IS 3423 Secure Network Design

1
IS 3423Secure Network Design

• Chapter Nine
• Securing the Corporate
• Network Infrastructure

2
Note

• Your text focuses on specific Cisco equipment to
  address security architecture. In class, and for
  the exam, we will focus on a more generic
  approach toward addressing security architecture.
  The content of Chapter Nine text should be of
  assistance for the Case. However, there are many
  other sources both h/w and s/w.

3
Elements of Security Architecture

• Identity Management
• Integrity
• Data Confidentiality
• Network Availability
• Audit

4
Identity Management

• Managing user access to applications and
  information based on proof of identity
• Combination of authentication (user
  identification) and authorization (user access
  rights)
• Controlling access is critical

5
Major Conflict

• How can you have access on demand to everyone
  (employees, customers, suppliers, etc.) with
  proper identity, yet prevent unauthorized access?
• What happens when stakeholders cannot access
  critical information on a timely basis?

6
Other Problems

• Approximately 25 of user IDs within a typical
  enterprise or expired or invalid
• User names and passwords are still primary means
  of identity management
• User frustration - too many IDs and passwords to
  remember!
• Inconsistent access policies inadvertently
  provide unauthorized access
• More sophisticated methods of identity management
  generally increase cost and complexity

7
Creating an Identity Management Infrastructure

• Improve methods of identity management
  something better than ID and passwords
• Possibilities biometrics, user/device/location/t
  ime identification
• Provide secure source of identity information
• Identity-based network segmentation
• Focus on cross-platform interoperability
• Hiding corporate networks and critical assets
  from unauthorized users
• Disable auxiliary ports
• Establish clearly defined access policies
• Establish clearly defined identity revocation
  policies

8
Source for Technical Solutions

• http//www.enterprisenetworksandservers.com/monthl
  y/art.php/756

9
Integrity Management

• Assure data is not altered as it crosses the
  network infrastructure
• Loss of integrity could result in
• Corrupted data
• Sabotage of core business plans
• Impersonation of legitimate users

10
Common Integrity Attacks

• Inserting a host into the network
• Compromising an existing host
• Cracking eavesdropped passwords

11
Major Vulnerabilities

• Proprietary Software
• Open systems
• Shared data
• User data
• Mobile users
• Telecommuters

12
Solutions?

• Incorporate tools to analyze the integrity of the
  network infrastructure and determine problem
  areas
• Image authentication ensure no modification in
  transit
• Port security block traffic that does not fit
  profile
• Routing Authentication
• Thoroughly test new or updated software prior to
  deployment
• Insure adequate backup of data
• Provide means to quickly recover deleted or
  altered files

13
Sources for Technical Solutions

• Note This is just a sampling of available
  technologies
• Gold Wire Technology Formulator
• Tripwire
• Cim Trak

14
Data Confidentiality Management

• Focus is on encryption
• At a minimum, encrypt
• telnet sessions to devices
• TFTP configuration downloads
• SNMP transactions to and from network devices
• HTTP access to device information

15
Solutions

• Insure secure remote dial-in access (VPNs ?)
• Encrypt, encrypt, encrypt
• Consider SSL where possible
• What about wireless?
• Isolate critical data
• Apply security patches

16
Network Availability Management

• Ensure redundancy measures are in place, and that
  features are configured to deter most common
  attacks

17
Availability Attacks to Infrastructure

• Tampering with data over non-secure lines
• Making network access devices inoperable
• Disturbing routing protocol information

18
Common Attack Deterrents

• Spoofed Packets Disallow obviously bogus
  traffic
• Fragmentation Attacks reassemble original
  packet, check for validity, then re-fragment
  before forwarding it (can severely limit
  performance!)
• Broadcast Attacks log and monitor broadcast
  traffic
• TCP SYN Attacks almost impossible to stop SYN
  flooding if one occurs, attempt to constrain
  the impact on critical parts log and monitor

19
Solutions

• Redundant power supplies (on separate circuits)
  for critical devices
• UPS
• Backup generator
• Any device that MUST be available 24/7 is a
  candidate for complete redundancy
• Physical security
• Protect network media
• Redundant physical paths
• Evaluate and predict data flow based on different
  types of failures
• Integrate firewalls and load balancers

20
Audit Management

• Verify that security policies are being adhered
  to
• Assure network infrastructure is configured as
  expected and monitored effectively
• Communication between audit servers and network
  configuration devices should be encrypted
• Secure the audit logs

21
Configuration Verification

• Usually performed via a modeling or simulation
  tool
• Areas to be modeled
• Mapping current network topology
• Identifying services on hosts
• Performing what if scenarios to detect
  filtering problems
• Performing sample attack scenarios to find
  vulnerabilities
• Periodically employ tools to launch well-known
  attacks (proactive)

22
Monitoring and Logging Network Activity

• Determine normal behavior by monitoring system
  usage and traffic patterns
• At a minimum, keep track of network usage and
  high volumes of data traffic
• Event logging automatically log output from
  error messages and other events to the console
  terminal
• Verify time stamps

23
Intrusion Detection

• Real-time monitoring of network activity
  seeking anomalies
• May want to write customized detection rules

24
Characteristics of good system

• Run with minimal human intervention
• Fault tolerant
• Resist subversion
• Minimal overhead
• Immediately alert in case of anomaly
• Cope with changing system behavior over time at
  new applications are added

25
Network Forensics

• If a breach occurs, do not reboot any device for
  fear of losing valuable information
• Gather information pertaining to
• Network configuration
• Routing
• Address Resolution Protocol (ARP) information
• Statistics related to Interface, NAT
  translation, routing cache, switching cache,
  SNMP, and logging

26
Sample University Network Infrastructure Use
Policies

• http//www.uww.edu/tir/index.php?id83
• http//www.wsu.edu/forms/HTML/EPM/EP16_University
  _Network_Policies.htm

27
Chapter 9 Review Questions

• What are the five primary elements of security
  architecture?
• Define identity management. What are its major
  components?
• Discuss the major problems associated with
  identity management
• Discuss the factors to consider when creating an
  identity management infrastructure
• Define integrity management. What are some
  common integrity attacks?
• Discuss the major integrity management
  vulnerabilities
• Discuss the factors to consider when creating an
  integrity management infrastructure

28
Chapter 9 Review Questions (cont)

• Define data confidentiality management
• Discuss the factors to consider when creating a
  data confidentiality management infrastructure
• Define network availability management
• Discuss some common data confidentiality attack
  deterrents
• Discuss the factors to consider when creating a
  confidentiality management infrastructure
• Define audit management
• Define configuration verification. What areas
  should be modeled? Why is it advisable to
  periodically employ tools to launch known
  attacks?
• Discuss the characteristics of a good intrusion
  detection system