Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.
-
date post
19-Dec-2015 -
Category
Documents
-
view
218 -
download
2
Transcript of Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.
![Page 1: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/1.jpg)
Petros Lam
VP, Sales & MarketingThe Hong Kong School Net Ltd
![Page 2: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/2.jpg)
School Network
Internet
WebSAMSHTTP Server
Router
Workstations
Wifi
Network Attack
WebSAMS Server
WebSAMS Crystal ReportWorkstation
NetworkFirewall
Teachers Server Intranet Server
Server Attack
Security Vulnerabilities Systems (Win2000, RH7.2)
Application (Web, PhPBB, FTP)
Security Vulnerabilities Systems (Win2000, RH7.2)
Application (Web, PhPBB, FTP)General Suggestions: • Security Audit• Upgrade Firewall• Update Systems and Applications FREQUENTLY• Change Password FREQUENTLY
General Suggestions: • Security Audit• Upgrade Firewall• Update Systems and Applications FREQUENTLY• Change Password FREQUENTLY
ApplicationFirewall
![Page 3: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/3.jpg)
School Network
Internet
WebSAMSHTTP Server
Router
Workstations
Wifi
WebSAMS Server
WebSAMS Crystal ReportWorkstation
NetworkFirewall
Teachers Server Intranet Server
General Suggestions: • Security Audit• Upgrade Firewall• Update Systems and Application FREQUENTLY• Change Password FREQUENTLY
General Suggestions: • Security Audit• Upgrade Firewall• Update Systems and Application FREQUENTLY• Change Password FREQUENTLY
ApplicationFirewall
Difficulties in Daily Operation:
• Method and types of attacks change rapidly, difficult
for schools to follow the latest updates.
• Heavy teaching work load makes it difficult to
maintain and update such an complicated network security
environment by teachers themselves.
• Limited resources for schools to afford
expensive solutions and services for commercial use.
• Many companies only sell products and lack skills,
knowledge and the right to modify the
product they provide.
Difficulties in Daily Operation:
• Method and types of attacks change rapidly, difficult
for schools to follow the latest updates.
• Heavy teaching work load makes it difficult to
maintain and update such an complicated network security
environment by teachers themselves.
• Limited resources for schools to afford
expensive solutions and services for commercial use.
• Many companies only sell products and lack skills,
knowledge and the right to modify the
product they provide.
![Page 4: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/4.jpg)
School Network
Internet
WebSAMSHTTP Server
Router
Workstations
Wifi
WebSAMS Server
WebSAMS Crystal ReportWorkstation
NetworkFirewall
Teachers Server Intranet Server
ApplicationFirewall
Regular update managed by Professional Team who developed SCHOOLWALL.
Tailored for Schools in Hong Kong.
User Friendly Interface – reduce time to learn and operate.
Affordable price
Regular update managed by Professional Team who developed SCHOOLWALL.
Tailored for Schools in Hong Kong.
User Friendly Interface – reduce time to learn and operate.
Affordable price
![Page 5: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/5.jpg)
Latest and Upgraded Functions:
• User Friendly Interface• Packet Filtering• URL Filtering• Classroom Control
Finer access control Bandwidth control
• Application Protection Web FTP Email
• Statistics• Expansion Module
![Page 6: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/6.jpg)
New User Friendly Interface
![Page 7: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/7.jpg)
NAT Mapping
Filter Rule
Packet Filtering• Static NAT
![Page 8: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/8.jpg)
URL FilteringTransparent Proxy (TCP/Port 80)Global default deny list
![Page 9: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/9.jpg)
Classroom Control
• Additional control on a set of fixed IP addresses– Examples: IP range for staff, computer rooms
• Domain Blocking / Unblocking– Allow List : Default deny all but allow exception in domains– Deny List : Adding domain block list to global deny list– Deny All : Deny all access, no exceptions– Allow All : Allow all access (no blocking)
• Bandwidth Control– Guarantee Bandwidth– Maximum Bandwidth
![Page 10: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/10.jpg)
• Example of adding “Deny List”
URL filter• Sendspace.com
+
Classroom Control
+Zone control “Deny List”• yahoo.com
![Page 11: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/11.jpg)
G – Guarantee BandwidthM – Maximum Bandwidth
Maximum Bandwidth limt the download speed
Testing URL:ftp://download.speedtest.com.hk/100mb.zip
• Bandwidth Control
Classroom Control
![Page 12: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/12.jpg)
Application Protection - Web
Setting up
Receiving Request
Analysis
Denied If not allowed
• Example of blocking SQL injection
![Page 13: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/13.jpg)
Application Protection - FTP
Set a password retry limit to the connection.If exceed the limit, the IP will be banned for a fixed period of time.
![Page 14: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/14.jpg)
Application Protection - Email
Anti-spam mechanisms:• DNSBL• Greylisting• SPF• DKIM• Sender White / Black Listing
Self define White / Black list
• Sender blacklisting
![Page 15: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/15.jpg)
Statistics - Network Traffic
Bandwidth Graphs
![Page 16: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/16.jpg)
Email Gateway Statistics
Statistics - Network Traffic
![Page 17: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/17.jpg)
Expansion Module – Server Certificate
![Page 18: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/18.jpg)
Comparison
Network Protection Investment Consequence
No Firewall $0 Serious!
Self Developed Firewall
Time of Teachers
Very difficult to upgrade
Commercial Firewall
Very Expensive
Lack maintenance and support
Very Affordable
Install, Update, Upgrade, Support
- VPN, Lab, Proxy, Filter
![Page 19: Petros Lam VP, Sales & Marketing The Hong Kong School Net Ltd.](https://reader038.fdocuments.in/reader038/viewer/2022110207/56649d2b5503460f94a001e3/html5/thumbnails/19.jpg)
~The End~
Thank you!