2 IntroductionNetwork Layer Security is something which has become the of prime importance in designing any network system.We look at the important layers of the network and try to identify the different Security Patterns associated with each layer. My work will be trying to fill the gaps at each layer where security patterns are missing or not well established.
3 VPN Security We first look at the available patterns in the system. And as the next step, we try to understand the VPN architecture and we try to develop a Security pattern for the VPN Architecture.
4 Network Architecture Security Objects AU T H E N I CA ON SECRECY AUTHORZATIONIDENTFCAOFireWallIDSVPNProtocolApplicationXML FWXML IDSXML VPNSAMLTCPProxy FWTCP IDSTLS/SSL VPNTLSIPPacket FWPacket IDSIPSec VPNIPSec
9 VPN ArchitectureVPN make use of public network resources to connect to the private network of the enterprise. Within the VPN, the transmission is protected by security principles to assure confidentiality of the user(s) and data integrity. So a “private” network is established in the public domain. Since this network exists in a logical sense, it has been termed as virtual private network.
10 Features of a good VPN Security Reliability Scalability Network managementPolicy management
11 ProblemIn the company where I work we have a lot of remote employees who log in from different parts of the world such as St. Louis, USA or Israel. These developers log into a machine in Boca and work virtually from Boca. These connections are done using an VPN architecture. We need to develop the most safe architecture so that the work is done most efficiently and with the least threats to security.
12 ContextLocal networks with applications being executed in distributed systems. Access to the network can be from the Internet or from other external networks using a VPN connection.
13 ForcesThere are many remote users trying to connect to the same network from different end points. A good VPN system must accommodate all these users.There may be different end users that may require different levels of security. We need to define appropriate policies for each of these VPN connections.The company has various employees joining and leaving the company. Hence the security policies need to be constantly modified. Hence the VPN configuration should be easily configurable.The number of users and applications may increase significantly; adding more users or applications should be done transparently and at proper cost.A VPN set up should avoid access to the corporate network from all harmful external elementsThere are many ways to perform authentication. The VPN must support the different methods.
14 Pattern Diagram TCP VPN IP VPN XML VPN Authentication Secure Channel AuthorizationIPSecTLSSecrecyMessage AuthenticationVPNPKIRM
15 Class Diagram for a VPN End User Secure Network VPN Network End User Auth PointSecure ChannelIdentity BasePolicy BaseIdentityPolicy
16 Sequence Diagram for a VPN Authentication :End User:VPN:EndUserAuthPT:IdentityBase:Policy Base:SecureCh:SecureN/WrqstConnrqstConnauthenticateauthenticatedcheckAccessaccessAllowedopenSecConnEstablishedEstablished
17 SolutionWhenever an end user tries to connect to a VPN, the network should ask for authorization. An user can access a network only if a specific policy authorizes it to do.Policy enforcing includes authenticating the end user who is trying to connect to the network.The VPN Tunnel created should maintain its confidentiality and data integrity.
18 Consequences Advantages Company can define the policies for VPN end users thus centralizing the policies and makes the administration better.Since authorization is used, company can keep a log of end users connected in the present and in the past.A secure tunnel guarantees data integrity and secrecy. Usually a PKI system of encryption is used for sending data over the tunnel.As authentication of end users are performed, users can be held responsible for their actions .We can also incorporate RBAC based on the role of the end user.Usually a Firewall complements a VPN setup..
19 Consequences (Contd…) LiabilitiesIf the VPN is compromised, then the attacker gets full access to the internal network too.VPN traffic is often invisible to IDS monitoring.If the IDS probe is outside the VPN server, as is often the case, then the IDS cannot see the traffic within the VPN tunnel because it is encrypted. Therefore if a hacker gains access to the VPN, he can attack the internal systems without being picked up by the IDS.Whatever type of VPN we use, VPN is only as secure as the remote computer connected to it.
20 Liabilities (Contd…)The pattern does not discuss the attack at the end points.VPN Tunnel is only as strong as the cryptography that enables it.
21 Known UsersCitrix. Citrix provides a site to site VPN connection for remote users to log into the secure network as well as access applications on the company (secure) network.
22 Related Patterns Patterns for Application Firewalls using PEP and PAP. Nelly Delessy-Gassant, Eduardo B. Fernandez, Saeed Rajput,and Maria M. Larrondo Petrie
23 Future WorkExpand on the VPN Pattern and create separate patterns for IP, SSL and XML VPNs.Developing the patterns missing in the network security diagram shown before.