U S Army Europe and Seventh Army Information

  • Slides: 11
Download presentation
U. S. Army Europe and Seventh Army Information Assurance in Large-Scale Practice International Scientific

U. S. Army Europe and Seventh Army Information Assurance in Large-Scale Practice International Scientific NATO Pf. P/PWP Conference on Security and Protection Of Information 10 May 2001 Threat w/ Global Reach Security Information Assurance Program Manager Efficiency Morale

U. S. Army Europe and Seventh Army Agenda • Network Setting • Current Network

U. S. Army Europe and Seventh Army Agenda • Network Setting • Current Network Defenses • Challenges • Road Ahead • Conclusions Information Assurance Program Manager

U. S. Army Europe and Seventh Army Setting: USAREUR NIPRnet • UK(2) • •

U. S. Army Europe and Seventh Army Setting: USAREUR NIPRnet • UK(2) • • • • • • • Balkans(6) • ca. 50, 000 systems in 2, 000 LAN • over 200 public websites • 35 Gateways to. . . - Department of Defense networks - the Internet • Wide Area Network managed and secured by 5 th Signal Command • Regional Campus Area Networks serviced by six Signal Bns • Local Area Networks often operated by individual military units Non-classified Internet Protocol Routed Network (NIPRnet) Information Assurance Program Manager

U. S. Army Europe and Seventh Army Setting: Security Implications • Internet Connectivity +

U. S. Army Europe and Seventh Army Setting: Security Implications • Internet Connectivity + Essential for logistics (commercial purchases) + Desirable for soldier morale and welfare – Exposes network to exploitation, viruses, and hackers Threat w/ Global Reach • Decentralized management (LAN) + Services are tailored to individual unit needs + Commanders balance their mission and risk – Consistent compliance with security policies is hard to ensure – Network is as secure as the weakest link Information Assurance Program Manager

U. S. Army Europe and Seventh Army Data Network Protection 1 – Policy and

U. S. Army Europe and Seventh Army Data Network Protection 1 – Policy and Program Bite-sized Policies - keep up with dynamic environment - established by a Council of Colonels Common - guide network, server, and user-level actions Security Standards IA Vulnerability Alerts (IAVA) - warn of weaknesses is operating systems - mandate acknowledgement and compliance with fixes IA Training Program (IATP) - Two-four weeks of network, security fundamentals - Systems Administrators, others w/ elevated rights Knowledgeable Computer User Testing and Agreement people - Must pass to have email/network account - A security awareness tool Information Assurance Program Manager

U. S. Army Europe and Seventh Army Data Network Protection 2 - Perimeter •

U. S. Army Europe and Seventh Army Data Network Protection 2 - Perimeter • UK(2) • • • • • • • Balkans(6) Minimize Exposure • at the 35 Gateways. . . Some Hacker Security Routers block: Threat Blocked - known hacker tools - unused/unauthorized services - selected geographic regions - previous sources of probes Intrusion Detection Systems: - monitored 24 hrs/7 days - DETECT dangerous activity Regional Computer Emergency Response Team-Europe (RCERT): - REACT to isolate / mitigate damage - teamwork with units, CID, CI Information Assurance Program Manager

U. S. Army Europe and Seventh Army Data Network Protection 3 – Campus &

U. S. Army Europe and Seventh Army Data Network Protection 3 – Campus & Local Area Network Tools Gateway Customer Routers & Firewalls Critical Servers Client PC Further Tailored Access Control Lists Reduce Strict Configuration Management Exposure - secure baselines provided by RCERT - compliance with all IA Vulnerability Alerts Firewalls and Virtual Private Networks: - RCERT assists planning and initial Focused installation and configuration Protection Host-based Intrusion Detection Regular Anti-virus and Vulnerability Scans Basics: Certification and accreditation; strong passwords; up-to-date anti-virus; no back-door connections; only approved software, etc. Information Assurance Program Manager

U. S. Army Europe and Seventh Army Network Protection Challenges Configuration Control • Hard

U. S. Army Europe and Seventh Army Network Protection Challenges Configuration Control • Hard to do • Units are inconsistent in meeting standards • Hackers exploiting known vulnerabilities with identified fixes Application of IA Tools • Limited progress below the network perimeter • Most units have not yet made plans to add them • Not enough experts if all units requested them now Not enough personnel resources for all IT/IA tasks; Inadequate inspections and checks on units; Anticipated network growth demands even more of decentralized security capability Information Assurance Program Manager

U. S. Army Europe and Seventh Army Road Ahead: Simplified Configuration Compliance • Make

U. S. Army Europe and Seventh Army Road Ahead: Simplified Configuration Compliance • Make secure baselines easier to apply • Provide matrices of known vulnerabilities by operating system and application – together with sources of fixes and ways to verify Load • Develop automated tools to assist units to securely configure new systems and check their own compliance with our Test standards OS Win 2 k App Work Station Exch Server Web Server Information Assurance Program Manager Win NT Solaris

U. S. Army Europe and Seventh Army Road Ahead: Regional Network Operations • •

U. S. Army Europe and Seventh Army Road Ahead: Regional Network Operations • • • • • Network Management • Information Dissemination Assurance Management • • 22 Network Service Centers - focus on Local Area Networks - help units apply security tools, identify vulnerabilities • 6 Network Ops & Security Centers - manage Campus Area Networks - support warfighting headquarters - visibility into network security status - enforce security compliance • Full-time IA specialists in most centers, bringing security together with Network Management and Info Dissemination Management Information Assurance Program Manager

U. S. Army Europe and Seventh Army Conclusions • For network security – just

U. S. Army Europe and Seventh Army Conclusions • For network security – just like combat – large organizations require decentralized decisions and actions, but common vision and standards: – Network security specialists available in all areas of the organization – Security standards that are simple to meet (not to be confused with simple standards) – Checks to enforce common standards • Network Security must be embedded in network operations Information Assurance Program Manager