1. Extranet for Security Professionals Essential Services Analysis Heather T. Kowalski Tong Xu Ying Hao Hui Huang Bill Halpin Oct. 31, 2000

2. Review Business Mission - Central Repository of Security Information - Central Location for Information Sharing - Secure Environment, Manageable Resource System Requirements - SECURITY OVER RELIABILITY - Exchange of Information - Responsible for Information Only While on ESP System - User Driven and Maintained System Environment - Dell Power Edge Servers - Windows NT 4.0 (SP6) - SSL - Cold Fusion Middleware - Only Minimal Options Activated System Architecture

3. ESP – Architecture Workstation Firewall Router Web Servers The Internet To: George Marty From: Steve

4. Topics of Today ESP Services overview Essential Services/Asset Analysis Essential Services/Asset Usage Scenario Essential Component Analysis

5. ESP Services Overview

6. ESP Essential Services Site Administration Virtual Security Office (VSO) Collaboration Realm (CR) Organizational Management Library Message Center

7. Users ESP User VSO & CR Owners Site Manager Organizational Manager Site Administrator

8. Site Administration Maintain Hardware Assets Implement Hardware Security Process Database Management

9. Router Cisco 7200 128.237.144.1 Web Server Windows NT 4.0 (SP6), Hot Fixes DNS RedHat 6.2 Firewall-2 Windows NT 4.0 (SP6) Hot Fixes Database DNS RedHat 6.2 NES 3.63 Cold Fusion 4.5.1 ActiveState Perl 5.5 Tripwire 2.2.1 IPchains Guardian Pro V5 IDS-2 Windows NT 4.0 (SP6) Hot Fixes RealSecure 3.2 IDS-1 Windows NT 4.0 (SP6) Hot Fixes RealSecure 3.2 Visual FoxPro Console

10. Virtual Security Office Restricted Web Page Function - Information Sharing - Information Dissemination - Communication between Security Activity Groups Security Considerations Public Site - READ access for ALL users Private Site - Access granted by VSO Owner to CERTAIN users - Administrator Rights granted by VSO Owner to SPECIFIC users

11. Virtual Security Office

12. VSO Public View

13. VSO Private View

14. Collaboration Realm Function - Provide Selected Users with Areas to Collaborate on Projects Security Considerations - Owners have total control of access - View - Comment - Vote - Admin

15. Collaboration Realm

16. Organizational Management Functions Access Control to ESP website Validate Users Enforce ESP Policy Create Further Push Down of Management Security Considerations Site Manager grants Administrative Rights to Organizational Manager Organizational Manager controls Users in Organization ONLY

17. Organizational Management

18. Library The Library Tool is used to make common reports and documentation available on-line to all ESP users. The Library is Full Text Searchable.

19. Message Center ESP Internal “Post Office” Message never Leaves the Secure Web Server Users can be Notified via an External Mail System

20. Primary Users Client WorkStation Router (FW1) Firewall-2 DNS2IDS Web Server DNS1 Database IP||TCP/UDP||SSL IDS IP||TCP/UDP||SSL

21. Primary Users Client WorkStation Router (FW1) Cisco 7200 128.237.144.1 Web Server Windows NT 4.0 (SP6), Hot Fixes DNS RedHat 6.2 Firewall-2 Windows NT 4.0 (SP6) Hot Fixes Database DNS RedHat 6.2 NES 3.63 Cold Fusion 4.5.1 ActiveState Perl 5.5 Tripwire 2.2.1 IPchains Guardian Pro V5 IDS-2 Windows NT 4.0 (SP6) Hot Fixes RealSecure 3.2 IDS-1 Windows NT 4.0 (SP6) Hot Fixes RealSecure 3.2 Visual FoxPro

22. Future Plans Regular Saturday Team Meetings Planned Meeting with Client Goals: Find Vulnerabilities Identify Compromisable Components Simulate Intrusions & Attacks Survivability Analysis