Zusammenfassung der Ressource
U2.4 LANs, MANs, WANs
- LAN
- security issues
- failures on backbone
- failures where backbone connects with each workgroup
- provides a point of access from a workgroup to the backbone
- provides a point of access to all data associated with a workgroup
- information flow control
- network management
- failure to manage leads to
- network operation disruption
- increased effort to identify problems
- longer time to problem resolution
- threats to CIA
- eavesdropping
- data corruption
- backbone loss
- protection measures
- used dedicated switchers per workgroup
- each switch should restrict the
flow of data to the backbone
- use firewalls where additional separation needed
- use encryption
- MAN
- metropolitan area network
- a separate backbone connects
the backbones of multiple
networks in different buildings
- campus network
- additional security issues
- data travels outside the building
- non-physical links may need to be considered
- laser
- infrared
- microwave
- complexity
- protection measure
- network information
center needed to manage
and monitor health
- WAN
- threats
- general
- sensitive items more widely transmitted
- network likely to be
switched with multiple routes
- more unmanned equipment
rooms managed remotely
- possibility for unauthorized access to network links higher
- impact of errors from configuration much larger
- variation per
medium
- fibre
- minimal external radiation
- special tapping equipment needed
- taps tend to cause service disruption
- satellite,
radio,
microwave
- extensive external radiation
- easily available (but special)
tapping equipment needed
- tapping does not disrupt service
- carrier MIGHT provide
some encryption
- possible
security
measures
- partition networks,
physical separation
- partition networks,
logical separation
- achieved with
permanent virtual
circuits or crypto
- data confidentiality
- network partitioning
- link encryption (layer 2)
- end-to-end encryption (layer 4)
- link encryption
- for individual links betwee two points
- Conditions of
Connection (COC)
- user must agree before
getting access to network
- Internet
- security issues
- route of sensitive data not guaranteed
- availability of internet not guaranteed
- denail of service real
- any host can probe any other host