Chapter 1. Introduction to Network Protection
When was the last time you used a computer that was not connected to a network? I am not talking about using your laptop on an airplane. That is a planned disconnection from the network, and we can copy necessary information to the machine before we disconnect. We are talking about getting to a hotel room only to discover that they do not have a high-speed Internet connection or a data port on the phone (and the phone cable is connected using screws , inside the phone!); about moving into a new house before you get the cable modem or DSL line installed; about the network going down unexpectedly. Remember that feeling of helplessness? That feeling that the computer in front of you is just a pile of useless plastics and silicon, more useful as a boat anchor than a business (or entertainment) tool.
In today's environment, a computer that is not connected to the network is about as useful as a car without gasoline. It is pretty. The stereo still makes cool soundsuntil the battery dies. The seats even lean back, but the car does not exactly do very much.
A computer today is only as useful as the network(s) it is attached to. This book is about how to protect the network and the computers attached to it so that you, its rightful owner or operator, can get maximum benefit out of it. In the end, information technology is most valuable when it is used to aggregate data from multiple sources, perform some really interesting task with that data, and then share it with someone else. The infrastructure that makes this all happen is the network. Several years ago, Microsoft launched a marketing campaign themed around the "Digital Nervous System." The digital nervous system was the network. It sounds corny to those of us who do not spend all day thinking about how to sell something, but it does make some sense. The network is what allows data to flow from the place where it is stored to the place where it has some impact. In the end, it is all about data; data that you convert into information and then share in such a way that you get maximum benefit from it. Network protection is about ensuring that the infrastructure where all this happens is available, that data and information does not leak into the wrong hands, and that the data and information arrives at its destination intact.
When we first proposed this book, someone asked, "So, is it a book about how to build a secure network?" Our answer was no. Network security as an end state is a pipe dream, an impossible reality that we cannot attain. We constantly get asked how to make a network secure, but that really is the wrong question to ask. The concept of "security" denotes some finite state, some end goal. "Security" is defined as "freedom from risk or danger; safety." It is obvious that "security" in computers can never attain this lofty goal. Computer security is more "management of risk." In fact, is secure or security the right word to even use? Nothing is truly secure or has security if we look at the true definition. Secure means you can stop working because the network is now secure. Network security is a process, a task description, not an end state. Put another way, security is a journey, not a destination. Therefore, we like to talk about network protection as the goal, and network security as a task description. The task (as shown in Figure 1-1) is to detect problems and, preferably before someone else does, respond to those problems in a way that prevents them from becoming security vulnerabilities. At that point, the process repeats, and we look for more problems to prevent.
Figure 1-1. The security process.
NOTE: Note that this book is about the broader area of network security, not the more narrowly defined "distributed systems security." A distributed system is one where systems cooperatively share processing and data in order to appear to the user as a single systemin essence, abstracting a lot of the implementation details of the network design from the user. Distributed systems were popular in the 1990s, and we still get asked about the concept. Network security is a broader topic, because the network includes a lot more components . In addition, distributed systems lead to some interesting security problems that we address in more detail in Chapter 8, "Security Dependencies."
We often get asked the "big question" as our colleague Ben Smith calls it: Is my network secure? Contrary to Ben, however, we have not been able to make an entire 75-minute presentation out of it, because the answer is so simple: No. Your network is not secure. The state of being secure is typically considered an absolute. Consider the corollary: Can someone break into our network? Obviously, if the answer to that is no, your network is secure. The problem is that you can never conclusively answer no to that question, and because that is the bar we use for measuring whether something is secure, you will never have a secure network. You may have a "secure enough" network though. For the time being, know that we are aiming to protect the network, to have good enough security for our purposes. What does that mean? Well, it could mean a lot of things. One way to look at it is by comparing it to a car alarm. Does a car alarm make it harder to steal a car? No, not really. Even ignition killers can be bypassed easily by those who know what they are doing. Does it prevent theft? Well, that depends. If you have an alarm but the car next to you does not, it is likely that a thief may just steal the car next to yours (unless he really wants yours). It is kind of like the old story about a camping trip. Two guys are sitting by the fire and one of them asks what they will do if a bear comes. The other guy says, "That's why I am wearing sneakers." The first guy asks, "Do you really think you can outrun a bear though?" The second responds, "No, but I don't need to. I just need to outrun you!" In some cases, it is simply enough to be a more difficult target than someone else!
As long as people are not out to get you specifically , if you protect your network sufficiently, it is likely that the attackers will attack a network that is less secure, unless they really want something on your network. So, we face two challenges: protecting our network from the casual attacker or virus that does not care which network it destroys, and protecting our network from the determined attacker who wants your information. The latter is definitely much more difficult. However, if you take some fundamental steps, you will have accomplished the former as well as make the job of the determined attacker much harder. This frees you up to focus on the rest of the job, which is staying far enough ahead of the determined attacker so your network, and the data on it, remains protected. In a sense, protection is like temporal security. It makes sure that you are secure until the bad guys learn enough to break down your defenses. At that time, you had better have additional defenses in place.