Information Technology Reference
In-Depth Information
Access Control
Access control is a security mechanism for controlling admission to networks and re-
sources. These controls enforce the security policy and employ rules about which re-
sources can be accessed. Access control ensures the confidentiality and integrity of the
network resources.
The core of network access control consists of the following:
Authentication
establishes the user's identity and access to the network resources.
■
Authorization
describes what can be done and what can be accessed.
■
Accounting
provides an audit trail of activities by logging the actions of the user.
■
Authentication, authorization, and accounting (AAA) are the network security services
that help manage the network access control on your network equipment.
Secure connectivity is a component of the Cisco SAFE security reference architecture.
This component of SAFE aims to protect the integrity and privacy of organizations' sensi-
tive information. With increased security risks on the rise, it is critical that security be im-
plemented within today's network environments. Consider, for example, the increased use
of the Internet as a transport for extranet and teleworker connectivity via always-on
broadband connectivity. Internal network segments have traditionally been considered
trusted, but now require higher levels of network security. However, internal threats are
now more than ten times more expensive and destructive than external threats. Data that
flows across the network needs to be secured so that its privacy and integrity are pre-
served. These are important concepts to keep in mind when making business decisions
about securing connectivity.
The Cisco Secure Connectivity System provides secure transport for data and applica-
tions using encryption and authentication techniques. Many security technologies exist
for s ec ur ing data , voice, and v ideo t raffic u s ing w ired or w irele s s net work s.
Security technologies include
IP Security (IPsec)
■
Secure Shell (SSH)
■
Secure Sockets Layer (SSL)
■
Multiprotocol Label Switching (MPLS) VPNs
■
MPLS VPNs with IPsec
■
Encryption Fundamentals
Cryptography uses encryption to keep data private, thus protecting its confidentiality.
-
crypt the data and reveal the message transmitted. The encryption and decryption can be
