1 - ns overview

8/3/2019 1 - NS Overview

http://slidepdf.com/reader/full/1-ns-overview 1/16

Network Security

Overview

Information?

Assets?

Information and Assets

data stored on computers transmitted across

networks

printed out

written on a paper sent by fax

stored on disks

Information assets

Paper documents

Software assets

Physical assets

People

Company image and

Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview

spoken in conversationsover the telephone

Has value to organization .

Services



Protection of Integrity,

Network Security

Availability &

Confidentiality of

Network Assets and

Services from


Vulnerabilities

3

• Increased security increases cost of the

s stem.

Cost of Security

• Cost of security is a combination of many

factors:

Cost for decreased system performance Cost for increased system complexity


Increased operation and maintenance

cost

4



Security Vs Cost

Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview 5

•To make the decisions

concernin securit of

Security Vs Convenience

computer networks involve a

tradeoff between security

and convenience.•More security measures may


complaints from users.

6



Difficulty in Securing Network

Securin network is

more difficult than a

standalone computer

because of its

Connectivit


Complexity

7

Connectivity

More people are


connected.

Sometimes outsiders

through Internet or Extranet. One attacker in one computer may


pose potential threat to all the

connected computers.

Difficult to enforce discipline among

users.8




Complexity

of changes.

Multiple Operating

Systems.

Difficult to enforce


technical security

measures.

9

An asset is something to which an organization

assigns value.

Asset and Network Asset

sse requ res pro ec on.

Network Assets are:

Hardware Servers, Client stations, Communications devices

(router, bridge, hub, switch, gateway, modem etc.),Peripheral devices, Cables , UPS etc.


, ,tools , software under development etc.

Data /Information

Organization data: Database, e-mail, spreadsheet,Word processing etc.Network Data: Users access privileges, password, audittrail, network configuration and settings.User data: Personal processed data, user owned files,etc.



Threat is anything that

Threat

harm / loss to assets.

Threat would need to

exploit vulnerability of

the assets.


Threat can be accidental

or deliberate.

11

Threat (Contd.)

Malicious software

communication

lines/cables

Deterioration of

storage media Eavesdropping

Misuse of resources

Unauthorizednetwork access

Administrator error User error


ar ware a ure

Maintenance error

Transmission error

--- etc.

12



Vulnerability is

weakness associated

Vulnerability

with assets.

Weakness may be

exploited by threats

causing loss / damage


.

A vulnerability in itself does not cause harm

until exploited.

13

Vulnerability (Contd.)

Insufficient security Lack of identification

Lack of security

awareness

Inadequate

recruitment

procedures

mechanisms

Transfer of passwords in clear

Unprotected publicnetwork connections


Insufficient preventive

maintenance

management

…… etc

14



Threats & Vulnerabilities

Vulnerability Threat

Uncontrolled copying Theft

Unprotected communication lines Eavesdropping

Services having authentication

credentials are in clear text

Eavesdropping

Lack of proof of sending / receiving

message

repudiation

Dial-up lines Unauthorized access

Wireless network Unauthorized access


Uncontrolled Internet Access Malicious code(virus,

warm,trojans,spywares etc)

Poor network design Unauthorized network access

Poor network design Traffic overloading

15

A security risk is the potential that a

given threat will exploit

Security Risk

vulnerabilities to cause loss/damage

to asset and hence directly /

indirectly to the organization

It is a function of the impact of the


of the event occurring.

16



The process of identifying

securit risks and determinin

Risk Assessment

their magnitude.

Sometimes referred to as

risk analysis.


Risk Assessment (Contd.)

Risk Assessment produces an estimate of the

risk to an asset at a given point in time. It

answers the following questions

What can go wrong

How bad could it be

How likely is it to occur




Security for most organizations is in a

comfortable sleep in the lap of firewalls

Security ! Who Cares

an nt v rus-so tware

Lack of structured approach to deal with

security

Security looked upon as a static issue


oo cos y - n a u na pro em

Top management not concerned

19

30%Lack of training

Barriers to Security

10%

15%

20%

25%Pace of change

Poorly defined policy

Lack of management

support


0%

5%

Insufficient capital

budget

Complexity of

technology

PwC IT Security Survey20



Market reputation Technical

Management concerns Security measures

Solution

ISMS through

Risk

Assessment

Business continuity

Disaster recovery

Business loss

Loss of confidential

data

Procedural

Physical

Logical

Personnel


confidence

Legal liability

Cost of security

Management

21

ISMS Standards

ISO/IEC 27001

ISMS - Requirements

A specification

Used as a basis for certification

ISO/IEC 27002

A code of practice (not a specification)


Provides best practice guidance

Use as required within your business

Not for certification

22



Types of testing

Penetration Testing

Lookin the network in an Attacker’s e e from outside

the network.

Application Security Testing.

Vulnerability assessment

Review of network architecture and segmentation


Critically examine the network and its components for

their weakness in configuration and deployment.

23

Attack Types

External Attacks

carried through the Internal Attacks

carried through the

Company

Intranet


59% of the attacks are carried out using the Internet38% of the attacks are carried out by employees internally

24



Hacking life cycle

Reconnaissance Active / passive

Clearing

Gaining access Operating system level /

application level

Network level

Denial of service

Maintaining access

Tracks

Maintaining Access

Scanning


Uploading / altering /downloading programs or

dataCovering tracks

Gaining Access

25

Hacker’s starting points

www.netcraft.com

. .

www.defaultpassword.com

www.archive.org




Penetration testing

’


.

Helps to understand the security preparednessagainst evolving threats.

Unearths security vulnerabilities and configurationmistakes in the target system.

27

Vulnerability assessment


Detailed analysis of vulnerabilities present in theservers, operating systems and application,which can be exploited by external attackers orby an internal compromise.

28



VA - Review of configuration

Default installations are focused more .

In general, many unnecessary services

are present.

New vulnerabilities are discovered almost


.

29

Sources of Information

CERT-IN (www.cert-in.org.in)

. .

CERT Advisories, Incident Notes,

Vulnerability Notes …

SANS (www.sans.org)AUSCERT www.auscert.or .au


NIST (http://icat.nist.gov/icat.taf)

FIRST (www.first.org)

30



END of Session


1 - ns overview

Documents