As you plan your network, you should implement security technologies that are appropriate for your organization. Addressing these issues early in your Windows 2000 deployment planning ensures that security cannot be breached and that you are ready to provide secure networking facilities when needed. In this lesson, you learn how to implement security on your network.
After this lesson, you will be able to
Estimated lesson time: 35 minutes
Even if you are confident that you have implemented a secure network environment, it is important for you to review your security strategies considering the capabilities of Windows 2000. Some of the new network security technologies in Windows 2000 might cause you to rework your security plan. As you develop your network security plan, you should
Although the ability to share and obtain information is very beneficial, it also presents numerous security risks, which are described in Table 12.1.
Table 12.1 Network Security Risks
|Identity interception||The intruder discovers the user name and password of a valid user. This can occur by a variety of methods, both social and technical.|
|Masquerade||An unauthorized user pretends to be a valid user. For example, a user assumes the Internet Protocol (IP) address of a trusted system and uses it to gain the access rights that are granted to the impersonated device or system.|
|Replay attack||The intruder records a network exchange between a user and a server and plays it back at a later time to impersonate the user.|
|Data interception||If data is moved across the network as plaintext, unauthorized persons can monitor and capture the data.|
|Manipulation||The intruder causes network data to be modified or corrupted. Unencrypted network financial transactions are vulnerable to manipulation. Viruses can corrupt network data.|
|Repudiation||Network-based business and financial transactions are compromised if the recipient of the transaction cannot be certain who sent the message.|
|Macro viruses||Application-specific viruses exploit the macro language of sophisticated documents and spreadsheets.|
|Denial of service||The intruder floods a server with requests that consume system resources and either crash the server or prevent useful work from being done. Crashing the server sometimes provides opportunities to penetrate the system.|
|Malicious mobile code||This term refers to malicious code running as an autoexecuted ActiveX control or Java Applet uploaded from the Internet on a Web server.|
|Misuse of privileges||An administrator of a computing system knowingly or mistakenly uses full privileges over the operating system to obtain private data.|
|Trojan horse||This is a general term for a malicious program that masquerades as a desirable and harmless utility.|
|Social engineering attack||Sometimes breaking into a network is as simple as calling new employees, telling them you are from the IT department, and asking them to verify their password for your records.|
Competitors could attempt to gain access to proprietary product information, or unauthorized users could attempt to maliciously modify Web pages or overload computers so that they are unusable. Additionally, employees might access confidential information. It is important to prevent these types of security risks to ensure that your company's business functions proceed undisturbed.
Authentication is the process of identifying users who attempt to connect to a network. Users who are authenticated on the network can utilize network resources based on their access permissions. To provide authentication to network users, you establish user accounts. This is critical for security management. Without authentication, resources such as files are accessible to unauthorized users.
To make sure that only the appropriate people have access to resources and data, you should plan your network security strategies well. This also provides you with accountability because you can track how network resources are used. Figure 12.18 illustrates the primary steps for determining your network security strategies.
Figure 12.18 Primary steps for determining network security strategies
Security technologies need to be deployed and managed by very capable and trustworthy people. They must integrate the entire network and network security infrastructure so that you can eliminate or minimize weaknesses. As the environment and requirements change, they must continually maintain the integrity of the network security infrastructure.
A critical factor for ensuring the success of your network security staff is to be sure they are well trained and kept up to date as technologies change. The staff needs to take time to learn Windows 2000, particularly its network security technologies. They also need to have opportunities to reinforce their training by experimentation and practical application. Windows 2000 security features are described in Table 12.2.
Table 12.2 Windows 2000 Security Features
|Security templates||Allows administrators to set various global and local security settings, including security-sensitive registry values; access controls on files and the registry; and security on system services.|
|Kerberos authentication||The primary security protocol for access within or across Windows 2000 domains. Provides mutual authentication of clients and servers and supports delegation and authorization through proxy mechanisms.|
|Public key infrastructure (PKI)||You can use integrated PKI for strong security in multiple Windows 2000 Internet and enterprise services, including extranet-based communications.|
|Smart card infrastructure||Windows 2000 includes a standard model for connecting smart card readers and cards with computers and device-independent application programming interfaces to enable applications that are smart card-aware.|
|IP Security Protocol (IPSec) management||IPSec supports network-level authentication, data integrity, and encryption to secure intranet, extranet, and Internet Web communications.|
|NT file system (NTFS) encryption||Public key—based NTFS can be enabled on a per-file or per-directory basis.|
Although security technologies can be very effective, security itself combines those technologies with good business and social practices. No matter how advanced and well implemented the technology is, it is only as good as the methods used in employing and managing it.
Distributed network security involves the coordination of many security functions on a computer network to implement an overall security policy. Distributed security enables users to log on to appropriate computer systems and allows them to find and use the information they need. Much of the information on computer networks is available for anyone to read, but only a small group of people is allowed to update it. If the information is sensitive or private, only authorized individuals or groups are allowed to read the files. Protection and privacy of information transferred over public telephone networks, the Internet, and even segments of internal company networks are also a concern.
A typical security plan includes sections like those shown in Table 12.3. However, you should remember that your network security deployment plan could contain additional sections. The following are suggested as a minimum.
Table 12.3 Network Security Plan Sections
|Section in the plan||Description|
|Security risks||Enumerates the types of security hazards that affect your enterprise.|
|Security strategies||Describes the general security strategies necessary to meet the risks.|
|PKI policies||Includes your plans for deploying certification authorities for internal and external security features.|
|Security group descriptions||Includes descriptions of security groups and their relationship to one another. This section maps group policies to security groups.|
|Group Policy||Includes how you configure security Group Policy settings, such as network password policies.|
|Network logon and authentication strategies||Includes authentication strategies for logging on to the network and for using remote access and smart card to log on.|
|Information security strategies||Includes how you implement information security solutions, such as secure e-mail and secure Web communications.|
|Administrative policies||Includes policies for delegation of administrative tasks and monitoring of audit logs to detect suspicious activity.|
Additionally, your organization might need more than one security plan. The amount of plans you have depends on the scope of your deployment. An international organization might need separate plans for each of its major subdivisions or locations, whereas a regional organization might need only one plan. Organizations with distinct policies for different user groups might need a network security plan for each group.
You should always test and revise your network security plans by using test labs that represent the computing environments for your organization. In addition, you should conduct pilot programs to further test and refine your network security plans.
Today, most organizations want their computer infrastructure connected to the Internet because it provides valuable services to their staff and customers. A connection to the Internet allows your organization's staff to use e-mail to communicate with people around the world and to obtain information and files from a vast number of sources. It also allows your customers to obtain information and services from your organization at any time. In addition, your organization's staff can use company resources from home, hotels, or anywhere else they might be, and partners can use special facilities to allow them to work more effectively with your company. However, the services made available through Internet connection can be misused, which makes it necessary to employ network security strategies.
To secure your organization's network for access to and from the Internet, you need to put a firewall between the two, as illustrated in Figure 12.19. The firewall provides connectivity to the Internet for company staff while minimizing the risks that connectivity introduces. At the same time, it prevents access to computers on your network from the Internet, except for those computers authorized to have such access.
Figure 12.19 Firewall
A firewall employs packet filtering to allow or disallow the flow of very specific types of network traffic. IP packet filtering provides a way for you to define precisely what IP traffic is allowed to cross the firewall. IP packet filtering is important when you connect private intranets to public networks like the Internet. Many firewalls are also capable of detecting and defending against complex attacks.
Firewalls often act as proxy servers or routers because they forward traffic between a private network and a public network. The firewall or proxy server software examines all network packets on each interface to determine their intended address. If they meet specified criteria, the packets are forwarded to the recipient on the other network interface. The firewall may simply route packets, or it may act as a proxy server and translate the IP addresses on the private network.
Microsoft Proxy Server provides both proxy server and some firewall functions. Proxy Server runs on Windows 2000, and both need to be configured properly to provide full network security. If you have a version of Proxy Server earlier than 2.0 with Service Pack 1, you need to upgrade it for Windows 2000 compatibility when you upgrade the server to Windows 2000.
In many cases, the volume of traffic between a company network and the Internet is more than one proxy server can handle. In these situations, you can use multiple proxy servers; the traffic is coordinated among them automatically. For users on both the Internet and intranet sides, there appears to be only one proxy server.
Procedures for using Microsoft Proxy Server are included with the product. For more information about Microsoft Proxy Server and for details about Microsoft security technologies, go to the Web Resources page at http://www.microsoft.com/windows2000/library/resources/reskit/WebResources/default.asp.
When you have a proxy server in place, complete with monitoring facilities and properly prepared staff, you can connect your network to an external network. You need only to be confident that the services you have authorized are available, and the risk for misuse is almost nonexistent. This environment requires diligent monitoring and maintenance, but you will also be ready to consider providing other secure networking services.
You should plan security strategies to make sure that only the appropriate people have access to resources and data on your network. In addition, you should implement security technologies that are appropriate for your organization. Always test and revise your network security plans by testing them in simulated environments that represent the computing environments for your organization. You can implement a firewall to secure your organization's network for access to and from the Internet. Microsoft Proxy Server provides both proxy server and firewall functions running with Windows 2000 Server.