Securing the Infrastructure In Brief
This chapter is made up of two parts. The first part provides insight into enterprise security problems and challenges that face many organizations today in the “Internet Age.” The Internet has changed the way people live, work, and play. Even more so, it has revolutionized the way business is conducted and the methods in which businesses communicate. More and more businesses are recognizing that the Internet provides them with a relatively inexpensive medium for conducting business on a global scale. Unfortunately, the Internet is missing a lot of key components, one of which is security. The Internet possesses an unlimited number of possibilities for enterprises, but enterprises must first weigh the risk of conducting business on the Internet against the security measures necessary to protect the business they are trying to conduct. As a result of the Internet, information traffic loads within the enterprise have increased exponentially, and so, too, has the business value of the infrastructure that supports the higher traffic loads, thereby increasing the risk of vulnerability to security breaches.
The second part of this chapter focuses on configuration of Cisco routers to ensure restricted and confidential access to network devices within the enterprise infrastructure. This chapter examines common features used to secure access to physical and logical interfaces and technologies used to effectively manage routing updates and control commonly exploited methods for gaining access into networking devices. It also examines what Simple Network Management Protocol (SNMP) is used
for within a network and methods used to secure SNMP access to networking devices. Finally, it examines the HTTP server function that a Cisco router can perform, the security risks associated with it, and the methods used to protect the router if this function is used.
Enterprise Security Problems
One of the major security problems that enterprises face today is that sophisticated and sometimes complicated security defenses are required to mitigate the newest threats posed by intruders and to provide a reduction in business vulnerabilities. Another major hurdle involves choosing whether or not a security solution is the proper fit for the business; a vast number of specialized products in the market only work in certain parts of the network and fail to provide a true end−to−end solution for the business. Security is a complicated subject in theory and in practice, and more often than not, is very difficult to implement, especially when the solution must provide end−to−end security.
To provide the utmost security to your network, you must first have an idea of what it is you are trying to protect. You must then decide what type of intruders you are trying to protect yourself from. Intruders can take on many forms, including the following:
Current employees ·
Former employees ·
Employees that misuse the environment ·
Thrill seekers ·
The most common terms used today to identify an individual who uses a computer to engage in mischievous behavior are “hacker” and “cracker.” A hacker is intensely interested in the innermost workings of any computer operating system. Most often, hackers are programmers. As such, they have advanced knowledge of operating systems and programming languages. They constantly seek further knowledge, freely share what they have discovered, and, almost never, intentionally damage data. Hackers are sometimes referred to as white−hats.
A cracker breaks into or violates the integrity of someone else’s system with malicious intent. Crackers gain unauthorized access, destroy vital data, deny service to legitimate users, or basically cause problems for their targets. Crackers are sometimes referred to as black−hats.
Types of Threats
The methods hackers and crackers use to gain unauthorized access into network devices are known as threats. Having a security problem is bad enough, but defying any effort to categorically group problems and define methods to protect against them, is the number, nature, and types of security threats that exist today. These defy any effort that attempts to categorically group and define methods to protect against problems. A generalized list of threats follows; the methods used to thwart these threats will be discussed later in this chapter as well as throughout this book:
- Unauthorized access—A network intruder can gain unauthorized access to networking devices through a variety of means, three of which are as follows:·
- Physical—If attackers have physical access to a machine, more often than not, they will be able to get in. The techniques used to gain access range from accessing the
device via the console to physically taking apart the system.
- System—System access assumes that the intruder already has a user account on the system. Proper privileges should be granted to the user such that he or she is authenticated and authorized only to do that which is deemed to be a function of his or her job duties.
Remote—Remote access involves intruders who attempt to penetrate the system remotely from across the Internet, through a dial−up connection, or on local or wide
area network. This type of intruder usually has no account privileges.
Eavesdropping—Eavesdropping is used to capture TCP/IP or other protocol packets, thus allowing the intruder to decode the contents of the packet using a protocol analyzer. “Packet sniffing” is a more common term used to describe the act of eavesdropping. Eavesdropping leads to information theft, like stolen credit card and social security numbers.
·Data manipulation—Data manipulation is simply the act of altering files on computers, vandalizing a Web site, or replacing FTP files.
Protocol weakness—The most−used protocol in circulation today is TCP/IP. This protocol was designed a long time ago. As a result, a number of its design flaws can lead to possible security problems, such as smurf attacks, IP spoofing, TCP sequence number prediction, and SYN floods. The IP protocol itself is a very trusting protocol; therefore, hackers are free to forge and change IP data.
Session replay—Intruders can eavesdrop on one or more users involved in a communication session and manipulate the data in such a manner according to the hack they are trying to perform.
This list does not by any means include all of the types of security threats. Its purpose is to give you a general idea of the number and types of methods intruders have at their disposal.
Enterprise Security Challenges
One the biggest challenges that IT managers face is choosing from among the vast number of security offerings and vendors in the market space. IT managers must weigh the cost of security products against things such as performance, manageability, and scalability. After sorting through each vendor, IT managers must choose the security solution that most uniquely adapts to and satisfies their business environment. The solution that is chosen must not be overly restrictive and must allow the business to enable new applications, innovations, and services as needed, without unnecessary challenges.
After IT managers choose a security solution that most adequately meets their specific needs, more often than not they find themselves having to develop a design that will allow them to smoothly integrate the solution into a network environment of products developed by different vendors. This usually adds to the cost of implementation and overall operation of the network. On top of that, IT managers must hire skilled security engineers or spend money from their budgets to adequately train their existing engineers to support the new technologies.
After an organization’s IT management has recognized the existence of security threats and has directed changes to improve its posture or information security process, they should formulate a plan to address the issue. The first step in implementing this plan is the development of a security policy.
Enterprise Security Policy
Request for Comments (RFC) 2196, Site Security Handbook, states that “A security policy is a formal statement of rules by which people who are given access to an organization’s technology and information must abide.” A security policy should not determine how an enterprise operates; instead, the business of the enterprise should dictate how a security policy is written. Business opportunities are what drive the need for security in the first place. The main purpose of a security policy is to inform anyone that uses the enterprise’s network of the requirements for protecting the enterprise’s technology and information assets. The policy should specify the mechanisms through which these requirements can be met. Of all the documents an organization develops, the security policy is one of the most important.
Prior to developing the security policy, you should conduct a risk assessment to determine the appropriate corporate security measures. The assessment helps to determine areas in which security needs to be addressed, how the security needs to be addressed, and the overall level of security that needs to be applied in order to implement adequate security controls. A risk assessment is a process whereby critical assets are identified and values are placed on the assets. You determine how much each asset is at risk of being compromised and how much you need to upgrade or add to it to meet your business needs.
To develop a security policy that is not overly restrictive for users, that balances ease of use with a certain level of security, and that is enforceable both technically and organizationally, the policy should contain, at a minimum, some of the topics in the following list:
Acceptable use policy—Spells out what users are allowed and not allowed to do on the various components within the network; this includes the type of traffic allowed on the network. The policy should be as explicit as possible to avoid any ambiguity or misunderstanding.
Remote access policy—Spells out to users acceptable or unacceptable behavior when they have connected to the enterprise via the Internet, a dial−up connection, a virtual private network (VPN), or any other method of remote connectivity.
Incident handling policy—Addresses planning and developing procedures to handle incidents before they occur. This document also creates a centralized group to be the
primary focus when an incident happens. The incident handling policy can be contained within the actual security policy, but due to corporate structure, this document often actually exists as a subdocument to the security policy.
Internet access policy—Defines what the enterprise considers to be ethical, proper use of its Internet connection.
Email policy—Defines the acceptable use of the enterprise’s email systems, including personal emails and Web−based email.
Physical security policy—Defines controls that pertain to physical device security and access.
After you’ve completed the enterprise security policy, the last step is to perform regular audits. Audits not only give you a baseline by which to judge what is deemed as normal activity or network behavior, they also, in many cases, produce results that will be the first alert in the detection of a security breach. Noticing unusual events within the network can help to catch intruders before they can cause any further damage.