1.1 What is Network Security?

   

The first step in any discussion about network security is defining network security. If you ask 10 different administrators for a definition of network security you will probably get 10 different answers.

For the purpose of this book the definition that originated from the United States National Security Agency will be sufficient: Network security is the protection of networks and their services from unauthorized modification, destruction, or disclosure. It assures that the network performs its critical functions correctly and there are no harmful side effects.

This is, admittedly, a very broad definition, but a general definition better prepares network administrators to deal with new types of attacks. If a network security plan is broad in scope, then the tools will be in place that help deal with new types of attacks. Some security incidents are obviously network problems. A distributed denial of service attack (DDoS) is an obvious network issue. A DDoS attack occurs when multiple systems flood a network, or network device, with traffic (such as Ping floods), rendering it unusable by legitimate users. DDoS attacks have to be stopped before they reach the server; in other words, at the network level.

On the other hand, e-mail worms are an example of an attack that is more of a gray area. An e-mail worm is a file that is sent as part of an e-mail. The file exploits security holes in popular e-mail programs to cause damage to a machine's file system, and then sends itself to other people via the address book, continuing to wreak havoc. At first glance an e-mail worm might be considered a problem for server administrators to deal with, but worms, in addition to flooding servers, also clog the network, and, in extreme cases, may force you to remove your network from the Internet, while the worm is being dealt with.

1.1.1 Network Security and Compromise

As with all security, network security is about compromise. As shown earlier, even defining the scope of network security involves compromise. A network security policy is not developed in a vacuum . Network administrators have to work with other departments, especially a company's legal department, and within the confines of a limited budget to determine the scope of an organization's network security policy.

Unfortunately, compromise often leaves a network administrator in the position of being damned if you do, and damned if you don't. Network administrators often find themselves in the hot seat for incidents that might have been prevented if the requested budget had been allocated.

Network security compromise is often a combination of education and risk management. Security personnel have to remain abreast of the latest security vulnerabilities, and communicate new information to others in their group , and often to the chief information officer (CIO), directly or through the normal chain of command. The CIO is then responsible for communicating the information to the rest of the organization.

NOTE

Throughout this chapter you will see references to the CIO. Depending on the size and structure of your company, the duties described may be handled by a chief technology officer (CTO) or an information technology (IT) manager.


When communicating security information to others in the company, it is often necessary to act like a salesperson. Security problems should be explained in terms of benefits not features ”explain what can happen rather than the technical aspects of an attack. If a new security hole may allow DDoS attacks against a server, don't discuss the minutiae of the ISO OSI reference model or the Transmission Control Protocol (TCP). Instead focus on the fact that if this security hole is exploited it may cause your website to become unreachable by legitimate users.

Another tactic is to explain problems in terms of cost. If bandwidth is billed using a burst model (e.g., you have a 10-megabit connection, but can use up to 45 megabits) a DDoS attack can cause the organization to use its fully allotted bandwidth, thereby incurring a quantifiable additional expense.

In fact, the more often a security risk can be quantified , the easier it is to convince others to approve, or facilitate, the ability to act.

1.1.2 Risk Management

Quantification of network problems also allows network administrators to better handle risk management. Risk management is the process of assessing the potential threat from a security risk.

Risk management also means understanding when cost is not a factor. While this section largely focuses on determining the true cost of implementing security solutions, it is important to remember that there are some solutions that are so important they need to be implemented no matter what the cost.

Effective risk management requires an understanding of the full impact of every security threat. Full understanding of a risk gives network administrators the ability to weigh the true costs involved in not fixing a security hole. For instance, if mail servers are left unsecured, so anyone can send a message through them, there is a potential security hole that has a high risk of being exploited. Risk management involves looking at the costs of fixing the server versus not fixing it. The cost of fixing the mail server is relatively minor: Simply do not allow anyone outside the local network to relay through the server, or, if an organization has many remote users, implement a security system that requires people to authenticate before they can send mail. The cost of not fixing it is great. There is the obvious cost of someone using your server, and network connectivity to send mail to millions of people. But there are also administrative costs involved in a situation like this: angry e-mail from people who received the mail, losing the ability to send mail to some people because your mail server is blacklisted, and having to restrict access to the mail server anyway.

In April 2002, the FBI and the Computer Security Institute released the results of their "2002 Computer Crime and Security Survey." The survey, which collects data about security practices from randomly selected companies, provides information about the frequency of common network attacks. Table 1.1 lists the percentage of companies that reported successful attacks.

Computer worms are by far the most common type of network attack detected [1] and reported. The operative words are detected and reported . Obviously, not all attacks are detected ”and even some that are go unreported ”so the percentages may not reflect the true number of network attacks experienced by these businesses.

[1] The second most common type of attack, not listed in the chart, is one originated internally by an employee, or group of employees .

Table 1.1. Reported Network Attacks

Type of Attack

Percentage Reporting Successful Attacks

Computer virus/worm

85

System penetration

40

Denial of Service attacks

40

Web server penetration

38

Some companies feel that there is a stigma associated with network attacks and, despite the fact that network attacks are a common occurrence, the Computer Crime and Security Survey continually suffers from underreporting by companies.

Why is data like this important? It helps to give network administrators an idea of how an organization's resources should be distributed when developing a network security strategy. If it is known that a company is twice as likely to be the victim of a virus or worm than any other type of attack, server administrators can plan appropriately.

Many companies use a form of risk profiling to determine the cost of implementing a network security policy. Risk profiling involves evaluating a security risk from four perspectives and using the number gained to assign a priority to each threat.

As with the other aspects of risk management risk profiling has to be handled by a security group, and needs direct involvement from the CIO, senior management, and the legal department.

The risk profiling method developed by the National Institute of Standards and Technology involves creating a matrix that evaluates the threat, visibility, consequences, and sensitivity of a potential threat. This type of risk assessment fits well into most network security models, as discussed in the next chapter.

To create a risk profile, first create two charts (Table 1.2 and Table 1.3).

Table 1.2. Risk Profiling: Threats and Visibility

Threat

Rating

No currently identified threats

1

Unknown, or multiple exposures

3

Active threats, multiple exposures

5

Visibility

Rating

Very low profile, no publicity

1

Occasional publicity

3

Active publicity

5

MULTIPLY THREAT VALUE BY THE VISIBILITY VALUE.

Table 1.3. Risk Profiling: Consequences and Sensitivity

Consequences

Rating

Consequences have no cost, are within budget, or the risk can be transferred.

1

May impact internal functions, cause budget overruns, or there may be opportunity costs.

3

External functions may be impacted, and revenue loss will occur.

5

Sensitivity

Rating

Part of the cost of doing business, no organizational impact.

1

Unacceptable impact for a specific business unit and goodwill costs.

3

Unacceptable management costs, and business relationships affected.

5

MULTIPLY CONSEQUENCE VALUE BY THE SENSITIVITY VALUE.

Apply all four measures to a risk; multiply the threat and visibility values. Multiply the consequences and sensitivity values. Add the two results, and you have a risk profile.

After the measures have been applied to a risk it can then be assigned to one of the three categories in Table 1.4.

Table 1.4. Risk Profile: Final Assessment

Combined Value

Risk Profile

2-10

Low

11-29

Medium

30-50

High

Also note that this type of risk profiling should be included as part of any new network project completed. Analyzing and understanding security risks inherent in a new project is important to minimize future security risks to your company.

   


The Practice of Network Security. Deployment Strategies for Production Environments
The Practice of Network Security: Deployment Strategies for Production Environments
ISBN: 0130462233
EAN: 2147483647
Year: 2002
Pages: 131
Authors: Allan Liska

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net