NETWORK INFRASTRUCTURE SECURITY Domain 5

Computer Security “in short, the average computer is about as secure as a wet paper bag, and it is one of the last places where you would want to hide valuable data or use to communicate secret or sensitive information” - Rick Maybury

Sanmi Fakiyesi Network  Network means the joining or linking of two or more computers in order to: 1.Communicate 2.Share resources such as files, folders, printers, etc

Sanmi Fakiyesi

Good Network A good Network must be able to:  Connect  Communicate  Provide services or resources.

Sanmi Fakiyesi Types of Network  LAN  WAN  PAN  SAN  MAN  WLAN  WWAN

Sanmi Fakiyesi Network topology  Bus  Star  Ring  Mesh

NETWORK TOPOLOGY Sanmi Fakiyesi

Network relationship  Peer to Peer  Client/Server  Workgroup  Domain

Sanmi Fakiyesi Network Security Architecture Before undertaking the Design or Implementation of an enterprise Network and it Components, a Security Architecture should be developed.

Sanmi Fakiyesi Concept of security architecture Top-down security model: 1.Security policy 2.Security Strategy 3.Procedure and Standards

Sanmi Fakiyesi (1)Security policy  It should conform to relevant standards.  Define security responsibilities within the organization.  Identification of key information assets using security risk analysis.  Set out guiding security principles to be in use in the organization.

Sanmi Fakiyesi (2)Security strategy It is more detailed than the policy. It shows how to implement the policy to get result.  Should support business needs.  Comply with the company’s security policy.

Sanmi Fakiyesi (3)Procedure and Standards These cover areas such as:  Performing system monitoring  Configuring a system  Configuring web server/firewall  Steps to take when there is security breach.

Sanmi Fakiyesi Trust / Security Zones Trust/Security zones are key aspect of security perimeter. A common classification for connection is: 1.Untrusted zone or Demilitarized zone 2.Hostile zone or internet 3.Semitrusted zone or extranets 4.Trusted zone or intranets

Sanmi Fakiyesi Information Assets issues  What are information assets?  Are people part of the information assets that need to be protected?  What are the implications of not protecting these assets?  Who should be responsible for the protection of these assets?  How should these assets be protected?

Sanmi Fakiyesi What should be protected?  Data  Application software (test and production)  Web applications (public or private intranet based)  Domain name servers  Operating systems for network routers and switches  System utilities  Telecommunication lines  Libraries and directories  Passwords

Sanmi Fakiyesi What should be protected? contd.  Temporary disk files  Tape files  System software  Access control software  System procedure libraries  Logging files  Bypass label process feature  Operator system exits  Dial-up lines  Data dictionary/directory  Spool queues

Network Infrastructure Security Sanmi Fakiyesi

Communication networks  Components: Devices, Software/programs, and files supporting the network operations  Controls:  Network control terminal (WAN) or Server (LAN)  Communications software

Sanmi Fakiyesi Components of Network Hardware/Devices  Hub or Switch  Cables (CAT5)  Connector(DB-9, RJ-45)  Modem (wired and wireless)  Network Interface Card  WAP for wireless connection  Wireless Network Interface Card  Router (wired and wireless)  Computers, Printers  servers

Router and Switch Sanmi Fakiyesi

Network Infrastructure Security  Control over the network is accomplished through a network control terminal and specialized communication software  The following are the controls over communication networks: Control functions should be performed by technically qualified operators Control functions should be separated and duties should be rotated on a regular basis, where possible Control software must restrict operator access from performing certain functions (e.g. ability to amend/delete logs) Control software should maintain an audit trail of all operator activities Audit trails should be reviewed by [network] operations management to detect any unauthorized network operations activities

Network Infrastructure Security (cont’d) Network operation standards and protocols should be documented and made available to the operators and should be periodically reviewed to ensure compliance. Network access by the system engineers should be closely monitored and reviewed to detect unauthorized access. Workload balance, fast response time and system efficiency should be ensured through analysis. Terminals should be authenticated through the use of a terminal identification file. Data encryption should be used to protect messages during transmission Sanmi Fakiyesi

Types of Network Software Novell Netware Unix Microsoft Windows 2000/NT, Window XP, Window vista, Window 7, Microsoft window server 2003, Microsoft window server ETC

Examples of Network security software /tools  Anti-virus  UTM-Unified Threat Management (e.g ISA)  Firewall  VPN (Virtual Private Network)  IDS/IPS  Honey pots  Honey net  Network Penetration tests Sanmi Fakiyesi

Examples of Network security software  Port based security  Identity based security  Network Admission Control Sanmi Fakiyesi