Professional Documents
Culture Documents
4) HND - SEC - W4 - Network Security Infrastructure
4) HND - SEC - W4 - Network Security Infrastructure
4) HND - SEC - W4 - Network Security Infrastructure
1
Network Security Infrastructure.
2
Network Address Translation (NAT)
3
Network Address Translation (NAT)
▪ NAT allows a single network device, such as a router or
firewall, to act as an agent between the public network
space and a private network space.
▪The NAT-enabled agent makes it possible to use a single
IP address to represent an entire group of networked
computers.
▪A technology that is useful to many network
administrators because it saves time and money when
dealing with network IP addresses.
4
Network Address Translation (NAT)
▪NAT helps network administrators manage the private
and public portions of their network because with NAT,
administrators can separate the private and public
address spaces.
▪The address separation means that NAT makes the
physical device in the private network independent of
the IP address hosts in the public network.
5
Network Address Translation (NAT)
6
Network address translation is
categorised into the following general
types:
▪Static NAT maps a private address to a public address
in a one-to-one relationship. Static NAT is most often
used to assign a public address to a device behind a
NAT-enabled firewall/router.
▪Dynamic NAT maps a private address to a public
address on an as-needed basis. Utilises a pool of
global addresses to dynamically translate the outbound
traffic of clients behind a NAT-enabled device.
7
Network address translation is
categorised into the following general
types:
8
DMZ
9
DMZ
10
DMZ
11
Firewalls
▪ A firewall is a system designed to prevent unauthorized
access to or from a private network.
▪ Firewalls prevent unauthorized internet users from
accessing private networks connected to the internet,
especially intranets.
▪ Firewalls can either be hardware and/or software based.
▪ Firewalls can also be Host-based or Network-based.
▪ Basic task is to control traffic between computer networks
with different zones of trust.
12
Firewalls
13
Firewalls
14
Host based firewall
Firewall
15
Host based firewall
16
Network based firewall
17
Network based firewall
18
Lesson Summary
19