extranet for security professionals essential services analysis heather t. kowalski tong xu ying hao...
Post on 20-Dec-2015
218 views
TRANSCRIPT
Extranet for Security Professionals
Essential Services Analysis
Heather T. Kowalski
Tong Xu
Ying Hao
Hui Huang
Bill Halpin
Oct. 31, 2000
ReviewBusiness Mission - Central Repository of Security Information- Central Location for Information Sharing- Secure Environment, Manageable Resource
System Requirements- SECURITY OVER RELIABILITY- Exchange of Information- Responsible for Information Only While on ESP System- User Driven and Maintained
System Environment - Dell Power Edge Servers- Windows NT 4.0 (SP6)- SSL- Cold Fusion Middleware- Only Minimal Options Activated
System Architecture
ESP – Architecture
Workstation
FirewallRouter
Web Servers
The Internet
To: George MartyFrom: Steve
Topics of Today
ESP Services overview
Essential Services/Asset Analysis
Essential Services/Asset Usage Scenario
Essential Component Analysis
ESP Services Overview
ESP Essential Services
Site Administration
Virtual Security Office (VSO)
Collaboration Realm (CR)
Organizational Management
Library
Message Center
Users
ESP User
VSO & CR Owners
Site Manager
Organizational Manager
Site Administrator
Site Administration
Maintain Hardware Assets
Implement Hardware Security Process
Database Management
RouterCisco 7200
128.237.144.1
Web ServerWindows NT 4.0 (SP6), Hot Fixes
DNSRedHat 6.2
Firewall-2Windows NT 4.0 (SP6)
Hot Fixes
DatabaseDNS
RedHat 6.2NES 3.63
Cold Fusion4.5.1
ActiveStatePerl 5.5
Tripwire2.2.1
IPchains
IPchains
GuardianPro V5
IDS-2Windows NT 4.0 (SP6)
Hot Fixes
RealSecure 3.2
IDS-1Windows NT 4.0 (SP6)
Hot Fixes
RealSecure 3.2
Visual FoxPro
Console
Virtual Security Office
Restricted Web PageFunction- Information Sharing - Information Dissemination
- Communication between Security Activity Groups
Security ConsiderationsPublic Site - READ access for ALL users Private Site - Access granted by VSO Owner to CERTAIN users
- Administrator Rights granted by VSO Owner to SPECIFIC users
Virtual Security Office
VSO Public View
VSO Private View
Collaboration Realm
Function- Provide Selected Users with Areas to Collaborate on Projects
Security Considerations- Owners have total control of access
- View- Comment- Vote- Admin
Collaboration Realm
Organizational Management
Functions Access Control to ESP website
Validate Users
Enforce ESP Policy
Create Further Push Down of Management
Security Considerations Site Manager grants Administrative Rights to Organizational Manager
Organizational Manager controls Users in Organization ONLY
Organizational Management
Library The Library
Tool is used to make common reports and documentation available on-line to all ESP users.
The Library is Full Text Searchable.
Message Center
ESP Internal “Post Office”
Message never Leaves the Secure Web Server
Users can be Notified via an External Mail System
Primary Users
Client WorkStation
Router (FW1)
Firewall-2
DNS2 IDS Web Server
DNS1
Database
IP||TCP/UDP||SSL
IDS
IP||TCP/UDP||SSL
IP||TCP/UDP||SSL
Primary Users
Client WorkStation
Router (FW1)Cisco 7200
128.237.144.1
Web ServerWindows NT 4.0 (SP6), Hot Fixes
DNSRedHat 6.2
Firewall-2Windows NT 4.0 (SP6)
Hot Fixes
DatabaseDNS
RedHat 6.2NES 3.63
Cold Fusion4.5.1
ActiveStatePerl 5.5
Tripwire2.2.1
IPchains
IPchains
GuardianPro V5
IDS-2Windows NT 4.0 (SP6)
Hot Fixes
RealSecure 3.2
IDS-1Windows NT 4.0 (SP6)
Hot Fixes
RealSecure 3.2
Visual FoxPro
Future Plans
Regular Saturday Team Meetings
Planned Meeting with Client
Goals:Find Vulnerabilities Identify Compromisable ComponentsSimulate Intrusions & AttacksSurvivability Analysis