Top Banner
Developing Network Security Strategies ______________________ Robert DeWolf
33

Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

Dec 19, 2015

Download

Documents

Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

Developing Network Security Strategies

______________________Robert DeWolf

Page 2: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

Developing NetworkSecurity Strategies

Network Security DESIGN

Network Security

MECHANISMS

Page 3: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: DESIGN

•Factors- Affordances (E-Commerce)- Remote-Access Services- Business partners

•Top-Down Approach- Customer development

Page 4: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: DESIGN

Identify network assets.Analyze security risks.Analyze security requirements and tradeoffs.Develop a security plan.Define a security policy.Develop procedures for applying security policies.Develop a technical implementation strategy.Achieve buy-in from users, managers, and technical staff.Train users, managers, and technical staff.Implement the technical strategy and security procedures.Test the security and update it if any problems are found.Maintain security.

Page 5: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: DESIGN

Identify network assets.Analyze security risks.Analyze security requirements and tradeoffs.Develop a security plan.Define a security policy.Develop procedures for applying security policies.Develop a technical implementation strategy.Achieve buy-in from users, managers, and technical staff.Train users, managers, and technical staff.Implement the technical strategy and security procedures.Test the security and update it if any problems are found.Maintain security.

Page 6: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

Identify network assets

•Network HostsOSApplicationsData

•Internetworking DevicesRoutersSwitches

•Network Data

•OtherTrade SecretsCompany Reputation

Page 7: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: DESIGN

Identify network assets.

Analyze security risks.Analyze security requirements and tradeoffs.Develop a security plan.Define a security policy.Develop procedures for applying security policies.Develop a technical implementation strategy.Achieve buy-in from users, managers, and technical staff.Train users, managers, and technical staff.Implement the technical strategy and security procedures.Test the security and update it if any problems are found.Maintain security.

Page 8: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

Analyze security risks

EXPERT INTRUDERS AND END USERS

Page 9: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: DESIGN

Identify network assets.Analyze security risks.

Analyze security requirements and tradeoffs.Develop a security plan.Define a security policy.Develop procedures for applying security policies.Develop a technical implementation strategy.Achieve buy-in from users, managers, and technical staff.Train users, managers, and technical staff.Implement the technical strategy and security procedures.Test the security and update it if any problems are found.Maintain security.

Page 10: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

Analyze security requirements and tradeoffs

•Affordability•Usability•Performance•Availability•Manageability

•TradeoffsPacket Filters/Data Encryption

Page 11: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: DESIGN

Identify network assets.Analyze security risks.Analyze security requirements and tradeoffs.

Develop a security plan.Define a security policy.Develop procedures for applying security policies.Develop a technical implementation strategy.Achieve buy-in from users, managers, and technical staff.Train users, managers, and technical staff.Implement the technical strategy and security procedures.Test the security and update it if any problems are found.Maintain security.

Page 12: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

Develop a security plan

•Resources(time/people)

How will users/managers be involved?

Is there a need for specialized Administrators?

Will you be training on Security Policies and Procedures?

Page 13: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: DESIGN

Identify network assets.Analyze security risks.Analyze security requirements and tradeoffs.Develop a security plan.

Define a security policy.Develop procedures for applying security policies.Develop a technical implementation strategy.Achieve buy-in from users, managers, and technical staff.Train users, managers, and technical staff.Implement the technical strategy and security procedures.Test the security and update it if any problems are found.Maintain security.

Page 14: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

Define a security policy

According to RFC 2196, "Site Security Handbook:"

“A security policy is a formal statement of the rules by which people who are given access to an organization's technology and information assets must abide.”

•Personnel

•ComponentsAccessAccountabilityAuthenticationComputer-technology guidelines

Page 15: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: DESIGN

Identify network assets.Analyze security risks.Analyze security requirements and tradeoffs.Develop a security plan.Define a security policy.

Develop procedures for applying security policies.Develop a technical implementation strategy.Achieve buy-in from users, managers, and technical staff.Train users, managers, and technical staff.Implement the technical strategy and security procedures.Test the security and update it if any problems are found.Maintain security.

Page 16: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

Develop procedures for applying security policies

There’s been an attack… OMG!!!!!

•Separate ProceduresUsersNetwork AdminSecurity Admin

•Training?

Page 17: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: DESIGN

Identify network assets.Analyze security risks.Analyze security requirements and tradeoffs.Develop a security plan.Define a security policy.Develop procedures for applying security policies.

Develop a technical implementation strategy.Achieve buy-in from users, managers, and technical staff.Train users, managers, and technical staff.Implement the technical strategy and security procedures.Test the security and update it if any problems are found.Maintain security.

Page 18: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: DESIGN

Identify network assets.Analyze security risks.Analyze security requirements and tradeoffs.Develop a security plan.Define a security policy.Develop procedures for applying security policies.Develop a technical implementation strategy.

Achieve buy-in from users, managers, and technical staff.Train users, managers, and technical staff.Implement the technical strategy and security procedures.Test the security and update it if any problems are found.Maintain security.

Page 19: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: DESIGN

Identify network assets.Analyze security risks.Analyze security requirements and tradeoffs.Develop a security plan.Define a security policy.Develop procedures for applying security policies.Develop a technical implementation strategy.Achieve buy-in from users, managers, and technical staff.

Train users, managers, and technical staff.Implement the technical strategy and security procedures.Test the security and update it if any problems are found.Maintain security.

Page 20: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: DESIGN

Identify network assets.Analyze security risks.Analyze security requirements and tradeoffs.Develop a security plan.Define a security policy.Develop procedures for applying security policies.Develop a technical implementation strategy.Achieve buy-in from users, managers, and technical staff.Train users, managers, and technical staff.

Implement the technical strategy and security procedures.Test the security and update it if any problems are found.Maintain security.

Page 21: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: DESIGN

Identify network assets.Analyze security risks.Analyze security requirements and tradeoffs.Develop a security plan.Define a security policy.Develop procedures for applying security policies.Develop a technical implementation strategy.Achieve buy-in from users, managers, and technical staff.Train users, managers, and technical staff.Implement the technical strategy and security procedures.

Test the security and update it if any problems are found.Maintain security.

Page 22: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: DESIGN

Identify network assets.Analyze security risks.Analyze security requirements and tradeoffs.Develop a security plan.Define a security policy.Develop procedures for applying security policies.Develop a technical implementation strategy.Achieve buy-in from users, managers, and technical staff.Train users, managers, and technical staff.Implement the technical strategy and security procedures.Test the security and update it if any problems are found.

Maintain security.

Page 23: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

Maintain security

•Reading Logs

•Responding to incidents

•Staying current with security standards (hardware/software)

•Updating the plan and policy

Page 24: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: MECHANISMS

Physical SecurityAuthenticationAuthorization

Accounting/AuditingData Encryption

Packet FiltersFirewalls

Intrusion DetectionIntrusion Prevention

Page 25: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: MECHANISMS

Physical SecurityAuthenticationAuthorization

Accounting/AuditingData Encryption

Packet FiltersFirewalls

Intrusion DetectionIntrusion Prevention

Equipment

Natural Disasters

Page 26: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: MECHANISMS

Physical SecurityAuthenticationAuthorization

Accounting/AuditingData Encryption

Packet FiltersFirewalls

Intrusion DetectionIntrusion Prevention

Something the user knows

Something the user has

Something the user is

Page 27: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: MECHANISMS

Physical SecurityAuthenticationAuthorization

Accounting/AuditingData Encryption

Packet FiltersFirewalls

Intrusion DetectionIntrusion Prevention

Privileges

Page 28: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: MECHANISMS

Physical SecurityAuthenticationAuthorization

Accounting/AuditingData Encryption

Packet FiltersFirewalls

Intrusion DetectionIntrusion Prevention

Logging tasks

Page 29: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: MECHANISMS

Physical SecurityAuthenticationAuthorization

Accounting/AuditingData Encryption

Packet FiltersFirewalls

Intrusion DetectionIntrusion Prevention

Yeah yeah yeah…

Page 30: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: MECHANISMS

Physical SecurityAuthenticationAuthorization

Accounting/AuditingData Encryption

Packet FiltersFirewalls

Intrusion DetectionIntrusion Prevention

Uses Authentication and Authorization

methods

Page 31: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: MECHANISMS

Physical SecurityAuthenticationAuthorization

Accounting/AuditingData Encryption

Packet FiltersFirewalls

Intrusion DetectionIntrusion Prevention

Enforce

Enterprise to Internet

Page 32: Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

SECURITY: MECHANISMS

Physical SecurityAuthenticationAuthorization

Accounting/AuditingData Encryption

Packet FiltersFirewalls

Intrusion DetectionIntrusion Prevention

(IDS)Notification

(IPS)Traffic Blocker