Network Security Fundamentals [Electronic resources] نسخه متنی

Network DesignPrinciples

The fundamental principles of network design call for dividing the network into manageable blocks. This division ensures that the network can function within the specifications, performance, and scale limits of the required applications, protocols, and network services.

The network infrastructure itself is an important component in the design process because it transports the application and network-management traffic. The designed network infrastructure must meet at least three high-level goals:

• It should provide timely, reliable, and secure data transport.

• It should be adaptable to satisfy ever-changing application demands.

• The cost of future growth needed for business or information expansion should be appropriate to the extent of the required changes.

Building a network infrastructure requires considerable planning, designing, modeling, and, most important, information gathering. Network designers have many technologies to consider. The functionality of the selected technology and networking equipment is important because the equipment must conform to standards to provide interoperability and must be able to perform the tasks required by the network architecture.

The network architecture, an intermediate network design, provides a blueprint for the detailed design activities required to realize a functioning network infrastructure. When designing networks, it is important to look at the resources you have available to implement the new network architecture. You must also be sensitive to the quantity and quality of the resources available to operate and manage the network.

Top-Down Design Practices

One of the basic requirements for a successful implementation and strategic use of a computer network and the Internet is the engagement of the top executives, particularly an organization's CEO, during the design phase. Strategic and secure use of the Internet to extend the organization's reach outward to customers, clients, vendors, and partners cannot really become a core part of an organization's business philosophy until all the top executives assume an active leadership role in the process. Top executive support speeds the development of an organization's Internet capabilities; when the company's CEO, CIO, or CTO recognizes that the efficiencies enabled by the Internet are the key to future growth and survival, cultural transitions and adoption rates are bound to happen faster.

It is good practice to perform a periodic executive review and to restate or revise an organization's goals. Given the effort required to gather input from the various constituencies and the value of executive time, many organizations undertake executive review annually. For instance, the leadership team of Cisco selected "Leadership in Internet capabilities in all functions" as one of its top three goals. Every group throughout the company identified areas in which the Internet could impact its business sector, defined how it could become one of the best in those sectors, and regularly reported progress on those plans. In other words, the Cisco Internet strategy was integrated with each group's business strategies, and each group was required to develop measurable and reportable results. Getting executive support not only aids in the allocation of necessary resources, but also sends the right message throughout the company. At the end of the day, the entire company needs to be involved in promoting secured network-enabled business initiatives as part of the overall business strategy.

Requirements and Constraints

A secure network design is an exercise in meeting new and old requirements while also working with certain constraints. These constraints can be technological, social, political, or economic.

Technological Constraints

The impact of technological developments is obvious. Technological developments are used to implement the latest global network business models and network virtual organizations. In conjunction, they are responsible for supporting the changing needs of consumers and society in general.Physical Security Issues" section later in this chapter.

Social Constraints

Manpower, or labor in general, is a clear concern in any network design. The more often a task must be executed (for instance, the amount of effort and skill required to connect a new user to the network or to expand the capacity of the network infrastructure), the more the design should focus on making that particular task simple and efficient to manage. Including network-management services in the design can mitigate some of the labor concerns through the automation of monitoring and reporting functions. This automation should reduce the quantity of highly skilled employees required for the ongoing operation of the network.

Political Constraints

Political concerns include the compulsory use of standards and installed applications that are difficult to understand, implement, and use. These political concerns are internal company politics and not necessarily driven by governmental policy.

Some organizations might have a prearranged single-vendor partnership agreement, whereas other team members desire a multivendor type of environment. These partnership arrangements are often necessary to meet the business requirements of the company. By selecting a single partner, an organization can meet the business challenge of building a network with an integrated, intelligent design that accommodates business growth. The design should make it easy and cost effective to add new features, and technology can maximize the total value of network ownership.

Economic Constraints

Economic constraints play a major role for all network designers. Doing more with less is a common requirement, partially enabled by advances in semiconductor technology. Even when there is a mandate to "achieve the best possible service at the lowest possible cost," there are design consequences. Common areas of design compromise for minimizing network acquisition and operations costs include wide area network (WAN) bandwidth, quality-of-service (QoS) guarantees, availability, security, and manageability. Other requirements with a lower priority or less visibility are deferred to later implementation phases or cancelled.

Design Activities, Tools, and Techniques

During the network-design process, tools are available to facilitate some of the activities. Some of the activities supported by tools include network auditing, traffic analysis, and network simulation. The choice of tools is determined by the value of the network investment and the consequences of network failure. This section discusses some of the tools and techniques used in today's network-design process for auditing networks and analyzing and simulating network traffic.

Having tools available to support every stage of the design process helps to

• Reduce risk
  The risk of adding new equipment in the network

• Increase understanding
  How certain components work in your environment

• Improve responsiveness to design opportunities
  Quickly obtain technical analysis and business cases

Auditing and Analyzing an Existing Network

Network audit tools help you to generate specific reports on certain parts of your network and to analyze how these segments of the network are performing. The network audit process should provide detailed recommendations to address the challenges, opportunities, and problems identified in the audit. The audit also help the network-engineering team proactively identify and resolve potential network troubles before major problems are encountered.

Following is a list of reports that are often generated as part of a network audit:

• Performance

• Configuration

• Software

• Hardware

In general, a network audit identifies specific opportunities to improve network utilization, availability, and stability, resulting in a reduced operation cost and a maximum return on the investment in the network infrastructure.

NOTE

A network security audit uses tools to audit the state of the implemented security policy and to enhance the usability and effectiveness of network security solutions. The auditing of a network is an ongoing process because network administrators cannot recognize abnormal situations unless they know the look of normal situations.

Network traffic analysis collects and analyzes data, which allows the network designer to balance the network load, troubleshoot and resolve network problems, optimize network performance, and plan future network growth. Traffic analysis is often performed as part of a network audit to generate performance reports.

The analysis tools help engineers and network designers better understand traffic patterns in the network. Many analysis-tool suites are on the market. Some provide only basic calculations. Others give extensive detail, including a complex analysis of traffic patterns, capacity availability, delay, and operational stability. Some tools allow the designer to rerun the analysis as the design is developed. Traffic analysis conducted during deployment allows timely adjustment of the design based on issues encountered at various locations or times.

Simulating Network Traffic

Network simulation has at least two distinct realizations. The first models the network using software to emulate the traffic sources and sinks (drop offs), network devices, and the links that connect them. By varying model parameters, the designer can approximate the impact of more or less traffic demand or network resources. Although simulation software is expensive, for a large network it is far less expensive than building a flawed design. The second kind of simulation uses special hardware and software to generate traffic for injection into a live network for subsequent traffic analysis.

This testing activity is useful for

• Validating and adequately testing QoS

• Testing latency

• Checking adaptive protocols

• Testing multicasting

Traffic generation is also appropriate for estimating how the existing network responds as you add new applications and services. Dynamic bandwidth utilization and latency are relatively difficult to estimate compared to simple traffic delivery. Loss is relatively obvious. You can use adaptive protocols and applications with traffic generators to validate the expected behaviors.

Defense in Depth

As the risks and challenges related to network security grow, organizations should take a systematic and multitiered approach to planning and deploying secure network infrastructures.

Defense in depth is a practical strategy for achieving efficient security solutions by establishing multiple overlapping layers and countermeasures. This strategy ensures that even when an intruder or attacker is able to penetrate a company's network, other security systems (the second line of defense) detect and prevent the attack before unauthorized access takes place.

The defense in depth strategy rests on several principles:

• Layered defenses
  First, second, and so on lines of defense

• Defenses residing in multiple locations
  At network boundaries, in different security zones, on servers, in applications, and so on

• Robust defenses
  Balance between protection capabilities and cost, a stronger defense at network boundaries than on servers, and so on

The SAFE Blueprint for network security from Cisco offers a defense-in-depth, modular approach to security that can evolve and change to meet the needs of different organizations. The following link provides a reference to the SAFE Blueprint for Enterprise Networks: