blocking certain types of traffic and network architectures and firewalls we'll go into detail and much more depth on each of these items security is hard security is a process that never ends securing and monitoring the campus network is something that can be pretty difficult particularly because campus networks need to be pretty open you have many researchers you have students you have faculty you have staff and each and every one of these users has a different need on your campus network this makes it difficult to lock a network down completely and force people into certain ways of working you will always have viruses attacks and generally there's usually a few people who are acting poorly on your campus network so if you're able to know when this is happening and respond to it that's excellent and that is part of campus security your goal will be to prepare for the problems that you will have you'll have some compromises you'll have hackers you'll have some viruses another goal is to understand how are you going to respond to this so if you get a call from your upstream internet service provider telling you that you have a report that one of your hosts is participating in a denial of service attack what would you do do you have the right tools in place to deal with that right now for instance can you find that host on your network identify it and then do something about that if you're using network address translation for your external addressing this can become more difficult security is a process this is a process that repeats itself over and over again so you can never achieve 100 security so how you respond to incidences is important it's a process you have to continually work at you need to assess what is at risk and this changes over time as you add new devices new functionality and you have new people on your campus protection so you need to mitigate risk as much as you can detection can you detect when something has happened when there's been an intrusion or you have a compromised machine can you respond and how do you respond to it and then are you prepared to do this over again it's a continuing process and we will talk in detail in the next few sections on some of the specific aspects of how we do this.
© Produced by Philip Smith and the Network Startup Resource Center, through the University of Oregon.
Attribution-NonCommercial 4.0 International (CC BY-NC 4.0)
This is a human-readable summary of (and not a substitute for) the license. Disclaimer. You are free to: Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material The licensor cannot revoke these freedoms as long as you follow the license terms. Under the following terms: Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. NonCommercial — You may not use the material for commercial purposes. No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.