Unit 5 –Security

LO2. Describe IT security solutions.

7. Data Centre Security Solutions.

1
Data center
Data centers are major part of the enterprise, designed to
support business applications and provide services such
as:
▪Data storage, management, backup and recovery.
▪Productivity applications, such as email.
▪High-volume e-commerce transactions.
▪Powering online gaming communities.
▪Big data, machine learning and artificial intelligence.

2
A number of different risks can affect data centre. A
few examples include:
▪ Server failure.
▪ Undetected smoke that can lead to fire incidents.
▪ Ineffective monitoring of behaviour of onsite individuals.
▪ Network connection failures.
▪ External hackers.
▪ Ineffective inventory management procedures.
It’s therefore very important that organization take the correct
precautions to safeguard data centre operation.
3
Replica data centers
▪When working with multiple data centres it is often
important to make sure that if one data centre goes
down, another data centre is fully capable of picking its
load and data.
▪Data centre replication is meant to solve exactly this
problem.
▪“Replication” is the process of making a copy of
something, or of creating a replica.

4
Secure Transport Protocols

▪There are a number of protocols that can be used on

networks to securely transport data. Some of these
include:
▪SSL
▪SSH
▪Tor

5
Secure Sockets Layer (SSL)

▪"Secure Sockets Layer." SSL is a secure protocol

developed for sending information securely over the
Internet.
▪Many websites use SSL for secure areas of their sites,
such as user account pages and online checkout.

6
Secure Sockets Layer (SSL)

▪SSL, or Secure Sockets Layer, is an encryption-based

Internet security protocol.
▪It was first developed by Netscape in 1995 for the
purpose of ensuring privacy, authentication, and data
integrity in Internet communications.

7
Secure Sockets Layer (SSL)

▪It uses encryption algorithms to scramble data in transit,

preventing hackers from reading it as it is sent over the
connection.
▪This information could be anything sensitive or personal
which can include credit card numbers and other
financial information, names and addresses.

8
Secure Sockets Layer (SSL)

▪TLS (Transport Layer Security) is just an updated, more

secure, version of SSL. We still refer to security
certificates as SSL because it is a more commonly used
term, but chances are that most servers are now using
TLS.

9
Secure Sockets Layer (SSL)

▪HTTPS (Hyper Text Transfer Protocol Secure) appears

in the URL when a website is secured by an SSL
certificate.
▪The details of the certificate, including the issuing
authority and the corporate name of the website owner,
can be viewed by clicking on the lock symbol on the
browser bar.

10
The hacker may be able to figure out which host name the
user is connected to but, crucially, not the rest of the URL. As
the connection is encrypted, the important information remains
secure.

11
SSH

▪SSH, also known as Secure Socket Shell, is a network

protocol that provides administrators with a secure way
to access a remote computer. SSH also refers to the
suite of utilities that implement the protocol.

12
SSH

▪Secure Shell provides strong authentication and secure

encrypted data communications between two
computers connecting over an insecure network such
as the Internet.

13
Tor

Dark websites.
▪Created in the mid 1990s by military researchers in the
US, the technology which paved the way for what is
now known as the dark web was used by intelligence
officers to share files anonymously. That initial platform
was called 'Tor', which stands for 'The Onion Router'.

14
Tor

▪Tor is an anonymity network that hides your identity as

you browse the web, share content and engage in other
online activities.
▪It encrypts any data sent from your computer, so that no
one can see who or where you are, even when you’re
logged into a website.

15
Tor

▪The main idea behind designing Tor was to protect the

personal privacy of network users, and allow them to
conduct confidential business.
▪Tor is also widely used in location-hidden services to
provide anonymity to servers.

16
Tor

▪Tor relays are also referred to as "routers" or "nodes."

They receive traffic on the Tor network and pass it
along.
▪There are three kinds of relays that you can run in order
to help the Tor network: middle relays, exit relays, and
bridges.

17
3 Relays

Tor bounces connections through 3 relays. Each of these

have a specific role to play.
▪ Entry/Guard Relay - This is the entry point to the Tor
network.
▪ Middle Relay - Middle relays are exactly that - middle
nodes used to transport traffic from the guard relay to the
exit relay.
▪ Exit Relay - These relays are the exit point at the edge of
the Tor network. These relays send traffic to the final
destination intended by the client

18
Tor

19
MPLS

▪Multi-Protocol Label Switching (MPLS) is an evolving

protocol with standards originally out of the IETF that
designates static IP paths. It provides for the traffic
engineering capability essential to QoS control and
network optimization, and it forms a basis for VPNs.
▪MPLS gives the ability to offer highly scalable,
advanced IP services end-to-end, with simpler
configuration and management for both service
providers and customers.
20
Lesson Summary

▪Replica data centers

▪SSL
▪SSH
▪TOR
▪MPLS

21