Presentation is loading. Please wait.

Presentation is loading. Please wait.

EN.600.424 Spring 2016 Lecture Notes FUNDAMENTALS OF SECURE DESIGN (NETWORK TOPOLOGY)

Published byAntonia Ashley Richards Modified over 8 years ago

Similar presentations

Presentation on theme: "EN.600.424 Spring 2016 Lecture Notes FUNDAMENTALS OF SECURE DESIGN (NETWORK TOPOLOGY)"— Presentation transcript:

1 EN.600.424 Spring 2016 Lecture Notes FUNDAMENTALS OF SECURE DESIGN (NETWORK TOPOLOGY)

2 DESIGNING A SECURE NETWORK Later lectures are going to deal with protecting channels of communication However, the channels are supported by a network topology (architecture) Properly designed topology reduces the burden on the protected channels Today’s focus is the following principles and their contemporary implementations: Separation Isolation Encapsulation and Modularity Layering Minimized Exposure

3 SEPARATION: THE IDEA Humans have a tendency to “homogenize” and “consolidate” This is especially true when the complexities of an idea are not well understood Some make arguments for efficiency in planning (e.g., Governments) From a security perspective, “separation” is often superior: Separation of duties Separation of users Separation of networks Separation of responsibilities and operations

4 SEE ALSO: Simplicity of Design Implementation Minimization Failing Safely Least Privilege Minimizing attack surface

5 SEPARATION OF DUTIES Require more than one person to complete a task In military, for example, requiring two keys to fire a weapon Reduces how much TRUST must be put into a single individual Note: can use crypto to require two keys (e.g., Shamir Sharing)

6 SEPARATION OF USERS Separating users from data: Users access data via enforced policy Separating user populations: Users interact with each via enforced policy Policy enforcement mechanisms: ACLs Segmented networks/devices Device file-system and memory-system protections

7 SEPARATION OF NETWORKS Logical separation Physical separation For example, in separate rooms Separated into high/low risk (REDUCING TRUST) DMZ’s are a good example Mechanisms for Logical Separation: VLANs – Layer 2 separation Routers – Layer 3+ separation VPNs – Remote computing separation

8 VLAN VISUALIZATION VLAN 1VLAN 2VLAN 1VLAN 2 LAN Switch

9 ROUTER VISUALIZATION LAN 1 192.168.1.5 LAN 2 10.0.30. 5 LAN 1 192.168.1.8 LAN 2 10.0.22. 200 Router IP RangeEgress 192.168.1.*Port 1 10.0.*.*Port 2 InternetPort 3 Internet

10 VPN VISUALIZATION LAN 1 192.168.1.5 LAN 2 10.0.30. 5 LAN 2 10.0.22. 200 Router Secure Channel Virtual Adapter (Over Secure Channel) 10.0.1.101

11 DMZ VISUALIZATION Internet Router (Firewall) #1 Web Server Email Server Router (Firewall) #2 Internal LAN DMZ

12 SEPARATION OF RESPONSIBILITIES A server hosting both the web server and the email server is inherently less secure Now, both systems are compromised by vulnerabilities in either In general systems at risk should be have that risk minimized by hosting one thing (LEAST PRIVILEGE) (MINIMIZING ATTACK SURFACE)

13 ISOLATION Isolation restricts movement into and out of a separated entity If you separate but do not isolate, your separation has less impact Resource isolation separates resources from each other Allows resources to have different access levels Isolation also enables auditing and other control mechanisms Political Analogy: Separation = Borders Isolation = Border Enforcement

14 ENCAPSULATION AND MODULARITY Consider what happens when a computer visits http://www.cnn.comhttp://www.cnn.com Does the result depend on the OS running on the server? Does the result depend on whether or not “the server” is one machine or 100? Does the result depend on the network topology (e.g., server is in DMZ)? Like OO programming, network arch. depends on encapsulation and modularity In addition to the efficiency of design, it also supports security: Easier to reason (formally or informally) about security of the interface Easier to hide weak components behind secure façade Easier to swap in and out security components (3 rd party competition) Separation and Isolation depend on this principle

15 ENCAPSULATION AND PSYCHOLOGY Encapsulation also improves separating the crypto mechanism from the UI The two elements can evolve independently The two elements can be researched by different specialists

16 LAYERED SECURITY Multiple layers of security, each focused on a different threat Similar, from a certain point of view, to a network stack NOTE: not multiple layers focused on the SAME threat (e.g., two AV software) Sometimes sold by a single company as a “suite” of security applications Generally, for a network, good “layered security” is beyond a single vendor Firewall Anti-virus IDS Host-based protections

17 RETURN OF THE CONTEXT Getting layered security right really depends on the context Requirements Engineering: Figure out what attacks require protection Implementation: Create a “layer” that protects against each attack Focus that layer on solely that attack (Modularity!) Some professionals prefer “Defense in Depth” Broadest possible view… no “one true philosophy” Really, this is just another way of getting Anderson’s approach DON’T GET STUCK IN CHECK BOXES

18 MINIMIZING EXPOSURE The number one goal of all network design is minimizing exposure to protected elements BUT REMEMBER: The hardest part is figuring out what needs protected Once you have the requirements figured out, you can use the other principles: Separation Isolation Encapsulation and Modularity Layered Security ALL FOCUSED ON MINIMIZING EXPOSURE OF THE PROTECTED ELEMENTS (Don’t design in stuff just because it’s “cool” or you’ve done it before)

19 PLAYGROUND: TRY IT OUT! Begin thinking about how you might apply these principles in Playground How can you apply them? For example, how about a PLAYGROUND firewall? You could put your computing node up behind a firewall node. How would a firewall node work? It would take the request, analyze it, and pass it on to the real node You could do purely “network” security and limit the sources and destinations You could try to do application security by examining the data in the packets. Not required, but this is an example of something for the Advanced Features Lab

20 FIREWALL EXAMPLE IN MORE DETAIL What type of routing will you support? Will you have devices behind the firewall have private PLAYGROUND addresses? If so, you’re going to need to do NAT (Network Address Translation) outbound If so, you’ll need port forwarding inbound

21 PORT FORWARDING Firewall (public) Outsider Insider (private) Local PortForward To 100Insider at port 1001 Outsider connects to FW on port 100 Firewall connects to Insider on Port 1001 FW session w/ Outsider on port 100 FW session w/ Insider on port 11111 SourceForwarding connection Outsider/10011111

22 NAT Firewall (public) Outsider Insider (private) Firewall connects on Insider’s behalf Insider “connects” to Outsider on port 100, src port 11111 FW session w/ Outsider on local port 22222 FW records Insider src/dst port Source DataForwarding connection Insider/11111/10022222

23 OTHER PLAYGROUND OPTIONS Separate remote computation from security systems Separate remote computation from other remote computation based on privilege level Multiple remote computation (load balancing) Separate accounting system from remote computation Separate “networks” for computing and providing computation If providing advanced features, separating them out: File storage (store once, compute many) Computation services (e.g., providing support for graphing)

24 CITATIONS While not used word-for-word, these two sources assisted me with these slides: http://www.techrepublic.com/blog/it-security/understanding-layered-security-and- defense-in-depth/ http://www.techrepublic.com/blog/it-security/understanding-layered-security-and- defense-in-depth/ http://www.checkpoint.com/services/education/training/courses/samples/PoNS_C09_ Security_Architecture.pdf http://www.checkpoint.com/services/education/training/courses/samples/PoNS_C09_ Security_Architecture.pdf

Download ppt "EN.600.424 Spring 2016 Lecture Notes FUNDAMENTALS OF SECURE DESIGN (NETWORK TOPOLOGY)"

Similar presentations

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
Network Security Essentials Chapter 11

Network Security Essentials Chapter 11
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.

Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Network Security Philadelphia UniversityAhmad Al-Ghoul 2010-20111 Module 11 Exploring Secure Topologies  MModified by :Ahmad Al Ghoul  PPhiladelphia.

Network Security Philadelphia UniversityAhmad Al-Ghoul Module 11 Exploring Secure Topologies  MModified by :Ahmad Al Ghoul  PPhiladelphia.
Firewall Configuration Strategies

Firewall Configuration Strategies
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.

Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.

Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Topics 1.Security options and settings 2.Layer 2 vs. Layer 3 connection types 3.Advanced network and routing options 4.Local connections 5.Offline mode.

Topics 1.Security options and settings 2.Layer 2 vs. Layer 3 connection types 3.Advanced network and routing options 4.Local connections 5.Offline mode.

Similar presentations

Ads by Google