Docstoc

ESP

Document Sample
ESP Powered By Docstoc
					   Extranet for Security
      Professionals
Essential Services Analysis

         Heather T. Kowalski
              Tong Xu
              Ying Hao
             Hui Huang
             Bill Halpin

            Oct. 31, 2000
                        Review
Business Mission
- Central Repository of Security Information
- Central Location for Information Sharing
- Secure Environment, Manageable Resource
System Requirements
- SECURITY OVER RELIABILITY
- Exchange of Information
- Responsible for Information Only While on ESP System
- User Driven and Maintained
System Environment
- Dell Power Edge Servers
- Windows NT 4.0 (SP6)
- SSL
- Cold Fusion Middleware
- Only Minimal Options Activated
System Architecture
                   ESP – Architecture
The Internet



                          Router      Firewall




                                   Web Servers
   To:   Geo rge
         Mar ty
   From: Ste ve




Workstation
     Topics of Today
ESP Services overview
Essential Services/Asset Analysis
Essential Services/Asset Usage Scenario
Essential Component Analysis
ESP Services Overview
ESP Essential Services
Site Administration
Virtual Security Office (VSO)
Collaboration Realm (CR)
Organizational Management
Library
Message Center
          Users
ESP User
VSO & CR Owners
Site Manager
Organizational Manager
Site Administrator
Site Administration
Maintain Hardware Assets
Implement Hardware
  Security Process
Database Management
                                            Router                   DNS
                                          Cisco 7200               RedHat 6.2
                                         128.237.144.1
                                                                   IPchains
                                IDS-1
                          Windows NT 4.0 (SP6)
                               Hot Fixes
   Firewall-2                                                    IDS-2
Windows NT 4.0 (SP6)        RealSecure 3.2                 Windows NT 4.0 (SP6)
     Hot Fixes                                                  Hot Fixes
    Guardian                                                 RealSecure 3.2
     Pro V5

                                Web Server                              Console
                         Windows NT 4.0 (SP6), Hot Fixes

                                          Cold Fusion
     DNS               NES 3.63
   RedHat 6.2                                4.5.1
                                                                   Database
   IPchains            ActiveState          Tripwire             Visual FoxPro
                        Perl 5.5             2.2.1
   Virtual Security Office
Restricted Web Page
Function
 - Information Sharing
 - Information Dissemination
- Communication between Security Activity Groups
Security Considerations
Public Site
 - READ access for ALL users
Private Site
 - Access granted by VSO Owner to CERTAIN users
 - Administrator Rights granted by VSO Owner to SPECIFIC users
Virtual Security Office
VSO Public View
VSO Private View
   Collaboration Realm
Function
- Provide Selected Users with Areas to Collaborate
on Projects
Security Considerations
- Owners have total control of access
    - View
    - Comment
    - Vote
    - Admin
Collaboration Realm
          Organizational
           Management
Functions
 Access   Control to ESP website
   Validate Users
   Enforce ESP Policy
   Create Further Push Down of Management

Security Considerations
Site Manager grants Administrative Rights to Organizational
Manager
Organizational Manager controls Users in Organization
ONLY
Organizational
 Management
                 Library
   The Library
Tool is used to
make common
reports and
documentation
available on-line to
all ESP users.
  The Library is
Full Text
Searchable.
           Message Center

 ESP Internal “Post Office”
  Message never Leaves the
Secure Web Server
 Users can be Notified via an
External Mail System
Primary Users
                             IP||TCP/UDP||SSL        Router
  Client WorkStation                                 (FW1)
                               IP||TCP/UDP||SSL


            Firewall-2            IDS             DNS1




                              IP||TCP/UDP||SSL



     DNS2              IDS      Web Server          Database
 Primary Users                          Router (FW1)                 DNS
                                          Cisco 7200               RedHat 6.2
Client WorkStation                       128.237.144.1
                                                                   IPchains
                                IDS-1
                          Windows NT 4.0 (SP6)
                               Hot Fixes
   Firewall-2                                                    IDS-2
Windows NT 4.0 (SP6)        RealSecure 3.2                 Windows NT 4.0 (SP6)
     Hot Fixes                                                  Hot Fixes
    Guardian                                                 RealSecure 3.2
     Pro V5

                                Web Server
                         Windows NT 4.0 (SP6), Hot Fixes

                                          Cold Fusion
     DNS               NES 3.63
   RedHat 6.2                                4.5.1
                                                                   Database
   IPchains            ActiveState          Tripwire             Visual FoxPro
                        Perl 5.5             2.2.1
        Future Plans
Regular Saturday Team Meetings
Planned Meeting with Client
Goals:
 Find Vulnerabilities
 Identify Compromisable Components

 Simulate Intrusions & Attacks

 Survivability Analysis

				
DOCUMENT INFO