Suggested Security Architecture Overview
October 8, 2010The security architecture is the layout and design of hardware employed to protect private networks. Best practices dictate that the architecture of a private network linked to the internet be divided by four distinct barriers: front – end firewall, proxy server, web server and back-end-firewall. These barriers are ordered from outside internet access through each barrier to the internal application enterprise. Best practices also require the use of intrusion detection and application monitoring to enhance the security of the four barriers. The implementation of these security features will ensure that the web server will be protected from attacks.
External threats:
Screening router
Auditing of DMZ assets: mail, web, ftp
Firewall & IDS
Authenticated remote users- VPN, defense against cryptographic attacks and traffic analysis
Firewall and VPN leak detection, audit and user profiling
Back door detection
Internal threats:
Internal ids
Protection against clever VPN attacks, spoof, twin, theft, bandwidth, replay, cryptographic, traffic analysis
Network conversion analysis
Host conversion analysis
Internal authentication, compartmentalization
Using existing, rich data source: logs from routers, switches, hosts, workstations
Security policy audit and enforcement
Statistical behavior analysis for habit changes from norm
Internal Users
Intrusion Detection:
The enhance the security infrastructure, intrusion detection is an important piece to implementing best practices. An intrusion detection system consists of both network and host-based monitoring systems. Intrusion detection systems monitor the areas between security barriers to ensure intruders that breach a barrier are detected. If the system detects an intruder it sends out an alert to the web gateway administrators who will then be able to handle the intruder manually. It is critical to gather diagnostic data to identify on how the intrusion occurred to close the vulnerability. It is also important to gather data on the source of the intrusion for possible legal action. Network and host-based intrusion detection systems re defined.
As companies become more dependent upon communication across the Internet, Security features will be vital to their success as they have higher exposure to techno-theives.
Listed below are three considerations in the Internet security practices:
Look at security for electronic transactions as being part of a continuum of security concerns for the entire enterprise. An enterprise-wide security policy ensures that minimum standards are set at all pertinent levels: Network application and data. Individual commercial departments can then develop more detailed security policies for their unique applications based on the enterprise-wide standards.
Consider network infrastructure approaches that provide central, secure services for public access through the internet. Enterprise Network architectures that utilize internal and external firewalls to protect internal systems from un-authorized access from the external world is one example. This type of central service eliminates the duplication of effort and risks associated with individual commercial firewall management in the absence of uniform standards. Likewise, all types of remote access to commercial systems should be subject to uniform standards.
The level and type of security required for individual applications needs to be determined through an individual risk and cost/benefit analysis. Some applications, which are low-sensitivity and low-risk, may require only PIN-based authentication.
When determining the level of risk associated with particular transactions, it is helpful to consider questions such as the following.
How is the transaction processed now?
Does it require a signature? If so, is that signature currently authenticated in any way?
Is there a statue or regulation that requires privacy, confidentially or individual identification?
It is an area where easier access could have privacy ramifications?
Is this an area where there has been litigation or disputes in the past?
How much financial, legal or public relations / confidence exposures there for the agency, if there is a problem with this transaction?
www.bestitdocuments.com