2. Requirements for the Protection
Systems
• Safeguard assets
• Safeguard of personnel
• Two major types
– Physical Security
– Information Security
3. What is physical security?
• Protection of people and physical property
• Traditional physical security involved guards,
locks, keys, etc. – this is changing
• Physical security in buildings, including data
centers, is becoming increasingly dependent
on technical systems for control and
monitoring
5. Physical threats and risks
• Fire
• Explosion
• Destruction
• Power Failure
• Water Damage, Leakage, Theft
• Service Disruption, Loss of key
• Natural Phenomena
10. Steps for physical security
1. Build at the right spot
2. Have redundant utilities
3. Pay attention to walls
4. Avoid windows
5. Use landscaping
6. Keep a 100 foot buffer zone around the site
11. Steps for physical security(Contd.)
7. Use retractable crash barriers at the vehicle
entry point
8. Plan for bomb detection
9. Limit a entry points
10.Make fire doors exit only
11.Use plenty of cameras
12.Protect the building’s machinery
12. Steps for physical security(Contd.)
13.Plan for secure air handling
14.Ensure nothing can hide in the walls and
ceilings
15.Use two-factor authentication
16.Harden the core with security layers
17.Watch the exits too
18.Prohibit food in the computer room
19.Install visitor rest rooms
13. Present CCTV over IP Solution
Security Operations
Center
Monitor
Data Center
WAN
SAN
Campus
LAN
Network Video
Recorder
Storage
Analog camera
IP camera
Video encoder
Cisco switch
Cisco router
Fiber
IP Connection
FiberChannel
Fiber Transceiver
Coaxial cable
Campus
Building
Remote Site
14. Logical threats and risks
• Human faults
• Operational Disruptions
• Software Faults
• Fraud
• Access Control
• Illegal copying
• Viruses
19. Cisco ASA 5500 Series Firewall
(Contd.)
• Remote Access
• Intrusion Prevention System
• Content Security
20. Cisco ASA 5580-40
• Supports Maximum
firewall connection
2,000,000
• Maximum
connections/second is
150,000
• Maximum
packets/second is
4,000,000
• Maximum VLAN
interfaces is 250
21. Cisco NAC Appliance 3395
Network Admission Control
• Authentication Integration with single Sign-On
• Device Quarantine
• Automatic Security policy updates
• Centralized management
• Remediation and repair
• Flexible deployment Modes