Module-1

Information Security Devices

 Module-1: Information Security Devices

• Identity and Access Management (IdAM)

• Networks (Wired And Wireless) Devices
• Endpoints/Edge Devices
• Storage Devices
• Infrastructure Devices (e.g. Routers, Firewall
Services)
• Computer Assets, Servers and Storage Networks
• Content management
• IDS/IPS
Identity and Access Management (IdAM)

• Identity and access management (IAM or

IdAM for short) is a way to tell who a user is
and what they are allowed to do.
• IAM is like the bouncer at the door of a
nightclub with a list of who is allowed in, who
isn't allowed in, and who is able to access the
VIP area.
• IAM is also called identity management (IdM).
Identify and Access Management (IdAM)

• In more technical terms, IAM is a means of

managing a given set of users' digital
identities, and the privileges associated with
each identity.
• Within an organization, IAM may be a single
product, or it may be a combination of
processes, software products, cloud services,
and hardware that give administrators
visibility and control over the organizational
data that individual users can access.
Identify and Access Management (IdAM)
• Identity in the context of computing
– A person's entire identity cannot be uploaded and
stored in a computer, so "identity" in a computing
context means a certain set of properties that can
be conveniently measured and recorded digitally.
– Think of an ID card or a passport: not every fact
about a person is recorded in an ID card, but it
contains enough personal characteristics that a
person's identity can quickly be matched to the ID
card.
Identify and Access Management (IdAM)
• Identity in the context of computing
– To verify identity, a computer system will assess a
user for characteristics that are specific to them.
– If they match, the user's identity is confirmed.
These characteristics are also known as
"authentication factors,“.
– The three most widely used authentication factors
are:
• Something the user knows
• Something the user has
• Something the user is
Identify and Access Management (IdAM)
• Identity in the context of computing
– Something the user Knows: 
• This factor refers to a valid password, Secret Key etc.
Identify and Access Management (IdAM)
• Identity in the context of computing
– Something the user has: 
• This factor refers to possession of a physical token that
is issued to authorized users. 
• The most basic example of this authentication factor is
the use of a physical house key to enter one's home.
The assumption is that only someone who owns, rents,
or otherwise is allowed into the house will have a key.
Identify and Access Management (IdAM)
• Identity in the context of computing
– Something the user is: 
• This refers to a physical property of one's body.
• A common example of this authentication factor in
action is Face ID, the feature offered by many modern
smartphones. Fingerprint scanning is another example.
• Less common methods used by some high-security
organizations include retina scans and blood tests.
Identify and Access Management (IdAM)
• Access management
– "Access" refers to what data a user can see and what
actions they can perform once they log in.
– Once John logs into his email, he can see all the emails he
has sent and received.
– However, he should not be able to see the emails sent and
received by Tracy, his coworker.
 What is a network device?
• Components used to connect computers as
well as other electrical devices together in
order to share resources such as printers and
fax machines.
 Devices used in Networking
• Hubs
• Switches
• Routers
• Network bridges
• Gateways
• Firewalls
• Wireless AP (Access Points)
 What is a Hub?
• A small rectangular box that joins computers
together through ports on the back of the hub.

Ethernet hub – Wikipedia. [online image]. Available en.wikipedia.org/wiki/Ethernet hub

 How does a Hub work?
• A hub receives data packets and passes on all
the Information it receives to all the other
computers connected to the hub.
• Information is also sent to the computer that
sent the information
• Example:
– if computer 1 wants to communicate with
computer 3, the data will be sent to all the
computers on the network since hubs do not know
the destination of the information it receives.
Diagram of a hub network

Main PC
Hub Ethernet PC 1

PC 2
Additional Information about Hubs
• Most hubs contain 4 ports some have 5 or
more ports.
• Hubs can be used for a smaller network such
as a home network or a small office network.
• Hubs are not that expensive most range for
less than $30.
• Hubs may not be the best option for
sophisticated or complex networks.
 What is a Switch?
• Switches look similar to hubs in that they are rectangular
in shape.
• Manageable switches are usually a little bigger than
unmanageable switches.
• A switch also has ports on the back.
 How does a Switch work?
• Switches work about the same way as hubs.
Unlike hubs, switches can identify the destination
of a packet.
• Switches send information only to the computer
that is suppose to receive the information.
• Switches can also send and retrieve information at
the same time which makes sending information
faster to retrieve than hubs.
Diagram of a Switch Network

Switch Diagram. LindyConnectionPerfection.[online image]. Available http://www.lindy-international.com, July 9, 2013

Additional Information about Switches

• Switches are a better option than hubs for

larger networks or home networks with 4 or
more connected computers.
• Switches can range in price from $30 up to
$100 or more depending on if the switch is
manageable or unmanageable, usually
unmanageable switches are less in price
versus managed switches.
 What is a Router?
• A specialized computer programmed to interface
between different networks.

• Netgear-wndr4000-ddwrt-450 – Most Popular VPN Service Providers & DD-WRT Routers. [online image]. www.flashrouters.com, July 12, 2013.
Diagram of a Router
 Additional Information about Routers
• Routers make sure data sent over the Internet goes
where it needs to go and not where it is not needed.
• Acts like a traffic controller, working to cut down
congestion throughout the network and keeps
everything flowing smoothly along the best path.
• Routers are the only type of equipment that looks at
every single packet passing by on the network.
• Home network router including wireless routers can
cost anywhere from $40 to $150 or higher.
 What is a Bridge?
• A hardware device used to create a connection
between two separate computer networks or to
divide one network into two.
• Filters data traffic at a network boundary and
reduces the amount of traffic on a LAN dividing it
into two segments.

• I -4E to Ethernet (10/100M) Network Bridge. [online image]. Network Bridge. Available at www.freewtc.com. July 12, 2013.
 How does a Bridge work?
• Each bridge consist of a MAC address and operates
at layer 2 of the OSI model
• When a packet is received on the bridge ports the
forwarding table including the MAC address is
automatically updated to map the source MAC
address to the network port from which the packet
originated
• The gateway then process the received packet
according to the packet’s type.
Diagram of a Bridge
 Additional Information about Bridges

• A bridge examines each message on a LAN and

passes the ones known to be within the same
LAN.
• Computer addresses have no relationship to
location in a bridging network.
• A bridge is sometimes referred to as a brouter.
• Wireless network bridges can costs anywhere
from $100 to $1000 or more depending on the
type of bridge purchased.
 What is a Gateway?
• A communication device that provides a remote
network with connectivity to the host network.

• Gateway Network Communications [online image]. Available www.hiwtc.com

 How a Gateway Works?
• The gateway node acts like a proxy server and
firewall
• The gateway uses forwarding tables to
determine where packet are to be sent
Gateway Diagram
Additional Information about Gateways

• On the Internet a node or stopping point can

be a gateway.
• The computers controlling traffic within a
network are gateway nodes.
• A gateway is also associated with a router.
 What is a Firewall?
• Hardware or software device that protects a computer
network from unauthorized access.

• Firewall Sling Secure Smartphone. [online image]. Available www.slingsecure.com

 How a Firewall works
• Firewalls filters the information coming through
the Internet connection into a user private
network.
• To control traffic in and out of the network
firewalls one or more of the three methods are
used including:
– Packet filtering
– Proxy service
– Stateful inspection
Diagram of Firewall
 Additional Information about Firewalls
• Most home network routers have built in firewall.
• The term “firewall” originated from firefighting, where a
firewall is a barrier established to prevent the spread of a
fire.
• A firewall works with the proxy server making request on
behalf of workstation users.
• There are a number of features firewalls can include from
logging and reporting to setting alarms of an attack.
• Costs for host based firewalls usually costs around $100 or
less. Some may costs more depending on different things
such as features included or if its an enterprise based
system.
 What is a Wireless Access Point?
• A small hardware device featuring built-in network adapter,
antenna, and radio signals.
• Configured nodes on a WLAN.

• Wireless Access Points, Page 2. [online image]. Available compnetworking.about.com

 How a Wireless Access Point works?

• Operates using radio frequency technology

• Broadcast wireless signals computers can
detect and use
• A wireless network adapter is implemented
while using a wireless access point, most
computers today already have network
adapters built into the computer.
Diagram of Wireless Access Point

RxNT – The eprescribing System. [online image]. Available www.rxnt.com

Additional Information about Access Points

• The access point usually connects to the router

• A hotspot is a application wireless users can
connect to the Internet.
• Aps are used throughout a home network,
usually through only one AP.
• Wireless access points can cost anywhere from
$30 and up depending on the type purchased.
 Endpoint/Edge Devices
• Endpoint point devices (PCs, laptops, mobile
devices and servers)
• An edge device is any piece of hardware that
controls data flow at the boundary between
two networks. 
• Examples include routers, routing switches,
integrated access devices, multiplexers, and a
variety of metropolitan area network and wide
area network access devices