Extranet for Security Professionals Essential Services Analysis

1
Extranet for Security ProfessionalsEssential
Services Analysis

• Heather T. Kowalski
• Tong Xu
• Ying Hao
• Hui Huang
• Bill Halpin
• Oct. 31, 2000

2
Review

• Business Mission - Central Repository of
  Security Information- Central Location for
  Information Sharing
• - Secure Environment, Manageable Resource
• System Requirements- SECURITY OVER RELIABILITY
• - Exchange of Information- Responsible for
  Information Only While on ESP System- User
  Driven and Maintained
• System Environment - Dell Power Edge Servers-
  Windows NT 4.0 (SP6)- SSL- Cold Fusion
  Middleware
• - Only Minimal Options Activated
• System Architecture

3
ESP Architecture
The Internet
Firewall
Router
Web Servers
To George Marty From Steve
Workstation
4
Topics of Today

• ESP Services overview
• Essential Services/Asset Analysis
• Essential Services/Asset Usage Scenario
• Essential Component Analysis

5
ESP Services Overview
6
ESP Essential Services

• Site Administration
• Virtual Security Office (VSO)
• Collaboration Realm (CR)
• Organizational Management
• Library
• Message Center

7
Users

• ESP User
• VSO CR Owners
• Site Manager
• Organizational Manager
• Site Administrator

8
Site Administration

• Maintain Hardware Assets
• Implement Hardware Security Process
• Database Management

9
DNS RedHat 6.2
Router Cisco 7200 128.237.144.1
IPchains
IDS-1 Windows NT 4.0 (SP6) Hot Fixes
Firewall-2 Windows NT 4.0 (SP6) Hot Fixes
IDS-2 Windows NT 4.0 (SP6) Hot Fixes
RealSecure 3.2
RealSecure 3.2
Guardian Pro V5
Web Server Windows NT 4.0 (SP6), Hot Fixes
Console
NES 3.63
Cold Fusion 4.5.1
Database
DNS RedHat 6.2
ActiveState Perl 5.5
Tripwire 2.2.1
IPchains
Visual FoxPro
10
Virtual Security Office

• Restricted Web Page
• Function- Information Sharing
• - Information Dissemination
• - Communication between Security Activity
  Groups
• Security ConsiderationsPublic Site
• - READ access for ALL users Private Site
• - Access granted by VSO Owner to CERTAIN users
• - Administrator Rights granted by VSO Owner to
  SPECIFIC users

11
Virtual Security Office
12
VSO Public View
13
VSO Private View
14
Collaboration Realm

• Function- Provide Selected Users with Areas to
  Collaborate on Projects
• Security Considerations- Owners have total
  control of access - View - Comment - Vote -
  Admin

15
Collaboration Realm
16
Organizational Management

• Functions
• Access Control to ESP website
• Validate Users
• Enforce ESP Policy
• Create Further Push Down of Management
• Security Considerations
• Site Manager grants Administrative Rights to
  Organizational Manager
• Organizational Manager controls Users in
  Organization ONLY

17
Organizational Management
18
Library

• The Library Tool is used to make common reports
  and documentation available on-line to all ESP
  users.
• The Library is Full Text Searchable.

19
Message Center

• ESP Internal Post Office
• Message never Leaves the Secure Web Server
• Users can be Notified via an External Mail System

20
Primary Users
Router (FW1)
IPTCP/UDPSSL
Client WorkStation
IPTCP/UDPSSL
Firewall-2
DNS1
IDS
IPTCP/UDPSSL
Database
Web Server
DNS2
IDS
21
Primary Users
DNS RedHat 6.2
Router (FW1) Cisco 7200 128.237.144.1
Client WorkStation
IPchains
IDS-1 Windows NT 4.0 (SP6) Hot Fixes
Firewall-2 Windows NT 4.0 (SP6) Hot Fixes
IDS-2 Windows NT 4.0 (SP6) Hot Fixes
RealSecure 3.2
RealSecure 3.2
Guardian Pro V5
Web Server Windows NT 4.0 (SP6), Hot Fixes
NES 3.63
Cold Fusion 4.5.1
Database
DNS RedHat 6.2
ActiveState Perl 5.5
Tripwire 2.2.1
IPchains
Visual FoxPro
22
Future Plans

• Regular Saturday Team Meetings
• Planned Meeting with Client
• Goals
• Find Vulnerabilities
• Identify Compromisable Components
• Simulate Intrusions Attacks
• Survivability Analysis