Supporting Network Security Design

---

Goals

• Explain the importance of network segmentation and use of trusted and untrusted zones
• Describe security implications of internet of things (IoT) and industrial internet of things (IIoT)
• Explain the importance of physical security

Zone-based Security

A zone-based security model groups hosts with the same level of trust into separate network segments.

• traffic between segments are subject to policies and rules

  • enforced by security appliances
    • e.g., firewalls, proxy servers, IDS/IPS
    • perform filtering to analyze contents of connection requests
      • allow, deny, or log them

• important for configuring perimeter security

• Network Security Zones

• Perimeter Networks

• Screened Subnet

• Intrusion Detection Systems (IDS)

• Intrusion Prevention System (IPS)

Internet of Things (IoT)

• Internet of Things (IoT)
• Industrial Control Systems (ICS)
• IoT Networks
• IoT Network Security

Physical Security

• Locks
• Cameras
• Location Services
• Geofencing