Quản trị mạng - Chapter 9: Managing a secure network
The security policy is an integral component of an
organization’s network security design and
implementation. It answers questions about what assets
are to be protected and how to protect them.
• A security policy typically consists of a goverming policy, a
technical policy, and an end-user policy.
• Standards, guidelines, and procedures contain the details
degined in the policies.
• The policy should set out the various roles and
responsibilities among the IT professionals.
• A securiy awareness program is necessary to ensure all
employees within an organization are aware of and adhere
to the security policies
82 trang |
Chia sẻ: nguyenlam99 | Lượt xem: 775 | Lượt tải: 0
Bạn đang xem trước 20 trang tài liệu Quản trị mạng - Chapter 9: Managing a secure network, để xem tài liệu hoàn chỉnh bạn click vào nút DOWNLOAD ở trên
Chapter 9- Managing a Secure Network
CCNA Security
Objectives
• Describle the principles of secure network design.
• Describle threat identificaion and risk analysis.
• Describle risk managenment and risk avoidance.
• Describle the Cisco SecureX architecture.
• Describle operation security.
• Describle network security testing tools and techniques.
• Describle business continuity and disaster recovery.
• Describle the system development life cycle concept and its
application to a secure network life cycle.
• Describle the purpose and function of a network security policy
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Introduction
• To help simplify network design, it is
recommended that all security mechanisms come
from a single vendor.
• The Cisco SecureX architecture is a
comprehensive, end-to-end solution for network
security that includes solutions to secure the
network, email, web, access, mobile users and
data center resources.
Ensuring a Network is Secure
• Mitigating network attacks requires a
comprehensive, end-to-end approach:
• Secure network devices with AAA, SSH, role-
based CLI, syslog, SNMP, and NTP.
• Secure services using AutoSecure and CCP
one-step lockdown.
• Protect network endpoints (such as
workstations and servers) against viruses,
Trojan Horses, and worms, with Cisco NAC
and Cisco IronPort.
Ensuring a Network is Secure
• Use Cisco IOS Firewall and accompanying
ACLs to secure resources internally while
protecting those resources from outside
attacks.
• Supplement Cisco IOS Firewall with Cisco IPS
technology to evaluate traffic using an attack
signature database.
• Protect the LAN by following Layer 2 and
VLAN recommended practices and by using a
variety of technologies, including BPDU
guard, root guard, PortFast, and SPAN.
Ensuring a Network is Secure
• When developing security policies, several
questions must be answered:
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Ensuring a Network is Secure
1. Business needs
2. Threat identification
3. Risk analysis
Refer to 9.1.1.1
4. Security needs
5. Industry-recommended practices
6. Security operations
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Ensuring a Network is Secure
• Many security assumptions are made when
designing and implementing a secure
network.
• There are guidelines to help you avoid
making wrong assumptions: Refer to 9.1.1.2
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Ensuring a Network is Secure
1. Expect that any aspect of a security system might
fail.
2. Identify any elements that fail-open.
3. Try to identify all attack possibilities.
4. Evaluate the probability of exploitation.
5. Assume that people will make mistakes.
6. Attackers will not use common and well-established
techniques to compromise a system.
7. Check all assumptions with other people.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Threat Identification and Risk Analysis
1.What are the possible vulnerabilities of a
When identifying threats, it is important to ask two
questions:
system?
2.What are the consequences if system
vulnerabilities are exploited?
Threat Identification – Bank Scenario
Internal system compromise Insider attack on the system
Identified ThreatsRefer to 9.1.2.1
Stolen customer data
Phony transactions Data Input errors
Data Center Destruction
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Risk Analysis
• Evaluate each threat to determine its severity and
probability
• Quantitative Risk Analysis uses a mathematical model
• Qualitative Risk Analysis uses a scenario-based model
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Refer to 9.1.2.2
Risk Analysis
1. Internal system compromise
2.
The first step in developing a risk analysis is to evaluate
each threat to determine its severity and probability
Refer to 9.1.2.2
Stolen customer data
3. Phony transactions if external server is breached
4. Phony transactions using a stolen customer PIN or
smart card
5. Insider attack on the system
6. Data input errors
7. Data center destruction
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Quantitative Risk Analysis
• Asset Value (AV) is the cost of an individual asset.
• Exposure Factor (EF) is the loss, represented as a percentage, that a
realized threat could have on an asset.
• Single Loss Expectancy (SLE) is the result of AV * EF, or the cost of a
single instance of a threat.
Refer to 9.1.2.3
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Annualized Rate of Occurrence
• Annualized Rate of Occurrence (ARO) - estimated
frequency that a threat is expected to occur.
• Single Loss Expectancy (SLE)
• Annualized Loss Expectancy (ALE) - expected financial
loss that an individual threat will cause an organization.
Refer to 9.1.2.4
ALE = SLE *ARO
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Threat Identification and Risk Analysis
Refer to 9.1.2.5
Ways to Handle Risk
1.Risk management
Refer to 9.1.3.1
2.Risk avoidance
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Risk Management Scenario
1. Internal system compromise
Keep in mind that not all mitigation techniques are
implemented based on the risk versus cost formula used in
the quantitative risk analysis:
Refer to 9.1.3.2
2. Stolen customer data
3. Phony transactions if external server is broken into
4. Phony transactions if customer PIN or smart card is
stolen
5. Insider attack on the system
6. Data input error
7. Data Center destruction
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Risk Avoidance Scenario
Using the risk avoidance approach, a company would
decide not to offer e-banking service at all because it
would be deemed too risky.
Refer to 9.1.3.3
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Introducing the Cisco SecureX Architecture
Refer to 9.2.1.1
• Traditional network security ?
• Today’s network ?
Introducing the Cisco SecureX Architecture
Refer to 9.2.1.2
• This new security architecture uses a high-level policy language that
can describe the full context of a situation, including who, what,
where, when and how.
• This architecture is comprised of five major components
Introducing the Cisco SecureX Architecture
Refer to 9.2.1.3
• How does IT support this new computing model in a way that
scales and ensures that resources are secure?
• By using a context-aware network scanning element that uses central
polices to enforce security.
Introducing the Cisco SecureX Architecture
Refer to 9.2.1.4
• The context-aware scanning architecture uses local network context
from Cisco TrustSec technology. This is a packet tagging technology
that allows security elements to share information gathered from the
scanning elements as well as the endpoint client.
Solution for the Cisco SecureX Architecture
• The Cisco SecureX architecture refers to five
product families:
1. Secure edge and branch
2. Secure email and web
3. Secure access
4. Secure mobility
5. Secure data center and virtualization.
Solution for the Cisco SecureX Architecture
Secure edge and branch ( Refer to 9.2.2.1)
Solution for the Cisco SecureX Architecture
Secure Email and Web ( Refer to 9.2.2.2)
Solution for the Cisco SecureX Architecture
Secure Access ( Refer to 9.2.2.3)
Solution for the Cisco SecureX Architecture
Secure Mobility ( Refer to 9.2.2.4)
Solution for the Cisco SecureX Architecture
Secure Data Center and Virtualization ( Refer to 9.2.2.4)
Future Trends for Network Security
1. The consumerization of the endpoint
2. The increasing use of high-definition video
The next few years are going to be a period of
significant change, driven by three major trends:
conferencing systems like Cisco
TelePresence
3. The adoption of cloud computing.
Refer to 9.2.3
Introducing Operations Security
• While the Cisco SecureX architecture does increase the
level of security, it cannot guarantee a completely
invulnerable network.
• Operations security is concerned with the day-to-day
practices necessary to first deploy and later maintain a
secure system.
Core Principles
1. Separation of duties
2. Rotation of duties
3. Trusted recovery
4. Change and configuration controls
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Principles of Operations Security
Separation of Duties
• Separation (or segregation) of duties (SoD) is one of the
main concepts of internal control and is the most difficult
and sometimes the most costly control to achieve.
• SoD states that no single individual has control over two or
more phases of a transaction or operation.
Refer to 9.3.2.1
Principles of Operations Security
Rotation of Duties
• To successfully implement this principle, it is important that
individuals have the training necessary to complete more
than one job.
Refer to 9.3.2.2
Principles of Operations Security
Trusted Recovery
• This principle states that systems fail at some point, so a
process for recovery must be established.
• The most common way to prepare for failure is to back up
data on a regular basis.
Refer to 9.3.2.3
Trusted Recovery
Network security professionals propose that a secure backup program
contain some of the following practices:
1. A junior staff member is responsible for loading blank
media.
2. Backup software uses an account that is unknown to
individuals to bypass file security.
3. A different staff member removes the backup media
and securely stores it on site while being assisted by
another member of the staff.
4. A separate copy of the backup is stored off site and is
handled by a third staff member who is accompanied
by another staff member.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Principles of Operations Security
Configuration and Change Control
• The configuration and change
controls should address three major
components:
1. the processes in place to
minimize system and network
disruption
2. backups and reversing
changes that go badly
3. guidance on the economical
use of resources and time.
Refer to 9.3.2.4
Configuration and Change Control
There are five steps in a
change control process:
1.Apply to introduce the
change.
2.Catalogue the proposed
change.
3.Schedule the change.
4.Implement the change.
5.Report the change to
relevant parties.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Objectives of Security Testing and Evaluation
Uncover design, implementation, and
operational flaws that
could lead to the violation of the
security policy.
Objectives of ST&E:
Determine the adequacy of security
mechanisms, assurances,
and device properties to enforce the
security policy.
Assess the degree of consistency
between the system
documentation and its implementation.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Assessing the Operational Status
1. Network scanning
2. Vulnerability scanning
3. Password cracking
4. Log review
Refer to 9.4.1.2
5. Integrity checkers
6. Virus detection
7. Wardialing
8. Wardriving (802.11 or wireless LAN testing)
9. Penetration testing
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Using Testing Results
• As a reference point for corrective action
• To define mitigation activities to address identified
vulnerabilities
• As a benchmark to trace the progress of an organization in
meeting security requirements
• To assess the implementation status of system security
requirements
• To conduct cost and benefit analysis for improvements to
system security
• To enhance other activities such as risk assessments,
Certification and Authorization (C&A), and performance
improvement efforts
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Security Testing Tools
Refer to 9.4.2.1
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Nmap
• Classic TCP and UDP port
scanning
• Classic TCP and UDP port
sweeping
• Stealth TCP and UDP port
scans and sweeps
• Remote operating system
identification, known as
OS fingerprinting.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
SuperScan
• Improved host detection using
multiple ICMP methods
• TCP SYN scanning
• UDP scanning (two methods)
• Source port scanning
• Fast hostname resolving
• Extensive banner grabbing
• IP and port scan order
randomization
• Extensive Windows host
enumeration capability
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Continuity Planning Objectives
• Moving or relocating
critical business
components and people to
a remote location while the
original location is being
repaired
• Utilizing different channels
of communication to deal
with customers,
shareholders, and partners
until operations return to
normal
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Disaster Recovery
• The process of
regaining access to the
data, hardware, and
software necessary to
resume critical
business operations
after a disaster.
• Plan for coping with
unexpected or sudden
loss of key personnel.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Disruptions and Backups
• Identify types of disasters
or disruptions possible
• Take into account the
magnitude of the
disruption
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Disruption and Backups
• Redundancy
– Replacement components
owned by the organization or
a server provider
– Service level agreement
(SLA)
• Redundant facility
– Hot Site
– Warm Site
– Cold Site
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Refer to 9.5.2.2
Secure Copy
• Two of the most critical components of a functional network
are the router configuration and the router image files.
• The secure copy (SCP) feature provides a secure and
authenticated method for copying router configuration or
router image files.
Refer to 9.5.3.1
Secure Copy
Refer to 9.5.3.2
Secure Copy
Refer to 9.5.3.2
Secure Copy
Refer to 9.5.3.2
System Development Life Cycle (SDLC) Initiation
Initiation
Acquisition and
Development
DispositionSecurity categorization: This task defines three levels of potential impact on
organizations or individuals should there be a breach of security: low,
Refer to 9.6.2
Implementation
Operations and
Maintenance
moderate, and high,. Security categorization standards help organizations
make the appropriate selection of security controls for their information
systems.
Preliminary risk assessment: This task results in an initial description of the
basic security needs of the system. A preliminary risk assessment should
define the threat environment in which the system will operate.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Acquisition and Development
Initiation
Acquisition and
Development
Disposition
Risk assessment: an analysis that identifies the protection requirements for the
system through a formal risk assessment process.
Security functional requirements: an analysis of requirements
Security assurance requirements: an analysis of the requirements that address
the developmental activities that are required and the assurance evidence that is
needed to produce the desired level of confidence
Implementation
Operations and
Maintenance
Security cost considerations and reporting: determines how much of the
development cost to attribute to information security
Security planning: new and current agreed upon security controls should be fully
documented.
Security control development: ensures that the security controls that the
respective security plans describe are designed, developed, and implemented.
Developmental security test and evaluation: ensures that security controls that
are developed for a new information system are working properly and are effective.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Implementation
Initiation
Acquisition and
Development
Disposition
Inspection and acceptance: ensures that the organization validates and verifies
that the functionality that the specification describes is included in the
deliverables.
System integration: ensures that the system is integrated at the operational site
where the information system is deployed for operation.
Security certification: ensures that one effectively implement the controls
through established verification techniques and procedures.
Implementation
Operations and
Maintenance
Security accreditation: provides the necessary security authorization of an
information system to process, store, or transmit information that is required.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Operations and Maintenance
Initiation
Acquisition and
Development
Disposition
Configuration management and control: ensures that there is adequate
consideration of the potential security impacts due to specific changes to an
information system or its surrounding environment.
Continuous monitoring: ensures that controls continue to be effective in their
application through periodic testing and evaluation.
Implementation
Operations and
Maintenance
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Disposition
Initiation
Acquisition and
Development
Disposition
Implementation
Operations and
Maintenance
Information preservation: ensures that information is retained, as necessary, to
conform to current legal requirements and to accommodate future technology
changes that can render the retrieval method obsolete.
Media sanitization: ensures that data is deleted, erased, and written over, as
necessary.
Hardware and software disposal: ensures that hardware and software is
disposed of as directed by the information system security officer.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Determining an Organization’s Assets
Determine what the assets of an
organization are by asking
questions:
1. What does the organization
have that others want?
2. What processes, data, or
information systems are
critical to the organization?
3. What would stop the
organization from doing
business or fulfilling its
mission? Security Policies are
designed to protect assets
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Refer to 9.7.1.1
Security Policy Benefits
1. Demonstrates an
organization’s commitment
to security.
2. Sets the rules for expected
behavior.
3. Ensures consistency in
system operations, software
and hardware acquisition
and use, and maintenance.
4. Defines the legal
consequences of violations.
5. Gives security staff the
backing of management.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Refer to 9.7.1.2
Audience for the Security Policy
• Anyone with access to the network
– Internal audience
– External audience
• Determines the content of the policy
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Structure of a Security Policy
Governing Policy
Refer to 9.7.2.1
Technical
Policies
End-User
Policies
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Governing Policy
Important components:
• A statement of the issue that the
policy addresses.
• How the policy applies in the
environment.
• The roles and responsibilities of
those affected by the policy.
• The actions, activities, and
processes that are allowed and
those that are not.
• The consequences of
noncompliance.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Refer to 9.7.2.2
Technical Policies
• General policies
• E-mail policies
• Remote -access policies
• Telephony policy
• Application policies
• Network policies
• Wireless communication policy
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Refer to 9.7.2.3
End User Policy
• Cover all rules pertaining
to information security that
end users should know
about, comply with, and
implement.
• May overlap with technical
policies.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Refer to 9.7.2.4
Standards, Guidelines, and Procedures
• The security policy
documents are high-level
overview documents
• Standards, guidelines, and
procedures contain the
actual details defined in
the policies
• Each document serves a
different function, covers
different specifications and
targets a different
audience
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Standards Documents
Refer to 9.7.3.2
Standards documents include the technologies that are required for
specific uses, hardware and software versioning requirements,
program requirements, and any other organizational criteria
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Guideline Documents
• Provide a list of suggestions
• Provide flexibility
• Not usually mandatory
• Sources:
Refer to 9.7.3.3
– National Institute of Standards
and Technology (NIST)
Computer Security Resource Center
– National Security Agency (NSA) Security Configuration Guides
– The Common Criteria standard
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Procedure Documents
Refer to 9.7.3.4
Procedure documents include the details of implementation,
usually with step-by-step instructions and graphics
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Roles and Responsibilities
Executive-level management must always be consulted
during security policy creation in order to ensure the policy
is comprehensive, cohesive, and legally binding.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Roles and Responsibilities
• Chief Executive Officer (CEO)
• Chief Technology Officer (CTO)
• Chief Information Officer (CIO)
• Chief Security Officer (CSO)
Refer to 9.7.4.2
• Chief Information Security Officer (CISO)
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Security Awareness Program
• Reflects the business needs of an organization
• Informs users of their IT security responsibilities
• Explains all IT security policy and procedures
• Explains proper rules of behavior for the use of the IT
Refer to 9.7.5
systems and data
• Details sanctions for noncompliance
• Components
– Awareness campaigns
– Training and education
Security
Awareness
Program
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Awareness Campaigns
Methods for increasing
awareness:
• Lectures, videos
• Posters, newsletter
articles, and bulletins
• Awards for good security
practices
• Reminders such as login
banners, mouse pads,
coffee cups, and notepads
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Training and Education
From: IT department
To: all Employees
Subject: Course Offerings
We are currently offering several training opportunities. Please see
the list below and contact your manager if interested.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Success
A successfully implemented security awareness program measurably
reduces unauthorized actions by insiders, increases the effectiveness
of existing controls, and helps fight waste, fraud, and abuse of
information systems resources.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Laws and Ethics
• Types of Laws
– Criminal
– Civil
– Administrative
• Ethics
– Computer Ethics Institute
– Internet Activities Board (IAB)
– Generally Accepted System Security
Principles (GASSP)
– International Information Systems
Security Certification Consortium, Inc
(ISC)2 Code of Ethics
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Refer to 9.7.6
The ISC2 Code of Ethics
• Code of Ethics Preamble
Safety of the commonwealth, duty to our
principals, and to each other requires that
we adhere, and be seen to adhere, to the
highest ethical standards of behavior.
Therefore, strict adherence to this Code is
a condition of certification.
• Code of Ethics Canons
– Protect society, the commonwealth, and the infrastructure.
– Act honorably, honestly, justly, responsibly, and legally.
– Provide diligent and competent service to principals.
– Advance and protect the profession.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Responding to a Security Breach
• Motive answers the question
of why a person (or persons)
committed the illegal act.
• Opportunity answers the
question of when and where
the person committed the
crime.
• Means answers the question
of how the person committed
the crime.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Forensics Procedures
• Proper data collection
• Data chain of custody
• Data storage
• Data backups
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Summary
• Mitigating network attacks requires a comprehensive end-to-end approach.
• Threat identification and risk analysis are the firt steps in creating the
protection strategy.
• Risk management and risk avoidance are tow distinct approaches to
addressing risks.
• Ciso Self-Defending Network provides a comprehensive, end-to-end solution
for network security.
• CSDN solutions include threat control and containment, secure
communications, and operational control and policy management.
• Cisco Security Manager and Cisco MARS provide management solutions for
CSDN.
• The Cisco integrated Security Portfolio of security products designed to meet
the requirements and diverse deploument models of any network
environment.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Summary
• Operations security is an important part of managing a secure network.
• Separation of duties states that no single individual has control over tow
more phases of a transaction or opration.
• Rotation of duties is a security measure in which individuals are given a
specific assignment for a certain amount of time before moving to a new
assignment.
• Trusted recovery is an important principle of operations security.
• Network security testing is a critical process in maintaining a secure
network.
• Nmap and SuperScan are two useful tools for network security testing.
• Tests include network scanning, vulnerability scanning, password cracking,
log review, integrity checking, virus detection, war driving , and penetration
testing.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Summary
• The security policy is an integral component of an
organization’s network security design and
implementation. It answers questions about what assets
are to be protected and how to protect them.
• A security policy typically consists of a goverming policy, a
technical policy, and an end-user policy.
• Standards, guidelines, and procedures contain the details
degined in the policies.
• The policy should set out the various roles and
responsibilities among the IT professionals.
• A securiy awareness program is necessary to ensure all
employees within an organization are aware of and adhere
to the security policies.
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Các file đính kèm theo tài liệu này:
- ccna_security_chapter_9_managing_a_secure_network_6533_5284.pdf