DMZ for secure network (part 2)
On this article I will continue my last article about DMZ.Perhaps more important, including additional security zones in the form of DMZs limits the scope of systems vulnerabilities; compromised systems on untrusted or DMZ networks may present less of a potential threat to critical, internal-only systems. The DMZ design and flexibility contribute greatly to the administrator’s ability to ensure CIA and still provide services to those who need them.
Identifying Risks to Data
As we continue to review the basics of security, it is necessary to understand some of the risks that occur in relation to our data. One of the important things we have learned as systems operators and administrators is that it is paramount to protect the data that we are
charged with controlling, maintaining, and providing. We understand that there is a necessity to perform backup operations, provide disaster recovery services, and generally keep the information highly available and intact. While you prepare to develop your plan for protection, consider that there are now many more potential causes of data loss and corruption than at any time previously in the history of computing. Here are a few of the ways data can be lost:
? Hardware failure
? Power disruption
? External attacks:
? Enumeration of your network
? Access to confidential data
? Modification of critical data
? Destruction of data
? Internal attacks:
? Unauthorized access
? Theft of information
? Disclosure of information to others
? Destruction of data
? Natural and other disasters:
? Water, flooding
? Fire
? Ground movement
? Weather disasters (hurricanes, tornados, ice storms, others)
? War
Human and software failures:
? Inadvertent deletion of data
? Corruption of data
? Disregard for physical security of equipment/network
? Configuration errors
Are all these risks to data relevant to the DMZ? Although it’s possible that not all will relate directly to the consideration of your DMZ and its implementation, we’ll see that the overall planning required for the DMZ and its design must incorporate overall, systematic security planning.Thus, we must consider all these potential problem areas as risks when we plan to provide protection for the data sources in our systems.
Identifying Risks to Services
Maintaining the security of services being provided to partners, employees, and customers can be a difficult task.The continued growth of shared information and the availability of technologies providing network-based information and services to an ever-growing user base
outside our internal networks generate a number of risks to the information we provide. An additional sources of risk are created through the multitude of services we provide to the end user. With each passing day, customer demand for functionality grows. What was once simply e-mail, Web, and secure online purchasing now involves mobile technologies such as personal digital assistants (PDAs), mobile phones, and wireless services. New protocols and languages are developed to accommodate new functions but are delivered with evolving vulnerabilities that create risk to the services we offer individuals and companies outside our internal networks. Some of the things that can be classified as risks to services are:
Denial-of-service (DoS) attacks:
? Unauthorized use of services such as mail relaying
? Compromise of poorly configured system and services, such as:
? DNS server zone transfers
? Active and unprotected Telnet service
? File Transfer Protocol (FTP) server file root unsecured or not otherwise
protected
? Interception or diversion of services or service information
Unauthorized remote control of systems
As you can see, the risks of service disruption are not limited to failure of our systems; they also incorporate the risks of attack and lack of availability of services provided to us by others that could impact our operation. It must be understood that every service has inherent vulner-
abilities. Our job as security professionals is to fully identify, understand, and overcome these vulnerabilities through secure configuration and proper network design.To assist in this effort, the SANS Institute publishes the most common services vulnerabilities on its Web site, at
www.sans.org/top20. We must anticipate those risks as we design our security plans.
Identifying Potential Threats
As you prepare your overall security plan and DMZ, it is important that you identify and evaluate the potential risks and threats to your network, systems, and data.You must evaluate your risks thoroughly during the identification process and assign priority to the risks. This will help determine the order in which you gain funding and apply protection, thereby reducing the likelihood of loss resulting from those risks and threats if they materialize.This methodology should be applied to anything that could potentially disrupt, slow, or damage your systems, data, or credibility. Some potential threats to consider include:
? Outside hacker attacks:
? Trojans, worms, and virus attacks
? DoS or distributed denial-of-service (DDoS) attacks
? Compromise or loss of internal confidential information
? Network monitoring and data interception
? Internal attacks by employees
? Hardware failures
? Loss of critical systems
This identification process creates the basis for your security plan, policies, and implementation of your security environment.You should realize that this is an ongoing evaluation and is subject to change as conditions evolve within your company and its associated assets.
We have learned that security is a process and is never truly “finished.” However, a good basic evaluation goes a long way toward creating the most secure system that we can achieve.
