Modified by: Masud-Ul-Hasan and Ahmad Al-Yamani 1 Chapter 12 Network Security

Modified by: Masud-Ul-Hasan and Ahmad Al-Yamani 1

Chapter 12

Network Security

Modified by: Masud-ul-Hasan and Ahmad Al-Yamani 2

ObjectivesUnderstand the many processes involved

with the development of a comprehensive security policy and security architecture.

Understand the importance of a well-developed and implemented security policy and associated people processes to effective security technology implementation.

Understand the concepts, protocols, etc. related to Virus Protection, firewalls, authentication, and encryption.


Business Impact

Impact on business when network security is violated by on-line thieves ?According to federal law enforcement estimates

in USA, more than $ 10 billion worth of data is stolen annually in the US only.

In a single incident, 60,000 credit and calling card numbers were stolen.

50 % of computer crimes are committed by a company’s current or ex-employees.


Security Policy Development Life Cycle

Identify business related security issues

Analyze security risks, threats, and

vulnerabilities

Design the security architecture and the

associated processes

Implement security technology and

processes

Audit impact of security technology and

processes

Evaluate effectiveness of current architectures

and policies

A method for the development of a comprehensive network security policy is known as SPDLC.


Identification of Business-related security issues

It is security requirement assessment.What do we have to lose?What do we have worth stealing?Where are the security holes in our business processes?

How much can we afford to lose?How much can we afford to spend on network security?


Analysis of Risks, Threats, Vulnerabilities

Information asset evaluation – what is worth protecting ?

Network architecture documentation – What is the current state of the network?

How many unauthorized modems are dialing in?

Identify all assets, threats and vulnerabilities.Determine risks and create protective measures.


Architecture and Process Design

Logical design of security architecture and

associated processes.

What must be the required functionality of the

implemented technology?

What business processes implemented and

monitored by people must match this security

architecture?


Security Technology and Process Implementation

Choose security technology based on logical design requirements.

Implement all security technology with complementary people process.

Increase overall awareness of network security and implement training.

Design ongoing education process for all employees including senior management.


Audit Impact of Security Technology & Processes

Ensure that implemented policy and

technology are meeting initial goals.

Institute a method to identify exceptions to

security policy standards and deal with these

exceptions swiftly.


Evaluate effectiveness of Current Architecture and Processes

Based on results of ongoing audits,

evaluate effectiveness of current policy and

architecture of meeting high-level goals.

Adjust policy and architecture as required

and renew the cycle.


Security Requirements Assessment (SRA)

Proper SRA implies that appropriate security

processes and technology have been applied

for any given users or group’s access to or

from any potential corporate information

resource.


Scope Definition and Feasibility Studies

Before proceeding blindly with a security policy development project, it is important to properly define the scope or limitations of the project.

The feasibility study provides an opportunity to gain vital information on the difficulty of the security policy development process as well as the assets (human and financial) required to maintain such a process.

One of the key issues is deciding on the balance between security and productivity.


Security vs. Productivity Balance

High risk

Low cost

Open access

No productivity loss

Open access may lead to data

loss or data integrity problems

which may lead to productivity

loss.

Lack of security may

ultimately have

negative impact on

productivity

No productivity loss

occurs from access

restrictions

SECURITYPRODUCTIVITY

Lack of Security



High cost

Low risk

Restrictive access

Productivity loss

Over restrictive security may

lead to noncompliance with

security processes which may

lead to loss of security


Over restrictive

security causes

productivity decline

Security needs take

priority over user

access

Over Restrictive Security



Balanced risk and costs

Restrictiveness of security

policy balanced by people's

acceptance of those policies


Minimize negative

impact on

productivity

Maximize security

processes

BALANCE

Optimal Balance of Security and Productivity


Network Security Policy



How to define the balance between security

and productivity?

Identify assets

Identify threats

Identify vulnerabilities

Consider the risks

Identify risk domains

Take protective measures


Data/Information ClassificationUnclassified/Public

Information having no restrictions as to storage, transmission, or distribution.

SensitiveInformation whose release could not cause

damage to corporation but could cause potential embarrassment or measurable harm to individuals, e.g. salaries & benefits of employees.

ConfidentialInformation whose release could cause

measurable damage to the corporation, e.g. corporate strategic plans, contracts.


Data/Information Classification

SecretInformation whose release could cause serious

damage to a corporation. E.g., trade secrets, engineering diagrams, etc.

Top secretInformation whose release could cause severe

or permanent damage. Release of such information could literally put a company out of business. Secret formulas for key products would be considered top secret.


Assets

Corporate property of some value that require varying degrees of protection.

Assets needed network security are:Corporate data (highest priority)Network hardwareSoftwareMedia to transport data


ThreatsProcesses or people that pose a potential

danger to identified assets, can be:Intentional or unintentional, natural, or man-made.

Network related threats include:HackersFiresFloodsPower failuresEquipment failuresDishonest employeesIncompetent employees


Vulnerabilities Manner or path by which threats are able to attack

assets. Can be thought of as weak links in overall security

architecture and should be identified for every potential threat/asset combination.

Vulnerabilities that have been identified can be blocked.

After identifying vulnerabilities, the questions are: How should a network analyst proceed in developing

defenses to these vulnerabilities? Which vulnerabilities should be dealt with first? How can a network analyst determine an objective means

to prioritize vulnerabilities?


RisksProbability of a particular threat successfully

attacking a particular asset in a given amount of time via particular vulnerability.

By considering the risk, network analysts are able to quantify/calculate the relative importance of threats and vulnerabilities.


ASSET THREAT

VULNERABILITY

RISK

PROTECTIVE MEASURES

GOLDMAN & RAWLES: ADC3e FIG. 13-07

Assets, Risks, ProtectionMultiple protective measures

may need to be established between given threat/asset combinations.


Protective measures

There might exist multiple vulnerabilities (paths) between a given asset and a given threat So multiple protective measures need to be established

between given threat/asset combinations

Major categories of potential protective measures Virus protection Firewalls Authentication Encryption Intrusion Detection


Threats and Protective Measures

camouflage

Spying/listen in

A common technique spammers use is to configure the From line in an e-mail message to hide the sender's identity.

Modification of data through unauthorized means (e.g., while entering the data)

Trying every word in dictionary as a possible password.

attacker is able to read, insert and modify messages b/w two parties

Computer program masquerading as a game or any “cute” program. However, when it runs it does something else - like erasing the hard drive or blocking the screen with a graphic that will not go away.

Form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed by someone who intercepts the data and retransmits it, possibly as part of a masquerade attack

A generic class of attacks where a host, or a segment, or an entire network is brought down and becomes unusable by legitimate users.


Once policies have been developed, it is up to everyone to support those policies in their own way.

Having been included in the policy development process, users should also be expected to actively support the implemented acceptable use policies.

Threats and Protective Measures


Executive’s Responsibilities


Management's Responsibilities


Acceptable Use Policy Development


User’s Responsibilities


Virus Protection

Virus protection is often the first area of network security addressed by individuals or corporations.

A comprehensive virus protection plan must combine policy, people, processes, and technology to be effective.

Too often, virus protection is thought to be a technology-based quick fix.


Most common microcomputer security violation.

90% of the organizations surveyed with 500 or more

PCs experience at least one virus incident per month.

Complete recovery from a virus infections costs and

average of $8300 and over a period of 22 working

days.

In Jan 1998, there were over 16,000 known viruses,

with as many as 200 new viruses appearing per month.

Virus Protection


Virus Categories Virus symptoms, methods of infection, and outbreak mechanisms can vary widely, but all viruses share a few common behaviors.

Most viruses work by infecting other legitimate programs and causing them to become destructive or disrupt the system.

Most viruses use some type of replication method to get the virus to spread and infect other programs, systems, or networks.

Most viruses need some sort of trigger or activation mechanism to set them off. Viruses may remain dormant and undetected for long periods.


Virus Categories Some viruses have a delayed action, which is sometimes called a bomb. E.g., a virus might display a message on a specific day or wait until it has infected a certain number of hosts.

Two main typesTime bombs: A time bomb occurs during a

particular date or time.Logic bombs: A logic bomb occurs when the user

of a computer takes an action that triggers the bomb. E.g., run a file, etc.


Virus CategoriesFile infectors: attack the executable, or program files.

System/boot infectors: changes the MBR-Master Boot Record an area containing all statements to load the operating system.

Multipartite viruses: also multi-part, attack both the boot sector and the executable, or program files at the same time.

Hostile applets: Java applets that consume resources in rude or malicious ways, so that either all the CPU or memory resources of the computer are consumed.

E-mail viruses: e-mail attachments with spam.

Cluster/File system viruses: changes the system's FAT-File Allocation Table an index of names and addresses of files.


Antivirus Strategies (AS) Effective AS must include

PolicyProceduresTechnology

AS Policies and Procedures Identify virus infection vulnerabilities and design protective

measures. Install virus scanning software at all points of attacks.All diskettes must be scanned at a stand-alone scanning

PC before being loaded onto network attached clients or servers.

All consultants and third party contractors should be prohibited from attaching their notebook computers to the corporate network without scanning.


All vendors must run demos on their own

equipment.

Shareware/downloaded software should be

prohibited or controlled and scanned.

All diagnostic and reference diskettes must be

scanned before use.

Write protect all diskettes with .exe, .com files.

Create a master boot record that disables write to

hard drive when booting from a diskette, etc.

AS Policies and Procedures


AS Antivirus Technology

Viruses can attack Locally or remotely attached client platforms

Server platforms

Entrance to the corporate network via the

Internet

At each entrance point, viruses must be

detected and removed.



Virus Scanning is the primary method for successful

detection and removal.

Software most often works off a library of known

viruses.

Purchase antivirus software which updates virus

signatures at least twice per month.

Typically, vendors update virus signatures files every

4 hours, with hourly updates expected in near future.


AS Antivirus Technology Emulation technology attempts to detect as yet

unknown viruses by running programs with a software emulation program known as a virtual PC.

Execution program can be examined in a safe environment for any unusual behavior of other tell-tale symptoms of resident viruses.

Proactive rather than reactive. Advantage: identification of potentially unknown

viruses based on their behavior rather than by relying on identifiable signatures of known viruses.



Such programs are also capable of trapping encrypted or polymorphic viruses that are capable of constantly changing their identities or signatures.

Some of these programs are also self-learningKnowledge of virus-like activity increases with

experience.


AS Antivirus Technology CRC checkers or Hashing checkers create and save

unique cyclical redundancy check character or hashing number for each file to be monitored.

Each time the file is saved, the new CRC is checked against the reference CRC.

If CRCs are different file has changed A program evaluates changes to determine a

likelihood that changes were caused by a viral infection.

Disadvantage: able to detect viruses after infection, which may already be too late.

Decoys: files that are allowed to be infected to detect and report on virus activity.



Active content monitor to identify viruses and malicious content such as

Java applets or Active X controls that may be introduced via Internet connectivity.

Able to examine transmission from the Internet in real time and identify known malicious content based on definition librariescontents of reference


Router

Point of Attack: Client PC Vulnerabilities

Infected diskettes Groupware conferences with infected documents

Protective Measures Strict diskette scanning policy Autoscan at system start-up

Point of Attack: Internet Access Vulnerabilities

Downloaded viruses Downloaded hostile agents

Protective Measures Firewalls User education about the dangers of downloading

Point of Attack: Server Vulnerabilities

Infected documents stored by attached clients Infected documents replicated from other groupware servers

Protective Measures Autoscan run at least once a day Consider active monitoring virus checking before allowing programs to be loaded onto server Rigorous backup in case of major outbreak Audit logs to track down sources

Point of Attack: Remote Access Users Vulnerabilities

Frequent up/downloading of data and use of diskettes increase risk Linking to customer sites increases risk

Protective Measures Strict diskette scanning policy Strict policy about the connection to corporate networks after linking to other sites.

INTERNET

hub

Client PC

Remote Access Users

Server


Firewalls When a company links to the Internet, a two-way

access point, out of as well as into that company’s confidential information is created.

To prevent unauthorized access from the Internet to company’s confidential data, firewall is deployed.

Firewall runs on dedicated server that is connected to, but outside of, the corporate network.

All network packets are filtered/examined for authorized access.

Firewall provides a layer of isolation between inside network and the outside network.


FirewallsDoes it provide full protection? No !!, if

Dial-up modems access remains uncontrolled or unmonitored.

Incorrectly implemented firewalls may introduce new loopholes.


Firewall Architectures

No standards for firewall functionality, architectures, or interoperability.

As a result, user must be especially aware of how firewalls work to evaluate potential firewall technology purchase.

Three architectures Packet FilteringApplication Gateways

Circuit-level Gateways

Internal Firewalls


Packet Filtering Every packet of data on the Internet is uniquely

identified by the source and destination addresses. E.g., addresses in the header

Filter is a program that examines the source and destination addresses of all incoming packets to the firewall server.

Filter tables are list of addresses whose data packets and embedded messages are either allowed or prohibited from proceeding through the firewall server and into the corporate network.

It is based on user-defined rules. Also called as port level filter or network level filter.


Packet Filtering Routers are also capable of filtering packets-means

an existing piece of technology can be used for dual purposes.

Dedicated packet-filtering firewalls are usually easier to configure and require less in-depth knowledge of protocols to be filtered or examined.

But maintaining filter tables and access rules on multiple routers is not a simple task.

Packet filtering has limitations in terms of level of security it provides. IP spoofing is used by hackers to breach packet filters. Since packet filters make all filtering decisions based on IP

source and destination addresses, if a hacker can make a packet appear to come from an authorized or trusted IP address, then it can pass through the firewall.


Packet Filtering


Application Level Filters (ALFs) Also known as

Application gateways Assured pipelines Proxies

Go beyond port level filters in their attempts to prevent unauthorized access.

Port level filters determine the legality of the party asking for information.

ALFs ensure the validity of what they are asking for in addition to who is making that request.

Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.


Circuit Level Filters Applies security mechanisms when a TCP or UDP

connection is established. Once the connection has been made, packets can flow between the hosts without further checking.

Socks creates a proxy data channel to the application server on behalf of the application client.

Socks can control traffic by disabling or enabling communication according to TCP port numbers. Sock4 – allows outgoing firewall applications. Sock5 – supports both incoming and outgoing firewall

applications as well as authentication.


Application Gateway


Dual-Homed Gateway Both application gateway & packet-filtering router are

used in dual-homed gateway for increased security . Application gateway is physically connected to the

private secure network & the packet-filtering router is connected to the non-secure network or the Internet.

Between the application gateway and the packet-filtering router is an area known as the screened subnet.

Also attached to this screened subnet are information servers, WWW servers, or other servers that the company may wish to make available to outside users. However, all outside traffic still goes through the application gateway first, and then to the information servers.


Dual-Homed Gateway


Trusted Gateway

In this, certain applications are identified as trusted and are able to bypass the application gateway entirely and establish connections directly rather than be executed by proxy.

In this way, outside users can access information servers and WWW servers without tying up the proxy applications on the application gateway.


Trusted Gateway


Internal Firewalls Internal firewalls – the need

60% of the network attacks are made by internal users. Dissatisfied employees, former employees etc. are

responsible for different incidents of network hacking. 30% of Internet sites that reported breaches had firewalls in

place.

Internal firewalls are a new category of software to handle internal attacks.Packet filtering works primarily at the network layer. Circuit filtering works at the transport layer. Application filtering works at the application layer.


DMZ There are times that an organization wants remote

users to have access to items on their network. E.g., Web site Online business FTP download and upload area

In cases like this, better to create a (Demilitarized Zone) DMZ. It is really just an area that is outside the firewall.

Think of DMZ as the front yard of your house. It belongs to you and you may put some things there, but you would put anything valuable inside the house where it can be properly secured.


Firewall – Behind DMZ


Firewall – In front of DMZ


Firewall – Multi-tiered


Proxy Server The word “proxy” means “one who is authorized to act on

behalf of another”. A proxy server is a special type of firewall which acts on behalf

of many individual users in screening network traffic into, and out of, a company's network.

Typically, an Internet proxy server is used to gather all user requests, forward them out to the Internet, receive the responses, and in turn forward them to the originating requester.

To the individual user, the proxy server is invisible, that is, all Internet requests and returned responses appear to be directly with the Internet server addressed via a specified URL. To the external world, a proxy server appears as a single network user submitting requests, and advertises only one network address on behalf of many local users.


Proxy Server A proxy server provides two distinct firewall services. First, it limits the Internet services to which users of a

company's network may access. E.g., a company's security policy may dictate that corporate network users are allowed e-mail and web access, while prohibiting file transfer capabilities.

Second, the proxy server limits a company's network appearance to the outside world by masking internal address schemes, thereby minimizing hacker access to a company's internal resources.

Proxy servers can also make Internet access more efficient. If a page is accessed on a Web site, it is cached (stored) on the proxy server. This means that the next time when that page is accessed again, it normally doesn't have to load again from the Web site. Instead it loads instantaneously from the proxy server.


Authentication and Access Control The overall purpose of Authentication is to ensure that

users attempting to gain access to networks are really who they claim to be.

Password protection was the traditional means to ensure authentication.

Password protection is no longer sufficient. More is needed.

A wide variety of Authentication Technology (AT) has been developed to ensure that users really are who they say they are.

Products fall into three main categories.


Three categories are:1. What you know: AT that delivers single sign-on

(SSO) access to multiple network-attached servers and resources via passwords. PassGo SSO from Axent Technologies Global Sign On from IBM

2. What you have: AT that uses one-time or one-session passwords to authenticate user. This AT requires the user to possess some type of smart card or other token authentication device to generate these single use passwords.

3. What you are: AT that validates users based on some physical characteristic such as finger prints, hand geometry, retinal scans etc.

Authentication and Access Control


1. Single Sign-On (SSO) Single sign-on (SSO) - also sometimes known as

secure single sign-on (SSSO), allows users to log into the enterprise network and authenticated from their client PC location.

It is not necessary for users to remember a variety of different user Ids and passwords to the numerous different enterprise servers from which they may request services.

Since this is the single entry point onto the enterprise network for users, log auditing software can be used to keep non-repudiable records of all activities and transactions.


Single Point of Registration (SPR) Single point of registration (SPR) - allows a

network security manager to enter a new user (or delete a terminated user) from a single centralized location.

He can assign all associated rights, privileges, and access control to enterprise resources from this single point rather than having to enter this new user's information on multiple resources distributed throughout the enterprise.


Secure HTTP (SHTTP) Secure HTTP is a secure version of HTTP that

requires both client and server S-HTTP versions to be installed for secure end-to-end encrypted transmission.

Based on public key encryption, providing security at the document or application level since it works with the actual HTTP applications to secure documents and messages.

Uses digital signature encryption to assure that the document possesses both authenticity and message integrity.

SSL is designed to establish a secure connection between two computers, S-HTTP is designed to send individual messages securely.


Secure Sockets Layer (SSL) Described as wrapping an encrypted envelope around HTTP

transmissions. Whereas S-HTTP can only be used to encrypt web documents, SSL can be wrapped around other Internet service transmissions such as FTP, and Telnet as well as HTTP.

SSL is a connection-level encryption method providing security to the network link itself.

Used for transmitting private documents via the Internet. SSL uses a cryptographic system that uses two keys to encrypt data − a public key known to everyone and a private or secret key known only to the recipient of the message.

Many web sites use it to obtain confidential user information, such as credit card numbers, etc.


Single Access Control View

Single access control view - allows the user's access from their client workstation to only display those resources that the user actually has access to.

Any differences between server platforms should be shielded from the user. The user should not need to memorize different commands or control interfaces for the variety of enterprise servers that a user may need to access.


2.Token Authentication (TAu)–Smart Cards This technology provides one-time-use session

passwords that are authenticated by associated

server software. TAu may be of multiple forms: Hardware based smart cards that are about the size of a

credit card with a numeric keypad.

In-line TAu devices that connect to the serial port of a

computer for dial-in authentication through a modem.

Software tokens that are installed on client PC and

authenticate with the server portion of the token

authentication product transparently to the end user. PIN is

required to activate authentication process.


Challenge & Response

Terminal Challenges the Smart Card

1. Terminal generates a random number

2. Smart card encrypts it with its key and sends it back to the terminal

3. Terminal decrypts it with its own key. If the number is same as it is generated by the terminal’s random number generator,It will authenticate the smart card.


Challenge & Response (contd.)

Smart Card Challenges the Terminal 1. Smart card generates a random number2. Terminal

encrypts it with its key and sends it back to the smart card 3. Smart card decrypts it with its own key.

If the number is same as it is generated by the smart card’s random number generator,It will authenticate the terminal.


3. Biometric Authentication (BA) BA can authenticate users based on

finger prints palm prints retinal patterns hand geometry facial geometry voice recognition Other physical characteristics

Not yet perfect or fool proof. False rejects – BA device comparison algorithm configured

very sensitive. False Accepts - BA device comparison algorithm not detailed

enough.


AuthorizationCan be seen as a subset of authentication.Authorization ensures that only properly

authorized users are able to access particular network resources or corporate information resources.

The authorization security software can be either:Server based – also known as brokered

authorization.Work-station based – also known as trusted node.


EncryptionEncryption involves the changing of data into

an impossible to read form before transmission.

If the transmitted data are somehow intercepted, that cannot be interpreted.

The changed, unmeaningful data is known as ciphertext.

Encryption must be accompanied by decryption, or changing the unreadable text back into its original form.


RADIUS (Remote Authentication Dial-In User Service) RADIUS allows network managers to centrally manage remote

access users, access methods, and logon restrictions. A client/server protocol that enables remote access servers to

communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service.

AAA protocol (Authentication, Authorization and Accounting) The RADIUS protocol improves network security by providing a

mechanism for authenticating remote users connecting to the network. It does this by carrying authentication, authorization and configuration information between a Network Access Server (NAS) and a RADIUS server.

A NAS, also known as a Remote Access Server (RAS), is a device that provides an access point to a network for remote users connecting through remote access protocols such as telnet, ftp or PPP.


RADIUS Architecture

Modified by: Masud-ul-Hasan and Ahmad Al-Yamani

Logical System View

PPP IP

RemoteServer

InformationProvider

Workstation Modem

CustomerNAS / RAS

ROUTER

RADIUS AAA SERVER

USER DB

ISP POP

PSTN

Internet


VPN (Virtual Private Network) VPN is a private network that uses a public network

(usually the Internet) to connect remote sites or users together. Instead of using a dedicated connection such as leased line, a VPN uses “virtual” connections routed though the internet.

Tunneling is the transmission of data intended for use only within a private, usually corporate network through a public network in such a way that the routing nodes in the public network are unaware that the transmission is part of a private network.

A

C

D

E

F

G

H IB

Tunnel


Tunneling Protocols and VPN To provide VPN capabilities using the Internet as an enterprise network

backbone, specialized tunneling protocols were developed that could establish private, secure channels between connected systems.

Point-to-Point Tunneling Protocol

Layer 2 Forwarding protocol

Layer 2 Tunneling Protocol


Tunneling Protocols and VPNs

A VPN creates an encrypted tunnel across a public network and passes the data destined for the remote location across the tunnel.

The remote workstation gets a local IP address and appears to all computers on the local network as if it were local.


Kerberos A well-known combination authentication/authorization system

developed at MIT & marketed commercially by many. The name Kerberos comes from Greek mythology; it is the three-

headed dog that guarded the entrance.

Kerberos is designed to enable two parties to exchange private information across an open network.

It works by assigning a unique key, called a ticket, to each user that logs on to the network.

The ticket is then embedded in messages to identify the sender of the message.


Kerberos Architecture consists of three key components

Kerberos client software Kerberos authentication server software Kerberos application server software

To be able to ensure that only authorized users are able to access a particular application, Kerberos must be able to communicate directly with that application.

The source code of the application must be modified to make it compatible with Kerberos. If source code is not available, perhaps software vendors sells Kerberized versions of their software.

Kerberos is not able to offer authorization protection to applications with which it cannot communicate.


Kerberos Users are first authenticated by the Kerberos authentication

server, which consults its database & issue a ticket for the valid user to communicate with the ticket granting software (TGS). This ticket is known as a ticket-granting ticket.

Using this ticket, the user sends an encrypted request to the ticket granting software (TGS) requesting a ticket for access to a particular applications server.

If the TGS determines that the request is valid, a ticket is issued that will allow the user to access the requested server. This ticket is known as a service-granting ticket.

The user presents this ticket to the application server, which evaluates the ticket’s validity. If the application determines that the ticket is valid, a client/server session is established.


Kerberos Architecture


Security Design Strategies

Make sure that router operating system software has been patched.

Identify those information assets that are most critical to the corporation, and protect those servers first.

Implement physical security constraints to hinder physical access to critical resources such as servers.

Monitor system activity logs carefully.


Security Design Strategies Develop a simple, effective, and enforceable

security policy and monitor its implementation. Consider installing a proxy server or applications

layer firewall. Block incoming DNS queries and requests for zone

transfers. Don’t publish the corporation’s complete DNS map

on DNS servers that are outside the firewall. Disable all non essential TCP ports and services.


Security Design Strategies

Install only software and hardware that you really need on the network.

Allow only essential traffic into and out of the corporate network and eliminate all other types by blocking with routers or firewalls.

Investigate the business case for outsourcing Web-hosting services so that the corporate Web server is not physically on the same network as the rest of the corporate information assets.

Use routers to filter traffic by IP address.


Government ImpactGovernment agencies play a major role in the

area of network security. The two primary functions of these various

government agencies are:Standards-making organizations that set

standards for the design, implementation, and certification of security technology and systems.

Regulatory agencies that control the export of security technology to a company’s international locations.

Documents

Modified by: Masud-Ul-Hasan and Ahmad Al-Yamani 1 Chapter 12 Network Security