Title: Extranet for Security Professionals Essential Services Analysis
1Extranet for Security ProfessionalsEssential
Services Analysis
- Heather T. Kowalski
- Tong Xu
- Ying Hao
- Hui Huang
- Bill Halpin
- Oct. 31, 2000
2Review
- Business Mission - Central Repository of
Security Information- Central Location for
Information Sharing - - Secure Environment, Manageable Resource
- System Requirements- SECURITY OVER RELIABILITY
- - Exchange of Information- Responsible for
Information Only While on ESP System- User
Driven and Maintained - System Environment - Dell Power Edge Servers-
Windows NT 4.0 (SP6)- SSL- Cold Fusion
Middleware - - Only Minimal Options Activated
- System Architecture
3ESP Architecture
The Internet
Firewall
Router
Web Servers
To George Marty From Steve
Workstation
4Topics of Today
- ESP Services overview
- Essential Services/Asset Analysis
- Essential Services/Asset Usage Scenario
- Essential Component Analysis
5ESP Services Overview
6ESP Essential Services
- Site Administration
- Virtual Security Office (VSO)
- Collaboration Realm (CR)
- Organizational Management
- Library
- Message Center
7Users
- ESP User
- VSO CR Owners
- Site Manager
- Organizational Manager
- Site Administrator
8Site Administration
- Maintain Hardware Assets
- Implement Hardware Security Process
- Database Management
9DNS RedHat 6.2
Router Cisco 7200 128.237.144.1
IPchains
IDS-1 Windows NT 4.0 (SP6) Hot Fixes
Firewall-2 Windows NT 4.0 (SP6) Hot Fixes
IDS-2 Windows NT 4.0 (SP6) Hot Fixes
RealSecure 3.2
RealSecure 3.2
Guardian Pro V5
Web Server Windows NT 4.0 (SP6), Hot Fixes
Console
NES 3.63
Cold Fusion 4.5.1
Database
DNS RedHat 6.2
ActiveState Perl 5.5
Tripwire 2.2.1
IPchains
Visual FoxPro
10Virtual Security Office
- Restricted Web Page
- Function- Information Sharing
- - Information Dissemination
- - Communication between Security Activity
Groups - Security ConsiderationsPublic Site
- - READ access for ALL users Private Site
- - Access granted by VSO Owner to CERTAIN users
- - Administrator Rights granted by VSO Owner to
SPECIFIC users
11Virtual Security Office
12VSO Public View
13VSO Private View
14Collaboration Realm
- Function- Provide Selected Users with Areas to
Collaborate on Projects - Security Considerations- Owners have total
control of access - View - Comment - Vote -
Admin
15Collaboration Realm
16Organizational Management
- Functions
- Access Control to ESP website
- Validate Users
- Enforce ESP Policy
- Create Further Push Down of Management
- Security Considerations
- Site Manager grants Administrative Rights to
Organizational Manager - Organizational Manager controls Users in
Organization ONLY
17Organizational Management
18Library
- The Library Tool is used to make common reports
and documentation available on-line to all ESP
users. - The Library is Full Text Searchable.
19Message Center
- ESP Internal Post Office
- Message never Leaves the Secure Web Server
- Users can be Notified via an External Mail System
20Primary Users
Router (FW1)
IPTCP/UDPSSL
Client WorkStation
IPTCP/UDPSSL
Firewall-2
DNS1
IDS
IPTCP/UDPSSL
Database
Web Server
DNS2
IDS
21Primary Users
DNS RedHat 6.2
Router (FW1) Cisco 7200 128.237.144.1
Client WorkStation
IPchains
IDS-1 Windows NT 4.0 (SP6) Hot Fixes
Firewall-2 Windows NT 4.0 (SP6) Hot Fixes
IDS-2 Windows NT 4.0 (SP6) Hot Fixes
RealSecure 3.2
RealSecure 3.2
Guardian Pro V5
Web Server Windows NT 4.0 (SP6), Hot Fixes
NES 3.63
Cold Fusion 4.5.1
Database
DNS RedHat 6.2
ActiveState Perl 5.5
Tripwire 2.2.1
IPchains
Visual FoxPro
22Future Plans
- Regular Saturday Team Meetings
- Planned Meeting with Client
- Goals
- Find Vulnerabilities
- Identify Compromisable Components
- Simulate Intrusions Attacks
- Survivability Analysis