The security topology of your network defines the network design and implementation from a security perspective. Unlike a network topology, we are more
The design goals of a security topology must deal with issues of confidentiality, integrity, availability, and accountability. Addressing these four issues as an initial part of your network design will help you ensure tighter security. You will often see the confidentiality, integrity, and availability referred to as the CIA of network security. The accountability component is equally important. Design goals must additionally identify who is responsible for what aspects of computer security.
The goal of
is to prevent or minimize unauthorized access and disclosure of data and information. In many instances, laws and regulations require specific confidentiality of information. Social security records, payroll and employee records, medical records, and corporate information are high value assets. This information can possibly create liability issues or embarrassment if it
If confidentiality issues are addressed early in the design phase, the steps that must be taken to minimize this exposure will become clear.
The goal of integrity is to make sure that the data being worked with is actually the correct data. Information integrity is critical to a secure topology. Organizations work with and make decisions using the data they have available. If this information is not accurate or is tampered with by an unauthorized person, the consequences can be devastating.
Take the case of a school
How does an organization know that the information they are using to make decisions is accurate and hasn't been tampered with or
The goal of
is to protect data and prevent its loss. Data that can't be accessed is of little value. If a mishap or attack occurs that
The hardest part of this process is determining what balance of these three aspects must be
The final and often overlooked goal of design concerns accountability . Many of the resources used by an organization are shared between various departments and individuals. If an error or incident occurs, who is responsible for fixing it? Who determines whether or not the information is correct?
It is a good idea to become clear about who owns the data or is responsible for making sure that it is accurate. You also want to be able to track and monitor data changes to detect and repair the data in the event of loss or damage. Most systems will track and store logs on system activities and data manipulation, and they will also provide
Overview of Networks
Over time, networks become complex beasts. They may even appear to have lives of their own. It is common for a network to have connections between departments, companies,
The next few sections identify the topologies used to create security zones to provide security. The Internet has become a boon to individuals and to businesses, but it creates a challenge for security. By implementing Intranets, Extranets, and DMZs you can create a reasonably secure environment for your organization.
The Internet is a global network that connects computer and networks together. The Internet can be used by anybody who has access to an Internet portal or an Internet Service Provider. The Internet is an environment that you should assume involves a low-trust level of people who use it. You must assume that the person visiting your website may have bad intentions. They may also be people who want to buy your product or hire your firm. Externally, you have no way of knowing until you monitor their actions. Figure 1.10 illustrates an Internet network and its connections.
Figure 1.10: A typical LAN connection to the Internet
Intranets are private networks implemented and maintained by an individual company or organization. Intranet access is limited to systems within the Intranet. Intranets use the same technologies used by the Internet. Intranets can be connected to the Internet but are not available for access to users that are not authorized to be part of the Intranet. Access to the Intranet is granted to trusted users inside the corporate network or to users in remote locations. Figure 1.11 displays an Intranet network.
Figure 1.11: An Intranet network
extend Intranets to include outside connections to
Figure 1.12: A typical Extranet between two organizations
Demilitarized Zone (DMZ)
is an area where you can place a public server for access by people you might not trust
Figure 1.13: A typical DMZ
Designing Security Zones
Security zone design is an important aspect of computer security. You have many different approaches to accomplish a good solid design. Some of the design tradeoffs involve risk and involve money. You can create
One of the nice things about technology is that it is always changing. One of the bad things about technology is that it is always changing. Several relatively new technologies have become available to help you create a less vulnerable system. The three technologies this section will focus on are Virtual Local Area Networks (VLANs), Network Address Translation ( NAT ) and Tunneling . These technologies allow you to improve security in your network at very little additional cost.
A VLAN allows you to create groups of users and systems and segment them on the network. This segmentation allows you to hide segments of the network from other segments and control access. VLANs can also be set up to control the paths that data takes to get from one point to another. You can think of a VLAN as a good way to contain network traffic to a certain area in a network. Figure 1.14 illustrates the creation of three VLANs in a single network.
Figure 1.14: A typical segmented VLAN
NAT creates a unique opportunity to assist in the security of a network. Originally, NAT extended the number of usable Internet addresses. NAT allows an organization to present a single address to the Internet for all computer connections. The NAT server provides IP addresses to the
NAT effectively hides your network from the world. This makes it much harder to determine what systems exist on the other side of the router. The NAT server effectively operates as a firewall for the network. Most new routers support NAT translation. It provides a simple inexpensive firewall for small networks. Figure 1.15 shows a router providing NAT services to a network. The router presents a single address for all external connections on the Internet.
Figure 1.15: A typical Internet connection to a local network
refers to the ability to create a virtual dedicated connection between two systems or networks. The tunnel is created between the two ends by encapsulating the data in a
Figure 1.16: A typical tunnel
Your company has just signed an agreement with a large wholesaler to sell your products. This company has an
A good implementation would be to connect your network to theirs using a VPN across the Internet. You could use a secure tunneling protocol to ensure that unauthorized parties would not be able to sniff or access information streams between the companies. This would create an Extranet environment for you and your new business partner.
The challenge lies in creating secure areas in your network that they will not have access to. This can be accomplished by either establishing VLANs in your internal network that are not visible to the Extranet. VLANs can be implemented using routers, firewalls, and network segmentation.
An organization or business is well
Figure 1.17: The business requirements of a security environment
The following sections explain the various business requirements that need to be addressed when designing a security topology. The failure to consider any one of these aspects can cause the entire design to be flawed and
Every business or organization has assets and resources that are
The more difficult part of an asset identification process is attempting to assign value to information. In some cases, you may find yourself only able to determine what would happen if the information were to become unavailable or lost. If absence of this information would effectively shut down the business, this information is priceless. If you have this type of information, determining which methods and approaches you should take to safeguard the information becomes easier.
You would not necessarily assign the same value to the formula for Coca-Cola that you would to your mother's chicken and rice recipe. The Coke formula would be worth a
There are several ways to perform a risk assessment or risk analysis . They range from highly scientific formula-based methods to a conversation with the owner. In general, you will want to attempt to identify the costs of replacing stolen data or systems, the costs of downtime, and virtually any other factor you can imagine.
Once you have determined the costs, you can then evaluate the likelihood that certain types of events will occur and what is the most likely outcome if the occur. If you work in New York City, what is the
Implementing a security policy requires that you evaluate the risks of both internal and external
to the data and network. It does very little good to implement a
Internal threats also include employee fraud, abuse or alteration of data, and theft of property. These threats require that both policies and systems be put into place to detect and mitigate these possibilities. Investigating and making recommendations to management on procedural changes and policies are a key role for computer security professionals. Figure 1.18 depicts some examples of internal and external threats.
Figure 1.18: Internal and external threats in an organization
involve financial abuses. Some of these
Another incident involved an employee who was using corporate computer resources to
During the investigation, the process used to collect evidence inadvertently tainted it. The chain of evidence in this case was broken. When the employee went to court over this situation, his attorney was able to have the evidence thrown out of
He then sued the company for wrongful
Many of the internal threats that a company must deal with have procedures and methods that are standard across industries.
, on the other hand, are increasing at an alarming rate. A few years ago, most of the computer incidents occurred by groups of
Today, many companies use online databases, take orders, process payments, track shipments, manage inventory, and manage other key information using complicated systems. These systems are connected to other systems that contain private corporate records, trade secrets, strategic plans, and many other types of valuable information.
Unfortunately, when these systems are compromised, an entire business can be compromised. Incidents have occurred where security breaches remained
Early methods of cracking systems were primitive and labor intensive. Today, software packages exist that find targets automatically and then systematically attack the target to find its vulnerabilities. Many of these tools use graphical
The job of a computer security professional in this situation is to detect the attack, find ways to counter it, and assist law-enforcement in investigating the activity. This type of work is very interesting and involves many of the skills that you will learn in this book.
Probably the biggest area of concern that a computer security specialist will have revolves around the security capabilities of the software and systems used in the business. Until recently, many operating systems manufacturers only paid lip service to security. One very popular operating system used a logon and password scheme for security. When the logon prompt occurred, all you had to do was hit the cancel button and the system would provide most of the network capabilities and local access to all resources. If the screen saver was password protected, you either had to enter the password to unlock the system or reboot it to have the system be unsecure. This was worst than having no security. Many users thought this
The TCP/IP (Transfer Control Protocol/Internet Protocol) network protocol, used by most corporate networks, was designed to allow communications in a trustful environment. This protocol was primarily experimental and used by schools and governmental agencies for research. While it is very robust in its error handling, it is by its very nature unsecured. Many modern network attacks occur through the TCP/IP protocol. Chapter 2, "Know Your Enemy," discusses TCP/IP and the security issues associated with it. Unfortunately, TCP/IP is more secure than many of the protocols still installed on PC networks today.
Operating systems and applications programs have long been vulnerable to external and internal attacks. Software companies want to sell software that is easy to use, graphically driven, and easily configured. Users want the same thing. Unfortunately, this creates additional security problems in many networks.
One of the most popular products in use today allows e-mail and attachments to start executing programs or instructions embedded in a message. This allows e-mail messages to have fancy formatting, but it also allows e-
Many operating system manufacturers are completely rethinking security measures. They have recognized that the products they produce cannot protect the companies that use them from data loss or abuse. It has become such a major problem for many customers that security support is now becoming available by most operating system and network software manufacturers. In the past, security vulnerabilities were hidden by software manufacturers; now they are being published and solutions are provided as soon as a vulnerability is discovered. This of course helps hackers who know that these changes will not be made on many computer systems for a while.
In a most basic sense, progress is the computer security expert's worst nightmare. As a Security+ holder, you are part of the team that must evaluate threats to the systems currently installed.