Extranet for Security Professionals Essential Services Analysis Heather

Review Business Mission - Central Repository of Security Information - Central Location for Information

ESP – Architecture The Internet Router Firewall Web Servers To: George Marty From: Steve

Topics of Today ESP Services overview Essential Services/Asset Analysis Essential Services/Asset Usage Scenario Essential

ESP Essential Services Site Administration Virtual Security Office (VSO) Collaboration Realm (CR) Organizational Management

Users ESP User VSO & CR Owners Site Manager Organizational Manager Site Administrator

Site Administration Maintain Hardware Assets Implement Hardware Security Process Database Management

Router Cisco 7200 128. 237. 144. 1 DNS Red. Hat 6. 2 IPchains IDS-1

Virtual Security Office Restricted Web Page Function - Information Sharing - Information Dissemination -

Collaboration Realm Function - Provide Selected Users with Areas to Collaborate on Projects Security

Organizational Management Functions l Access Control to ESP website l Validate Users l Enforce

Library The Library Tool is used to make common reports and documentation available on-line

Message Center ESP Internal “Post Office” Message never Leaves the Secure Web Server Users

Primary Users IP||TCP/UDP||SSL Client Work. Station Router (FW 1) IP||TCP/UDP||SSL Firewall-2 IDS DNS 1

Primary Users Router (FW 1) Client Work. Station Cisco 7200 128. 237. 144. 1

Future Plans Regular Saturday Team Meetings Planned Meeting with Client Goals: Find Vulnerabilities l

Slides: 22

Download presentation

Extranet for Security Professionals Essential Services Analysis Heather T. Kowalski Tong Xu Ying Hao Hui Huang Bill Halpin Oct. 31, 2000

Review Business Mission - Central Repository of Security Information - Central Location for Information Sharing - Secure Environment, Manageable Resource System Requirements - SECURITY OVER RELIABILITY - Exchange of Information - Responsible for Information Only While on ESP System - User Driven and Maintained System Environment - Dell Power Edge Servers - Windows NT 4. 0 (SP 6) - SSL - Cold Fusion Middleware - Only Minimal Options Activated System Architecture

ESP – Architecture The Internet Router Firewall Web Servers To: George Marty From: Steve Workstation

Topics of Today ESP Services overview Essential Services/Asset Analysis Essential Services/Asset Usage Scenario Essential Component Analysis

ESP Services Overview

ESP Essential Services Site Administration Virtual Security Office (VSO) Collaboration Realm (CR) Organizational Management Library Message Center

Users ESP User VSO & CR Owners Site Manager Organizational Manager Site Administrator

Site Administration Maintain Hardware Assets Implement Hardware Security Process Database Management

Router Cisco 7200 128. 237. 144. 1 DNS Red. Hat 6. 2 IPchains IDS-1 Firewall-2 Windows NT 4. 0 (SP 6) Hot Fixes Real. Secure 3. 2 Guardian Pro V 5 Windows NT 4. 0 (SP 6), Hot Fixes NES 3. 63 Red. Hat 6. 2 IPchains Windows NT 4. 0 (SP 6) Hot Fixes Real. Secure 3. 2 Web Server DNS IDS-2 Active. State Perl 5. 5 Cold Fusion 4. 5. 1 Tripwire 2. 2. 1 Console Database Visual Fox. Pro

Virtual Security Office Restricted Web Page Function - Information Sharing - Information Dissemination - Communication between Security Activity Groups Security Considerations Public Site - READ access for ALL users Private Site - Access granted by VSO Owner to CERTAIN users - Administrator Rights granted by VSO Owner to SPECIFIC users

Virtual Security Office

VSO Public View

VSO Private View

Collaboration Realm Function - Provide Selected Users with Areas to Collaborate on Projects Security Considerations - Owners have total control of access - View - Comment - Vote - Admin

Collaboration Realm

Organizational Management Functions l Access Control to ESP website l Validate Users l Enforce ESP Policy l Create Further Push Down of Management Security Considerations Site Manager grants Administrative Rights to Organizational Manager l Organizational Manager controls Users in Organization ONLY l

Organizational Management

Library The Library Tool is used to make common reports and documentation available on-line to all ESP users. The Library is Full Text Searchable.

Message Center ESP Internal “Post Office” Message never Leaves the Secure Web Server Users can be Notified via an External Mail System

Primary Users IP||TCP/UDP||SSL Client Work. Station Router (FW 1) IP||TCP/UDP||SSL Firewall-2 IDS DNS 1 IP||TCP/UDP||SSL DNS 2 IDS Web Server Database

Primary Users Router (FW 1) Client Work. Station Cisco 7200 128. 237. 144. 1 DNS Red. Hat 6. 2 IPchains IDS-1 Firewall-2 Windows NT 4. 0 (SP 6) Hot Fixes Real. Secure 3. 2 Guardian Pro V 5 IDS-2 Windows NT 4. 0 (SP 6) Hot Fixes Real. Secure 3. 2 Web Server Windows NT 4. 0 (SP 6), Hot Fixes DNS NES 3. 63 Red. Hat 6. 2 IPchains Active. State Perl 5. 5 Cold Fusion 4. 5. 1 Tripwire 2. 2. 1 Database Visual Fox. Pro

Future Plans Regular Saturday Team Meetings Planned Meeting with Client Goals: Find Vulnerabilities l Identify Compromisable Components l Simulate Intrusions & Attacks l Survivability Analysis l