Week 13: Network security

Firewalls and VPNs

Lecture notes:
Network security - Lecture slides (6 per page)
Terms with which you should be familiar:

Confidentiality, integrity, availability, packet filter, screening router, rules, chain, network ingress, DDoS attacks, source address spoofing, stateful inspection, DMZ, NAT, deep packet inspection Intrusion Detection System (IDS), protocol-based IDS, signature-based IDS, anomaly-based IDS, application proxy


Plaintext, ciphertext, encryption, decryption, cipher, key, public key, session key, hybrid cryptosystem, challenge handshake authentication protocol, Diffie-Hellman, cryptographic hash function

Virtual Private Networks

Tunnel, tunnel mode, transport mode, IPsec Authentication Header protocol (AH) protocol, IPsec Encapsulating Security Payload (ESP) protocol, Secure Socket Layer (SSL)