Firewalls for Dummies, 2Nd Edition.Pdf

Total Page:16

File Type:pdf, Size:1020Kb

Firewalls for Dummies, 2Nd Edition.Pdf Firewalls FOR DUMmIES‰ 2ND EDITION by Brian Komar, Ronald Beekelaar, and Joern Wettern, PhD Firewalls For Dummies®, 2nd Edition Published by Wiley Publishing, Inc. 909 Third Avenue New York, NY 10022 www.wiley.com Copyright © 2003 by Wiley Publishing, Inc., Indianapolis, Indiana Published by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8700. Requests to the Publisher for permission should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4447, e-mail: [email protected]. Trademarks: Wiley, the Wiley Publishing logo, For Dummies, the Dummies Man logo, A Reference for the Rest of Us!, The Dummies Way, Dummies Daily, The Fun and Easy Way, Dummies.com and related trade dress are trademarks or registered trademarks of Wiley Publishing, Inc., in the United States and other countries, and may not be used without written permission. All other trademarks are the property of their respective owners. Wiley Publishing, Inc., is not associated with any product or vendor mentioned in this book. LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: WHILE THE PUBLISHER AND AUTHOR HAVE USED THEIR BEST EFFORTS IN PREPARING THIS BOOK, THEY MAKE NO REPRESENTATIONS OR WAR- RANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS OF THE CONTENTS OF THIS BOOK AND SPECIFICALLY DISCLAIM ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. NO WARRANTY MAY BE CREATED OR EXTENDED BY SALES REPRESENTA- TIVES OR WRITTEN SALES MATERIALS. THE ADVICE AND STRATEGIES CONTAINED HEREIN MAY NOT BE SUITABLE FOR YOUR SITUATION. YOU SHOULD CONSULT WITH A PROFESSIONAL WHERE APPRO- PRIATE. NEITHER THE PUBLISHER NOR AUTHOR SHALL BE LIABLE FOR ANY LOSS OF PROFIT OR ANY OTHER COMMERCIAL DAMAGES, INCLUDING BUT NOT LIMITED TO SPECIAL, INCIDENTAL, CON- SEQUENTIAL, OR OTHER DAMAGES. For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at 800-762-2974, outside the U.S. at 317-572-3993, or fax 317-572-4002. Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books. Library of Congress Control Number: 2003101908 ISBN: 0-7645-4048-3 Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1 2B/RT/QW/QT/IN is a trademark of Wiley Publishing, Inc. About the Authors Brian Komar, B. Comm (Hons), a native of Canada, makes his living as a Public Key Infrastructure (PKI) consultant, speaker, author, and trainer. Brian speaks at conferences around the world on network design and security topics. His consulting practice focuses on PKI design and architecture pro- jects and on research assignments specializing in interoperability between different vendors’ security products. In his spare time, Brian enjoys traveling and biking with his wife Krista and sharing a fine bottle of wine (or more) with his good friends. Ronald Beekelaar, M.Sc., a native of The Netherlands, makes his living as a net- work security consultant, author, and trainer. Ronald frequently trains network administrators on network design and enterprise security topics. He writes articles for several computer magazines, mostly about operating systems and security issues. Ronald lives in Utrecht, The Netherlands, with his wife Kim. They enjoy traveling abroad. If they find the time, they often travel to European cities, especially London, to see a theater show and visit museums. Joern Wettern, Ph.D., a native of Germany, is a network consultant and trainer. Joern has also developed a range of training materials for a large soft- ware publisher, and these materials are used to train thousands of network administrators around the world. He frequently travels to several continents to speak at computer conferences. Joern is paranoid enough to use an enter- prise-class firewall to connect his home network. Somehow, he still manages to enjoy the occasional sunny day and the many rainy ones in Portland, Oregon, where he lives with his wife Loriann and three cats. In his spare time, of which there is precious little, Joern and his wife hike up the mountains of the Columbia Gorge and down the Grand Canyon. You can also find him attending folk music festivals and dancing like a maniac. Joern’s latest project is to learn how to herd his cats — without much success thus far. The authors can be reached at [email protected]. Dedication To Loriann, Krista, and Kim, and our parents. Author’s Acknowledgments This second edition would not have been possible without a large number of people, especially the good folks at Wiley. We want to thank Byron Hynes for being an excellent technical editor, and especially the humor he contributed to the project. Melody Layne for pulling us together for another run at the content, Paul Levesque for his insights on the content, and Rebekah Mancilla for her editorial assistance. Beyond the Wiley crew, we received help from firewall vendors who made it possible for us to cover a number of different products and helped us with issues that came up during the writing of the book. We would like to espe- cially thank the ISA Server and PKI teams at Microsoft and Check Point for providing an evaluation copy of FireWall-1 NG. Finally, not a single chapter of this book would have been possible without our spouses, who were willing to let us work on this project and thus are the real heroes in this story. Publisher’s Acknowledgments We’re proud of this book; please send us your comments through our online registration form located at www.dummies.com/register/. Some of the people who helped bring this book to market include the following: Acquisitions, Editorial, and Media Production Development Project Coordinator: Ryan Steffen Project Editor: Paul Levesque Layout and Graphics: Seth Conley, (Previous Edition: Linda Morris) Carrie Foster, Lauren Goddard, Acquisitions Editor: Melody Layne Michael Kruzil, Tiffany Muth, Shelley Norris, Lynsey Osborn, Copy Editor: Rebekah Mancilla Jacque Schneider Technical Editor: Byron Hynes Proofreaders: Andy Hollandbeck, Angel Perez, Editorial Manager: Leah Cameron Kathy Simpson, Charles Spencer, Brian Walls, TECHBOOKS Production Media Development Manager: Services Laura VanWinkle Indexer: TECHBOOKS Production Services Media Development Supervisor: Richard Graves Editorial Assistant: Amanda Foxworth Cartoons: Rich Tennant, www.the5thwave.com Publishing and Editorial for Technology Dummies Richard Swadley, Vice President and Executive Group Publisher Andy Cummings, Vice President and Publisher Mary C. Corder, Editorial Director Publishing for Consumer Dummies Diane Graves Steele, Vice President and Publisher Joyce Pepple, Acquisitions Director Composition Services Gerry Fahey, Vice President of Production Services Debbie Stailey, Director of Composition Services Contents at a Glance Introduction .................................................................1 Part I: Introducing Firewall Basics ................................7 Chapter 1: Why Do You Need a Firewall? .......................................................................9 Chapter 2: IP Addressing and Other TCP/IP Basics ....................................................23 Chapter 3: Understanding Firewall Basics ...................................................................47 Chapter 4: Understanding Firewall Not-So-Basics .......................................................71 Chapter 5: “The Key Is under the Mat” and Other Common Attacks .......................97 Part II: Establishing Rules ........................................111 Chapter 6: Developing Policies ....................................................................................113 Chapter 7: Establishing Rules for Simple Protocols .................................................121 Chapter 8: Designing Advanced Protocol Rules ........................................................143 Chapter 9: Configuring “Employees Only” and Other Specific Rules .....................163 Part III: Designing Network Configurations ...............169 Chapter 10: Setting Up Firewalls for SOHO or Personal Use ....................................171 Chapter 11: Creating Demilitarized Zones with a Single Firewall ............................179 Chapter 12: Designing Demilitarized Zones with Multiple Firewalls ......................197 Part IV: Deploying Solutions Using Firewall Products .....................................................211 Chapter 13: Using Windows as a Firewall ...................................................................213 Chapter 14: Configuring Linux as a Firewall ...............................................................233 Chapter 15: Configuring Personal Firewalls: ZoneAlarm, BlackICE, and Norton Personal Firewall ....................................................................................249 Chapter 16: Microsoft’s Firewall: Internet Security and Acceleration Server
Recommended publications
  • Usability and Security of Personal Firewalls
    Usability and Security of Personal Firewalls Almut Herzog^ and Nahid Shahmehri^ Dept. of Computer and Information Science, Linkopings universitet,Sweden {almhe, nahsh}@ida.liu.se Abstract. Effective security of a personal firewall depends on (1) the rule granularity and the implementation of the rule enforcement and (2) the correctness and granularity of user decisions at the time of an alert. A misconfigured or loosely configured firewall may be more dangerous than no firewall at all because of the user's false sense of security. This study assesses effective security of 13 personal firewalls by comparing possible granularity of rules as well as the usability of rule set-up and its influence on security. In order to evaluate usability, we have submitted each firewall to use cases that require user decisions and cause rule creation. In order to evaluate the firewalls' security, we analysed the created rules. In ad­ dition, we ran a port scan and replaced a legitimate, network-enabled application with another program to etssess the firewalls' behaviour in misuse cases. We have conducted a cognitive walkthrough paying special attention to user guidance and user decision support. We conclude that a stronger emphasis on user guidance, on conveying the design of the personal firewall application, on the principle of least privilege and on implications of default settings would greatly enhance both usability and security of personal firewalls. 1 Introduction In times where roaming users connect their laptops to a variety of public, pri­ vate and corporate wireless or wired networks and in times where more and more computers are always online, host-based firewalls implemented in soft­ ware, called personal firewalls, have become an important part of the security armour of a personal computer.
    [Show full text]
  • EC-Council Network Security Administrator (Exam 312-38)
    Product Information Sheet Exam 312-38 EC-Council Network Security Administrator (Exam 312-38) Page | 1 ENSAv4 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Product Information Sheet Exam 312-38 EC-Council NSA is CNSS 4011 Certified The Committee on National Security Systems (CNSS)/National Security Agency (NSA) of the United States of America certified EC-Council’s Network Security Administrator (ENSA) course as having met 100% of the requirements as set out by the Committee on National Security Systems (CNSS) National Standards 4011. This certification is managed by the Information Assurance Courseware Evaluation (IACE) Program, National INFOSEC (Information Security) Education and Training Program and is administered by the U.S. National Security Agency (NSA). The Committee on National Security Systems (CNSS) and National Security Agency (NSA) has developed a nationally recognized certification program based on NSTISSI standards. The CNSS/NSA Certification is a government class certification that is recognized as the National Training Standard for Information Security Professionals Students who have obtained these certifications would have demonstrated a solid grasp of the principles as outlined in the 4011 standard. With this, EC-Council has joined the ranks of the organizations United States Air Force Academy, United States Military Academy, Air Force Institute of Technology and Carnegie Mellon University; all of whom have attained the National Training Standard for Information Security Professionals - the CNSS 4011. Introduction The EC-Council's Network Security Administrator certification looks at the network security in defensive view while the CEH certification program looks at the security in offensive mode. The ENSA program is designed to provide fundamental skills needed to analyze the internal and external security threats against a network, and to develop security policies that will protect an organization’s information.
    [Show full text]
  • Personal Firewalls Are a Necessity for Solo Users
    Personal firewalls are a necessity for solo users COMPANY PRODUCT PLATFORM NOTES PRICE Aladdin Knowledge Systems Ltd. SeSafe Desktop Windows Combines antivirus with content filtering, blocking and $72 Arlington Heights, Ill. monitoring 847-808-0300 www.ealaddin.com Agnitum Inc. Outpost Firewall Pro Windows Blocks ads, sites, programs; limits access by specific times $40 Nicosia, Cyprus www.agnitum.com Computer Associates International Inc. eTrust EZ Firewall Windows Basic firewall available only by download $40/year Islandia, N.Y. 631-342-6000 my-etrust.com Deerfield Canada VisNetic Firewall Windows Stateful, packet-level firewall for workstations, mobile $101 (Canadian) St. Thomas, Ontario for Workstations users or telecommuters 519-633-3403 www.deerfieldcanada.ca Glucose Development Corp. Impasse Mac OS X Full-featured firewall with real-time logging display $10 Sunnyvale, Calif. www.glu.com Intego Corp. NetBarrier Personal Firewall Windows Full-featured firewall with cookie and ad blocking $50 Miami 512-637-0700 NetBarrier 10.1 Mac OS X Full-featured firewall $60 www.intego.com NetBarrier 2.1 Mac OS 8 and 9 Full-featured firewall $60 Internet Security Systems Inc. BlackIce Windows Consumer-oriented PC firewall $30 Atlanta 404-236-2600 RealSecure Desktop Windows Enterprise-grade firewall system for remote, mobile and wireless users Varies blackice.iss.net/ Kerio Technologies Inc. Kerio Personal Firewall Windows Bidirectional, stateful firewall with encrypted remote-management option $39 Santa Clara, Calif. 408-496-4500 www.kerio.com Lava Software Pty. Ltd. AdWare Plus Windows Antispyware blocks some advertiser monitoring but isn't $27 Falköping, Sweden intended to block surveillance utilities 46-0-515-530-14 www.lavasoft.de Network Associates Inc.
    [Show full text]
  • Ethical Hacking and Countermeasures Version 6
    Ethical Hacking and Countermeasures Version 6 Modu le LX Firewall Technologies News Source: http://www.internetnews.com/ Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Objective This modu le will fam iliar ize you wihith: • Firewalls • Hardware Firewalls • Software Firewalls • Mac OS X Firewall • LINUX Firewall • Windows Firewall Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Flow Firewalls Mac OS X Firewall Hardware Firewalls LINUX Firewall Software Firewalls Windows Firewall Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Firewalls: Introduction A firewall is a program or hardware device that protects the resources of a private netw ork from users of other networks It is responsible for the traffic to be allowed to pass, block, or refuse Firewall also works with the proxy server It helps in the protection of the private network from the users of the different network Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Hardware Firewalls Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Hardware Firewall Har dware Firewa lls are place d in the perime ter of the networ k It employs a technique of packet filtering It reads the header of a packet to find out the source and destination address The information is then compared with the set of predefined and/orand/ or user created rules that determine whether the packet is forwarded or dropped Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Netgear Firewall Features: • ItInterne t shar ing broa dbddband router and 4-port switch • 2x the speed and 4x times the coverage of a Wireless-G router • Configurable for private networks and public hotspots • Double Firewall protection from external hackers attacks • Touchless WiFi Security makes it easy to secure your network Copyright © by EC-Council EC-Council All Rights Reserved.
    [Show full text]
  • Firewalls Firewall I Firewall Sono Una Componente O Un Insieme Di Componenti Che Limitano L'accesso Tra Una Rete Protetta Ed In
    For TIC Pagina 1 di 4 Firewalls Firewall I firewall sono una componente o un insieme di componenti che limitano l'accesso tra una rete protetta ed Internet. Essi proteggono le organizzazioni in Internet fornendo accessi sicuri: garantendo che utenti validi possano accedere alle risorse di rete di cui hanno bisogno. Determinare chi sia un utente valido è compito del sistema di autenticazione; mentre determinare quali risorse un utente possa accedere è compito del sistema di autorizzazione (Access Control). Per fornire meccanismi di Access Control, un firewall richiede una comprensione profonda dei servizi e delle applicazioni utilizzati in rete. Ci sono fondamentalmente due tipi di firewall, quelli personali e quelli commerciali. I firewall personali I firewall personali sono programmi che proteggono un computer quando questo è collegato ad una rete. Un personal firewall analizza i canali di comunicazione, negando l'elaborazione del traffico ritenuto rischioso sia in ingresso che in uscita. Di seguito si analizzano le caratteristiche di alcuni prodotti molto diffusi e si riassumono le caratteristiche comparate, in una tabella. z Tiny Personal Firewall è un prodotto facile da configurare ed utilizzare che protegge completamente un computer dagli attacchi. Tiny Personal Firewall include dei wizard semplici per il rilevamento delle intrusioni che individuano attività sconosciute e chiedono all'utente di impostare i parametri del firewall. Appositi wizard rilevano i tentativi di connessione alle porte di comunicazione e creano delle regole di filtering in base all'indicazioni dell'utente. Per garantire che dei cavalli di Troia non si nascondano all'interno di applicazioni viene utilizzata la firma digitale con algoritmo MD5.
    [Show full text]
  • "Service Unavailable" Error, Contact Norton at to Find out How to Configure It Correctly
    Service Unavailable, Offline, or Action Cancelled errors When I try to sign in to RealPlayer, I get a "Service Unavailable," "You are currently offline," or "Action cancelled" error. How can I fix this? You may need to unblock the program in your computer's firewall if: - You get a 'Service Unavailable' or 'you are working offline, click here to refresh' error while trying to sign in or view pages, or an 'Action cancelled' message when you try to play a clip (or view a live video feed such as Big Brother). - It is having problems retrieving CD information Norton, McAfee, ZoneAlarm, Freedom, BlackIce, Windows Firewall, and Microsoft ISA server are some of the most common brands of firewall software. Instructions for these follow: Norton Firewall: 1. Close the program. 2. Double-click the Norton Firewall icon in the Windows task bar. 3. Click the Configure button on the right side. 4. Click the Program Control tab at the top. 5. Locate the program (RealPlayer or Rhapsody). 6. Highlight and click Remove. 7. Close Norton Personal Firewall. 8. Open the program and you will get a prompt to grant access to the Internet. 9. Choose Permit and check Always use this action. 10. Restart the computer. If you are still receiving a "Service Unavailable" error, contact Norton at http://www.symantec.com/techsupp/ to find out how to configure it correctly. McAfee Personal Firewall: There are two possible methods for McAfee Personal Firewall. You can choose either one: First method: 1. Double-click the firewall icon in the Windows task bar.
    [Show full text]
  • Paul Collins Status Name/Startup Item Command Comments X System32
    SYSINFO.ORG STARTUP LIST : 11th June 2006 (c) Paul Collins Status Name/Startup Item Command Comments X system32.exe Added by the AGOBOT-KU WORM! Note - has a blank entry under the Startup Item/Name field X pathex.exe Added by the MKMOOSE-A WORM! X svchost.exe Added by the DELF-UX TROJAN! Note - this is not the legitimate svchost.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in the Winnt or Windows folder X SystemBoot services.exe Added by the SOBER-Q TROJAN! Note - this is not the legitimate services.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in a HelpHelp subfolder of the Windows or Winnt folder X WinCheck services.exe Added by the SOBER-S WORM! Note - this is not the legitimate services.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in a "ConnectionStatusMicrosoft" subfolder of the Windows or Winnt folder X Windows services.exe Added by the SOBER.X WORM! Note - this is not the legitimate services.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in a "WinSecurity" subfolder of the Windows or Winnt folder X WinStart services.exe Added by the SOBER.O WORM! Note - this is not the legitimate
    [Show full text]
  • Firewall Deployment for Scada and Process Control Networks Good Practice Guide
    FIREWALL DEPLOYMENT FOR SCADA AND PROCESS CONTROL NETWORKS GOOD PRACTICE GUIDE 15 FEBRUARY 2005 This paper was previously published by the National Infrastructure Security Co-ordination Centre (NISCC) – a predecessor organisation to the Centre for the Protection of National Infrastructure (CPNI). Hyperlinks in this document may refer to resources that no longer exist. Please see CPNI’s website (www.cpni.gov.uk) for up-to-date information. Disclaimer Reference to any specific commercial product, process or service by trade name, trademark, manufacturer, or otherwise, does not constitute or imply its endorsement, recommendation, or favouring by CPNI. The views and opinions of authors expressed within this document shall not be used for advertising or product endorsement purposes. To the fullest extent permitted by law, CPNI accepts no liability for any loss or damage (whether direct, indirect or consequential and including, but not limited to, loss of profits or anticipated profits, loss of data, business or goodwill) incurred by any person and howsoever caused arising from or connected with any error or omission in this document or from any person acting, omitting to act or refraining from acting upon, or otherwise using, the information contained in this document or its references. You should make your own judgement as regards use of this document and seek independent professional advice on your particular circumstances. Firewall Deployment for SCADA and Process Control Networks Revision History Revision Date Author(s) Description 0.1
    [Show full text]
  • “...Let's Go to Our Mail...”
    “...let's go to our mail...” See what our users have to say about our solutions. Comodo customers are happy customers. Whether about our free, top-of-the- list Firewall Pro or our very place in the Certification Authority industry, both business professionals and PC owners alike are flooding our online forums with their thoughts and thanks. But don't take Comodo's word for it, read them for yourself. To preserve the individual tone of each message and the personality of the forum member, we've taken these messages directly from our web site with no content editing. We've divided them by subject, so jump to the one that interests you most, or start at the top. Comodo Firewall Pro BOClean Free products Trust CAVS VerificationEngine Comodo as a sought-after trust brand Customer support and forums SSL certificates Anti -spam Comodo Firewall Pro Our free Firewall Pro, named "Online Editor's Choice" by PC Magazine and ranked #1 in Matousec's leaktest of top firewalls. ----------------------------------------------------------------------------------------------------------------------------------- Special thanks for providing a Free download ‘firewall’. I have replaced your competitor's firewall, which had been giving me nothing but trouble. Since installing yours, things have been running very smoothly at this end, with no problems. The computer seems much quicker (if possible)! Thanks again. Wayne Morris South Australia. ----------------------------------------------------------------------------------------------------------------------------------- Hi. My name is Tom. I use Comodo Firewall on my desktop and am in absolute love with it. It's an awesome job you guys did, it really is! :D Now, I have a laptop and I have Windows Vista on it.
    [Show full text]
  • Cehv6 Program Guide.Indd
    Page 1 Ethical Hacking and Countermeasures http://www.eccouncil.orghttp://www.eccouncil.org EC-CouncilEC-Council TM Page 2 CEH Certified Ethical Hacker http://www.eccouncil.org EC-Council Table of Contents Page 3 What is New in CEHv6? .............................................. Page 4 CEHv6 Fact Sheet ........................................................ Page 5 CEH Training Program ................................................ Page 9 Course Outline ............................................................ Page 10 Classroom Lecture Hours ............................................ Page 159 CEHv6 Labs ............................................................... Page 162 Module Briefi ng .......................................................... Page 178 CEHv6 Exam Objectives ............................................ Page 193 http://www.eccouncil.org EC-Council Lets’ Stop the Hackers Menace. Master the Hacking Technologies. Become a CEH. Page 4 http://www.eccouncil.org EC-Council CEH v6 Fact Sheet Page 5 1. What is the nature of the course change? CEHv6 has been updated with tons of new hacking tools, new hacking techniques and methodologies. The fl ow of the content is the same except each module is refreshed with more content. There are advanced modules added to the curriculum like Writing Windows Exploits, Reverse Engineering, Covert Hacking and Advanced Virus Writing Skills. The slides are updated to make them more presentable. There are over 67 modules in CEHv6. 2. Are there accompanying certifi cation changes? The CEHv6 exam will be available at Prometric Prime, Prometric APTC and VUC Centers on November 5th 2008. The old CEHv5 exam will still be available until June 3rd 2009. 3. How much will the new exam cost? The updated CEH v6 will cost USD 250. 4. What is the duration of the exam? The exam will be 4 hours with 150 questions. The passing score is 70% 5.
    [Show full text]
  • HOW to USE THIS DOCUMENT: Buying Programs
    ___________________________________________________________________________________ HOW TO USE THIS DOCUMENT: You can find a key word to use in your search on the repository. • You can use Ctrl + F to search this entire document. • You can also jump to a particular group and manually scroll. Buying Programs Which includes: Express Buying Program Certificate Services Which includes: MPKI for SSL; SSL Certificate; Roots and Audits; Managed PKI (MPKI) Online Services Which includes: CloudSOC (CASB) (formerly Elastica); Web Security Service; DLP Cloud; VIP; Cyber Security Services Education and Technical Services Which includes Customer Success; Training Consumer Software Which includes Norton Enterprise Software Which includes SEP and ATP Version 2019.09.20 ___________________________________________________________________________________ Buying Programs Use These Key Word To Look for These Associated Documents Express Buying Program • Express Buying Program Terms and Conditions [Back to Top] Version 2019.09.20 ___________________________________________________________________________________ Certificate Services Symantec completed its divestiture of its certificate services to DigiCert on October 31, 2017. For standard agreements, service descriptions, audit reports and root policies relevant to the Certificate Authority business (including Symantec, Thawte, GeoTrust, and RapidSSL), please visit the Certificate Authority Repository. [Back to Top] Version 2019.09.20 ___________________________________________________________________________________
    [Show full text]
  • Virtual Private Network (VPN) 2.0 User Guide
    Virtual Private Network (VPN) 2.0 User Guide Issue 1 Revision 3 Date 30-Sep-2009 Issued by ITSD © MTR CORPORATION LIMITED 2009. All rights reserved. Reproduction of this work or any party of it by whatever means is not permitted without the prior written consent of MTR Corporation Limited. All content of this material including the text, images and graphics, is confidential and is the property of MTR Corporation Limited and protected by law. You must not disclose this material in whole or in part to third parties without the authorisation of MTR Corporation Limited and you may only use the materials for the purpose agreed with or authorized by MTR Corporation Limited. VPN 2.0 User Guide USER GUIDE OF VPN VERSION 2.0 1 Introduction Internet remote access have been enhanced in version 2.0 of Virtual Private Network (VPN) and Internet Webmail using Microsoft Outlook Web Access (OWA) services to strengthen information security protections to mitigate risks of virus attack and inadvertent disclosure of sensitive information associated with remote access. This document describes the enhancements of this new version and what you have to do about them. The new enhancements include: y One-time-password (OTP) token y Security compliance test 1.1 One-time-password (OTP) token To protect our VPN and Internet OWA users, ITSD has introduced a security device. This device generates a security code (called passcode), which you must use in addition to your normal username and password to gain access to VPN and Internet OWA. ITSD will progressively issue OTP tokens to VPN and Internet OWA users.
    [Show full text]