Network Security
Concepts and Policies
© 2012 Cisco and/or its affiliates. All rights reserved.
1
Purpose of Security
• To protect assets!
– Historically done through physical security and closed networks.
© 2012 Cisco and/or its affiliates. All rights reserved.
2
The Network Today
• With the advent of personal computers, LANs, and the wide-open
world of the Internet, the networks of today are more open.
© 2012 Cisco and/or its affiliates. All rights reserved.
3
Basic Security Requirements
• To provide adequate protection of network resources, the
procedures and technologies that you deploy need to guarantee
three things :
– Confidentiality
– Integrity
– Availability of systems and data
© 2012 Cisco and/or its affiliates. All rights reserved.
4
Data, Vulnerabilities, and Countermeasures
• An asset is anything of value to an organization.
• A vulnerability is a weakness in a system or its design
that could be exploited by a threat.
• A threat is a potential danger to information or systems.
• A risk is the likelihood that a particular vulnerability will
be exploited.
• An exploit is an attack performed against a
vulnerability.
• A countermeasure (safeguard) is the protection that
mitigates the potential risk.
© 2012 Cisco and/or its affiliates. All rights reserved.
5
Need for Network Security
• Business goals and risk analysis drive the need for network
security
• Dealing with Risk :
– Reduce
– Limitation/avoidance
– Assurance
– Detection
– Recoverry
© 2012 Cisco and/or its affiliates. All rights reserved.
6
Need for Network Security
© 2012 Cisco and/or its affiliates. All rights reserved.
7
Adversaries, Methodologies, and Classes of Attack
• Adversaries : To defend against attacks on information and
information systems, organizations must begin to define the threat
by identifying potential adversaries. These adversaries can
include the following:
• Nations or states
• Terrorists
• Criminals
• Hackers
• Corporate competitors
• Disgruntled employees
• Government agencies, such as the National Security Agency
(NSA) and the Federal Bureau of Investigations (FBI)
© 2012 Cisco and/or its affiliates. All rights reserved.
8
Adversaries, Methodologies, and Classes of Attack
• Methodologies :
– Step 1. Perform footprint analysis (reconnaissance).
– Step 2. Enumerate applications and operating systems.
– Step 3. Manipulate users to gain access.
– Step 4. Escalate privileges.
– Step 5. Gather additional passwords and secrets.
– Step 6. Install back doors.
– Step 7. Leverage the compromised system.
© 2012 Cisco and/or its affiliates. All rights reserved.
9
Adversaries, Methodologies, and Classes of Attack
Threats Classification
• Enumeration and fingerprinting
• Spoofing and impersonation
• Man-in-the-middle
• Overt and covert channels
• Blended threats and malware
• Exploitation of privilege and trust
• Confidentiality
• Password attacks
• Availability attacks
• Denial of service (DoS)
• Botnet
• Physical security attacks
• Forces of nature
© 2012 Cisco and/or its affiliates. All rights reserved.
10
IP Spoofing Attacks
TCP Three-Way Handshake
© 2012 Cisco and/or its affiliates. All rights reserved.
11
Sequence Prediction
Sequence Number Prediction
© 2012 Cisco and/or its affiliates. All rights reserved.
12
Trust Exploitation
Trust Exploitation
© 2012 Cisco and/or its affiliates. All rights reserved.
13
Confidentiality and Integrity Attacks
Breach of Confidentiality
© 2012 Cisco and/or its affiliates. All rights reserved.
14
Man-in-the-Middle Attacks
IP Source Routing Attack
© 2012 Cisco and/or its affiliates. All rights reserved.
15
Overt and Covert Channels
Overt Channel
© 2012 Cisco and/or its affiliates. All rights reserved.
16
Principles of Secure Network Design
• Defense in depth
• Compartmentalization
• Least privilege
• Weakest link
• Separation and rotation of duties
• Hierarchically trusted components and protection
ã Mediated access
ã Accountability and traceability
â 2012 Cisco and/or its affiliates. All rights reserved.
17
Evaluating and
Managing the
Risk
© 2012 Cisco and/or its affiliates. All rights reserved.
18
Risk Analysis and Management
• Every process of security should first address the following
questions:
• Which are the threats the system is facing?
• Which are the probable threats and what would be their
consequence, if exploited?
• The threat-identification process provides an organization with a
list of threats to which a system is subject in a particular
environment.
© 2012 Cisco and/or its affiliates. All rights reserved.
19
Risk Analysis
ã Quantitative
ã Qualitative
â 2012 Cisco and/or its affiliates. All rights reserved.
20
Building Blocks of Risk Analysis
List of Assets and Their Value
• Assets and their value
• Vulnerabilities
• Threats, their impact, and rate or probability of occurrence
© 2012 Cisco and/or its affiliates. All rights reserved.
21
A Lifecycle Approach to Risk Management
© 2012 Cisco and/or its affiliates. All rights reserved.
22
Security Policies
The three reasons for having a security policy are as follows:
• To inform users, staff, and managers
• To specify mechanisms for security
• To provide a baseline
A properly defined security policy does the following:
• Protects people and information
• Sets the rules for expected behavior
• Authorizes staff to monitor, probe, and investigate
ã Defines the consequences of violations
â 2012 Cisco and/or its affiliates. All rights reserved.
23
Security Policy Components
Components of a Comprehensive Security Policy
© 2012 Cisco and/or its affiliates. All rights reserved.
24
Secure Network Lifecycle Management
Organization-wide Integration of IT Governance, Risk
Management, Compliance
© 2012 Cisco and/or its affiliates. All rights reserved.
25