CIS 288 WEEK 1: Designing a Secure Network Framework Slide 1 Introduction Welcome to week 1 of C-I-S 288: Security Design

in a Windows 2003 Environment. This course will provide you with the knowledge and skills needed to design security in a Windows 2003 environment. Topics covered include controlling access to resources, auditing access to resources, authentication, and encryption. Emphasis will be on the analysis needed to produce an integrated security design. In this first week we will discuss designing a secure network framework. Next Slide: Slide 2 Objectives When you complete this lesson you will be able to: Analyze Business Requirements for Security Design; Determine Requirements for Securing Data; Analyze existing Current Security Practices; Design a Framework for Implementing Security; And Analyze Technical Constraints when Designing Security. Next Slide:

Slide 3

Analyzing Business Requirements for Security Design

Organizations will make an investment in network security to protect their data and resources, or assets, from anything that might damage those assets, or threats. A companys assets can include physical inventory such as server hardware and software, and intellectual property such as the source code to an application or a trade secret. Its relatively simple to assign a dollar value to a piece of equipment or real estate; any loss in this area is called a quantitative loss. Threats to things like intellectual property and reputation are far more difficult to nail down to a hard-and-fast number, so losses this area are referred to as being qualitative. Corporate security policies create a baseline for

performing security-related duties in a systematic and consistent fashion based on your organizations information security requirements. In many cases, these policies will extend beyond the borders of the I-T Department and involve areas of Human Resources, Finance, and Legal Departments attempting to address compliance and reporting issues specific to a given industry. Security policies typically fall into one of three categories. They include: physical policies, technical policies, and administrative policies. When designing a plan for securing a Windows environment, your first step should be analyzing any existing security policies and procedures with an eye to how they can be improved to meet the security needs of your organization. Slide 4 Analyzing Business Requirements for Security Design (continued) Next Slide: A common component of many enterprise security policies is an Acceptable Use Policy, often called an A-UP. This means precisely what it sounds like, an A-U-P is a document that details the types of activity that are permitted on a corporate network. The A-U-P is also an appropriate place to discuss what level of privacy an employee can expect on a corporate network. While many companies hold that reasonable personal use of resources like e-mail and Internet access are allowable, you need to specify whether things like network traffic and e-mail messages will be subject to monitoring. We will now discuss privacy versus security. Privacy is best defined as freedom from the intrusion of others in ones personal life or affairs. Privacy and security are related topics, but are not synonymous: information security is concerned with protecting sensitive information from anyone who doesnt have appropriate access to it, while privacy is more of a customer-centric concept concerned with meeting a person or organizations preferences for how information concerning them should be handled. When considering your companys privacy policy, remember that I-T and security professionals themselves can sometimes introduce risks to the privacy of information because of their nearly unlimited access to network data and resources. While you might like to think

all I-T professionals have integrity, security professionals themselves should be aware of and subject to privacy measures to ensure the integrity of customer data. Next Slide:

Slide 5

Determining Requirements for Securing Data

No matter what kind of data you are dealing with, your task as a security professional is to ensure that it remains accessible, intact, and private. When securing data, a common phrase that you should be familiar with is C-I-A, which stands for confidentiality, integrity, and availability. Taken as a whole, these are the three most important areas to consider when attempting to secure your networks assets and resources. The C-I-A triad makes up all the principles of network security design. Depending on the nature of the information youre securing, some of the principles might have varying degrees of importance to you. However, all three will come into play at some point during the design process. Next Slide: A step that is commonly overlooked in designing any network is examining where a company or network is at currently. Evaluating a companys existing security infrastructure will illustrate where any gaps or holes currently exist that need to be addressed by the new security design; it will help you determine how much actually needs to be changed or updated, rather than wholly reinventing the wheel. Your evaluation of current security practices should extend not only to administrative policies issued by I-T or Human Resources, but also any technical measures that are already in place or lacking. Windows 2003 offers a new tool that will assist you in listing and troubleshooting any existing security settings on a network that have been applied through Group Policy

Slide 6

Analyzing Current Security Practices

Objects, or G-P-Os. Resultant Set of Policy, or R-So-P, is particularly useful in determining how existing G-P-Os have been applied, and determining which settings have or have not been applied to a specific user or group. Next Slide:

Slide 7

Designing a Framework for Implementing Security

Designing a secure network framework can be broken into four conceptual pieces. They include: Attack prevention, attack detection, attack isolation, and attack recovery. While the measures discussed in this course are specific to different aspects of the Windows Server 2003 infrastructure, each topic will map back to one of these four key principles. This can include disabling unnecessary Windows services to prevent network attacks, installing an I-D-S to alert you of any suspicious network activity, or designing an Incident Response Plan to facilitate recovery from an attack. To adequately prevent attacks against your network, youll first need to determine what form they might actually take. Youll look at the Stride model of classifying network attacks as a starting point for both attack prevention and detection. While the number of network attacks has grown exponentially in recent time, understanding how a specific threat is acting against your network will greatly assist you in acting to circumvent any damage. Another component of attack prevention is Risk Management, where you prioritize your resources to create a secure yet cost-effective network structure. Finally, youll look at Incident Response as a way to both detect and respond to any malicious activity on your network. Next Slide:

Slide 8

Analyzing Technical Constraints when Designing Security

While it would be ideal to design a security system using all of the latest and greatest technology, budgetary constraints can often limit the scope of a network security design. Perhaps an organization supports satellite offices with down-level operating systems and they have not allocated funds to upgrade the hardware to be able to support the latest Windows operating system. Your design will need to provide the highest level of security possible, based on the technology that you have to work with. Before you can begin planning a Windows Server 2003 implementation, you need to determine if your existing computer and networking hardware will support this new technology. If an organization requires the security options offered by Windows Server 2003 but their current hardware will not support it, they will either need to allocate funds for upgrades or else obtain new hardware altogether. Bandwidth requirements are not quite as critical from a security standpoint, since security settings will be propagated to all clients and servers regardless of the speed of their connection. Before creating a network security design that calls for specific technologies, be sure to ascertain that the clients infrastructure can support the specifics of that design. Otherwise, a plan that looks good on paper will not be one that you will be able to successfully implement for your client. Next Slide:

Slide 9

Analyzing Technical Constraints when Designing Security (continued)

Windows Server 2003 maintains a high level of backward compatibility with Windows 2000 and Windows N-T four-point-zero computing environments, but its important to keep in mind that these earlier versions will not be able to take advantage of all of the security enhancements available to Windows Server 2003. Windows N-T-four still relies heavily on Net-Bios and Wins to communicate between machines on a network, rather than using D-N-S, which is becoming the Microsoft standard. The Net-Bios ports are well-known point of attack, and should be protected by a firewall or router so that an external attacker cannot use them to damage NetBios based systems.

In a large enterprise environment, Windows administrators often need to be able to integrate Microsoft technologies with server and client products from third-party vendors. The introduction of other operating systems and services, such as Unix, D-N-S and M-I-T Kerberos, presents unique challenges when creating your security design. Finally, when supporting non-Microsoft clients such as Macintosh, you need to ensure that the clients have a common protocol installed so that they can communicate with the Windows network, and that this protocol meets your organizations security requirements. Next Slide: Slide 10 Summary We have reached the end of this lesson. Lets take a look at what we have covered. Discussed first were Business Requirements for Security Design. Organizations will make an investment in network security to protect their data and resources, or assets, from anything that might damage those assets, or threats. Corporate security policies create a baseline for performing security-related duties in a systematic and consistent fashion based on your organizations information security requirements. Security policies typically fall into one of three categories. They include: physical policies, technical policies, and administrative policies. Next we discussed how to Determine Requirements for Securing Data. No matter what kind of data you are dealing with, your task as a security professional is to ensure that it remains accessible, intact, and private. When securing data, a common phrase that you should be familiar with is C-I-A, which stands for confidentiality, integrity, and availability. This followed with a discussion on Current Security Practices. Your evaluation of current security practices should extend not only to administrative policies issued by IT or Human Resources, but also any technical measures that are already in place or lacking. Next we discussed Designing a Framework for Implementing Security. Designing a secure network framework can be broken into four conceptual pieces.

They include: Attack prevention, attack detection, attack isolation, and attack recovery. We concluded the lesson with a discussion on Analyzing Technical Constraints when Designing Security. While it would be ideal to design a security system using all of the latest and greatest technology, budgetary constraints can often limit the scope of a network security design. Before you can begin planning a Windows Server 2003 implementation, you need to determine if your existing computer and networking hardware will support this new technology. In a large enterprise environment, Windows administrators often need to be able to integrate Microsoft technologies with server and client products from thirdparty vendors. The introduction of other operating systems and services, such as Unix, D-N-S and M-I-T Kerberos, presents unique challenges when creating your security design.