Network Redundancy

1
Network Redundancy

• The key to in preventing or reducing disruption,
  destruction and disaster - is redundancy.
• Examples of components that provide redundancy
  include
• Uninterruptible power supplies (UPS)
• Fault-tolerant servers
• Disk mirroring
• Disk duplexing
• Redundancy can be built into other network
  components as well.

2
Preventing Natural Disasters

• Disasters are different from disruptions since
  the entire site can be destroyed.
• The best solution is to have a completely
  redundant network that duplicates every network
  component, but in a different location.
• Generally speaking, preventing disasters is
  difficult. The most fundamental principle is to
  decentralize the network resources.
• Other steps depend on the type of disaster to be
  prevented.

3
Preventing Theft

• Equipment theft can also be a problem if
  precautions against it are not taken.
• Industry sources indicate that about 1 billion
  is lost each year to theft of computers and
  related equipment.
• For this reason, security plans should include an
  evaluation of ways to prevent equipment theft.

4
Preventing Computer Viruses

• Special attention must be paid to preventing
  viruses that attach themselves to other programs
  and spread when the programs are executed.
• Macroviruses attach themselves to documents and
  become active when the files are opened are also
  common. Anti-virus software packages are
  available to check disks and files to ensure that
  they are virus-free.
• Incoming e-mail messages are the most common
  source of viruses. Attachments to incoming e-mail
  should be routinely checked for viruses.
• The use of filtering programs that clean
  incoming e-mail is also becoming common.

5
Worms

• A worm is a special type of virus that spreads
  itself without human intervention.
• Most viruses attach themselves to other programs
  but a worm copies itself from computer to
  computer.
• Worms spread when the install themselves on a
  computer and then send copies to other computer,
  such as by e-mail or by using a security hole in
  the target computers operating system.

6
Detecting Disruption, Destruction Disaster

• One function of network monitoring software is to
  alert network managers to problems so that these
  can be corrected.
• Detecting minor disruptions can be more
  difficult.
• The network should also routinely log fault
  information to enable network managers to
  recognize minor service problems.
• In addition, there should be a clear procedure by
  which network users can report problems.

7
Disaster Recovery Plans (DRP)

• The goal of the disaster recovery plan (DRP) is
  to plan responses to possible disasters,
  providing for partial or complete recovery of all
  data, application software, network components,
  and physical facilities.
• Critical to the DRP are backup and recovery
  controls that enable an organization to recover
  its data and restart its application software
  should some part of the network fail.
• The DRP should also address what to do in a
  variety of situations, such as, if the main
  database is destroyed or if the data center is
  destroyed.

8
Elements of a Disaster Recovery Plan (see Figure
7)

• Names of responsible individuals
• Staff assignments and responsibilities
• List of priorities of fix-firsts
• Location of alternative facilities.
• Recovery procedures for data communications
  facilities, servers and application systems.
• Actions to be taken under various contingencies.
• Manual processes.
• Updating and Testing procedures.
• Safe storage of data, software and the disaster
  recovery plan itself.

9
Two-Level Disaster Recovery Plans

• Most large organizations have a two-level
  disaster recovery plan.
• Level 1 When they build networks they build
  enough capacity and have enough spare equipment
  to recover from a minor disaster, such as loss of
  a major server or portion of the network.
• Level 2 most large organizations rely on
  professional disaster recovery firms to provide
  second level support for major disasters.

10
Disaster Recovery Firms

• Many large organizations outsource their disaster
  recovery efforts to disaster recovery firms.
• Disaster recovery firms offer a range of services
  from secure storage for backups, to a complete
  networked data center that clients can use should
  their network be destroyed by some disaster.
• Full services are not cheap, but may be
  worthwhile when millions of dollars of lost
  revenue may be at stake.

11
Controlling Unauthorized Access
12
Preventing Intruder Access

• Four types of intruders attempt to gain
  unauthorized access to computer networks.
• 1. Casual hackers who only have limited
  knowledge of computer security.
• 2. Security experts whose motivation is the
  thrill of the hunt.
• 3. Professional hackers who break into corporate
  or government computers for specific purposes.
• 4. Organization employees who have legitimate
  access to the network but who gain access to
  information they are not authorized to use.

13
Preventing Unauthorized Access

• A proactive approach that includes routinely
  testing your security systems is key to
  preventing unauthorized access.
• Access related security issues include
• Security policies
• User profiles
• Physical security
• Dial-in security
• Firewalls
• Network address translation
• Encryption

14
Developing a Security Policy

• The security policy should clearly define the
  important network components to be safeguarded
  along with controls needed to do that (Figure 8).
• The most common way for a hacker to break into a
  system is through social engineering (breaking
  security simply by asking how).

15
Elements of a Security Policy (see Figure 8)

• Names of responsible individuals.
• Incident reporting system and response team.
• Risk assessment with priorities.
• Controls on access points to prevent or deter
  unauthorized external access.
• Controls within the network to ensure internal
  users cannot exceed their authorized access.
• An acceptable use policy.
• User training plan on security.
• Testing and updating plans.

16
User Profiles and Forms of Access

• The limits of what users have access to on a
  network are determined by user profiles assigned
  to each user account by the net manager.
• The profile specifies access details such as what
  data and network resources a user can access and
  the type of access (e.g., read, write, create,
  delete).
• Most access is still password based, that is,
  users gain access based on something they know.
• Many systems require users to enter a password in
  conjunction with something they have, such as a
  smart card. ATM cards work in this way.
• In high-security applications, users may be
  required to present something they are, such as a
  finger, hand or the retina of their eye for
  scanning by a biometric system.

17
User Profiles Managing User Access

• User profiles can limit the allowable log-in
  days, time of day, physical locations, and the
  allowable number of incorrect log-in attempts.
• Creating accounts and profiles is simple, as they
  are created when new personnel arrive.
• One security problem is often created because
  network managers forget to remove user accounts
  when someone leaves an organization.

18
Managing Users

• It is important to screen and classify both users
  and data (need to know).
• The effect of any security software packages that
  restrict or control access to files, records, or
  data items should also be reviewed.
• Adequate user training on network security should
  be provided through self-teaching manuals,
  newsletters, policy statements, and short
  courses.
• A well publicized security campaign can also help
  deter potential intruders.

19
Physical Security

• Physical security means implementing access
  controls so only authorized personnel have access
  to areas where network equipment is located.
• Each network component should have its own level
  of physical security.
• Two important areas of concern are network
  cabling and network devices.
• Network cables should be secured behind walls.
• Network devices such as hubs and switches should
  be secured in locked wiring closets.

20
Dial-In Security

• Any organization that permits staff members to
  access its networks via dial-in modems opens
  itself to a broader range of intruders.
• One strategy is to routinely change modem
  numbers.
• Another strategy is to use call-back modems
  automatic number identification (ANI) so only
  users dialing in from authorized locations are
  granted access.
• One-time passwords provide a strategy for
  traveling employees who cant use call-back
  modems and automatic number identification.

21
Firewalls

• Firewalls are used to prevent intruders on the
  Internet from making unauthorized access and
  denial of service attacks to your network.
• A firewall is a router, gateway, or special
  purpose computer that examines packets flowing
  into and out of the organizations network
  (usually via the Internet or corporate Intranet),
  restricting access to that network.
• The two main types of firewalls are packet level
  firewalls and application-level firewalls.

22
Fig. 9 Using a firewall to protect networks.
23
Packet Filters

• A packet-level firewall (or packet filter)
  examines the source and destination address of
  packets that pass through it, only allowing
  packets that have acceptable addresses to pass.
• Since each packet is examined separately, the
  firewall cant understand what the senders goal
  is.
• Packet filters may be vulnerable to IP spoofing,
  accomplished by changing the source address on
  incoming packets from their real address to an
  address inside the organizations network.
• While packet filters have strengthened their
  security since the first cases of IP spoofing, IP
  spoofing remains a problem.

24
Application-Level Firewalls

• An application-level firewall or application
  gateway acts as an intermediate host computer,
  separating a private network from the rest of the
  Internet, but it works on specific applications,
  such as Web site access.
• The application gateway acts as an intermediary
  between the outside client making the request and
  the destination server responding to that
  request, hiding individual computers on the
  network behind the firewall.
• Because of the increased complexity of what they
  do, application level firewalls require more
  processing power than packet filters which can
  impact network performance.

25
Network Address Translation

• Network address translation (NAT) is used to
  shield a private network from outside
  interference.
• An NAT proxy server uses an address table,
  translating network addresses inside the
  organization into aliases for use on the
  Internet. So, internal IP addresses remain
  hidden.
• Many organizations combine NAT proxy servers,
  packet filters and application gateways,
  maintaining their online resources in a DMZ
  network between the two (Figure 10).

26
Fig. 10 Typical network design using firewalls.
27
Security Holes

• Security holes are made by flaws in network
  software that permit unintended access to the
  network. Operating systems often contain security
  holes, the details of which can be highly
  technical.
• Once discovered, knowledge about the security
  hole may be quickly circulated on the Internet.
• A race can then begin between hackers attempting
  to break into networks through the security hole
  and security teams working to produce a patch to
  eliminate the security hole.

28
Encryption

• Encryption systems include 4 main components
• Plaintext the unencrypted message
• An encryption algorithm that works like the
  locking mechanism to a safe
• A key that works like the safes combination
• Ciphertext is produced from the plaintext message
  by the encryption function.
• Decryption is the same process in reverse (like a
  modulation/demodulation), but it doesnt always
  use the same key or algorithm. Plaintext results
  from decryption.

29
Encryption Techniques

• There are three important encryption techniques
  now in use
• Symmetric or private key encryption
• Asymmetric or public key encryption
• Digital signatures, which are based on a
  variation of public key encryption.

30
Symmetric Encryption

• Symmetric or private key encryption, uses the
  same algorithm and key to both encrypt and
  decrypt a message.
• Historically, this is the most common encryption
  technique.
• Since the key must be distributed, however, it is
  vulnerable to interception. This is an important
  weakness of symmetric key encryption.

31
Symmetric Encryption

• Strong encryption doesnt only depend on keeping
  the algorithm secret, it also depends on the
  length of the key.
• A common way to break encryption is by brute
  force, meaning trying all possible combinations
  until the correct key is found.
• Since longer keys have more possible
  combinations, they are more difficult to crack.

32
Data Encryption Standard (DES)

• DES is a symmetric encryption algorithm developed
  by IBM and maintained by the National Institute
  of Standards and Technology.
• A 56-bit version of DES is commonly used, but can
  be broken by brute force.
• Other symmetric encryption techniques include
• RC4 uses a 40 bit key, but can use up to 256
  bits.
• Triple DES (3DES) uses DES three times,
  effectively giving it a 168 bit key.
• Advanced Encryption Standard (AES), designed to
  replace DES uses 128, 192 and 256 bit keys.

33
Encryption a dual use technology

• The U.S. government limits the export of
  encryption techniques since they can also be used
  for military purposes.
• The limit is 56 bit keys, based on the DES
  technique were developed in the 1970s.
• US policy is the focus of an ongoing policy
  debate between security agencies and the software
  industry.

34
Asymmetric or Public Key Encryption

• A second popular technique is asymmetric or
  public key encryption (PKE).
• PKE is called asymmetric since it uses two
  different one way keys
• a public key used to encrypt messages, and
• a private key used to decrypt them.
• PKE greatly reduces the key management problem
  since the private key is never distributed.
• The most popular form of PKE is called RSA named
  after the initials of its inventors.

35
Public Key Encryption (Figure 10-11)

• Public key encryption works as follows
• B (the message recipient) makes his/her public
  key widely available (say through the Internet).
• A (the sender) then uses Bs public key to
  encrypt the message to be sent to B.
• B then uses the Bs own private key to decrypt
  the message.
• No security hole is created by distributing the
  public key, since Bs private key has never been
  distributed.

36
Figure 11 Public Key Encryption
37
Digital Signatures (see Figure 12)

• PKE also permits authentication (digital
  signatures), which essentially uses PKE in
  reverse. The digital signature, is a small part
  of the message, and includes the name of the
  sender and other key contents.
• The digital signature in the outgoing message is
  encrypted using the senders private key
• The digital signature is then decrypted using the
  senders public key thus providing evidence that
  the message originated from the sender.
• Digital signatures and public key encryption
  combine to provide secure and authenticated
  message transmission (see Figure 12).

38
Figure 12 DigitalSignatures
39
Certificate Authorities (CA)

• One problem with digital signatures involves
  verifying that the person sending the message is
  really who he or she says they are.
• A certificate authority (CA) is a trusted
  organization that can vouch for the authenticity
  of the person of organization using
  authentication.
• The CA sends out a digital certificate verifying
  the identity of a digital signatures source.
• For higher level security certification, the CA
  requires that a unique fingerprint (key) be
  issued by the CA for every message sent by the
  user.

40
Other Encryption Techniques PGP

• Pretty Good Privacy (PGP) is a PKE freeware
  package developed by Phil Zimmerman often used to
  encrypt e-mail.
• PGP users make their public keys available by
  posting them on Web pages.
• Anyone wishing to send an encrypted message to
  that person, simply cuts and pastes the public
  key from the Web page into the PGP software. The
  PGP software then encrypts and sends the message
  using that key.
• PGP servers are also available that allow you to
  search for someones public key.

41
Other Encryption Techniques SSL

• Secure Sockets Layer (SSL) is a technique used on
  the Web that operates between the application and
  transport layers.
• SSL combines symmetric encryption with digital
  signatures. SSL has four steps
• Negotiation browser and server first agree on
  the encryption technique they will use (e.g.,
  RC4, DES).
• Authentication the server authenticates itself
  by sending its digital signature to the browser.
• Symmetric Key Exchange browser and server
  exchange sym. keys used to encrypt outgoing
  messages.
• Sym. Key Encryption w/ Dig. Signatures encrypted
  messages are then sent that include digital
  signatures.

42
Other Encryption Techniques IPSec

• The IP Security Protocol (IPSec) technique works
  between the transport and network layers.
• First, sender and receiver exchange two numbers
  using Internet Key Exchange (IKE). These are
  combined to create encryption keys, which are
  then exchanged.
• Next, sender and receiver negotiate the
  encryption technique to be used, such as DES or
  3DES.
• Sender and receiver then begin transmitting data.
• IPSec transmits using either transport mode, in
  which only the IP payload is encrypted, or
  tunnel mode, in which the entire IP packet is
  encrypted.

43
Detecting Unauthorized Access

• Since unauthorized access can not always be
  prevented, managers need to try to detect when it
  has occurred. This is done using one of three
  types of Intrusion Detection Systems (IDSs)
• Network-based IDSs install IDS sensors on network
  circuits and monitor packets
• Host-based IDSs monitor all activity on the
  server as well as incoming server traffic
• Application-based IDSs are a special form of
  host-based IDSs that monitor just one
  application, such as a Web server.

44
Detecting Intrusions

• Intrusion detection systems use two main
  techniques to determine if an intrusion is in
  progress
• Misuse detection compares monitored activities
  with signatures of known attacks. If an attack is
  recognized the IDS issues an alert.
• Anomaly detection operates in stable computing
  environments and looks for major deviations from
  the normal parameters of network operation.
  When one is detected, (e.g., a large number of
  failed logins), an alert is issued.
• IDSs are often used in conjunction with firewalls
  and other security tools (See Figure 13).

45
Figure 13 Intrusion Detection System
46
Correcting Unauthorized Access

• Once an unauthorized access is detected, the
  first step is to identify where the security
  breach occurred and fix it so that it will not
  reoccur.
• In order to deter such break-ins, there has been
  a stiffening of computer security laws and in the
  legal interpretation of other laws that pertain
  to computer networks.
• Many organizations have also taken their own
  steps to detect or deter intruders such by using
  entrapment techniques that lure hackers to a
  server with fake information and may even have
  special software to track the hackers origin.