Appendix B: Designing Policies for Managing Networks.
-
Upload
hector-mckenzie -
Category
Documents
-
view
218 -
download
0
Transcript of Appendix B: Designing Policies for Managing Networks.
Appendix B:Designing Policies for Managing Networks
Overview
Analyzing Risks to Managing Networks
Designing Security for Network Administrators
Lesson 1: Analyzing Risks to Managing Networks
What Is a Network Management Policy?
Why Network Management Policies Are Important
Common Threats to Network Management
A network management policy defines:A network management policy defines:
What Is a Network Management Policy?
Tools for managing the network
Users who can manage a network
Procedures for managing the network
Tools for managing the network
Users who can manage a network
Procedures for managing the network
Policy
Administrator
Tools
Procedures
Why Network Management Policies Are Important
External Attacker Internal Attacker
Attacker Threat Example
External Social engineering
An attacker calls the helpdesk of a company posing as a newly hired network administrator who needs to reset the password of a company official. The attacker uses the official’s account to steal company secrets.
Internal Unlocked workstation
An administrator logs on to a computer by using his administrator account, then leaves the computer unlocked before going to a meeting. An attacker uses the administrator’s computer to attack the network.
Common Threats to Network Management
Area Vulnerabilities
Network management model
Poor decisions about security
Accounts that have excessive administrative rights
Incomplete background checks of a prospective administrator
Access to information
Social engineering attacks that manipulate administrators
Sensitive information found by sifting through garbage
Diligence
Failure to lock unattended workstations and servers
Critical resources in unsecured physical locations
Failure to perform security tasks in a timely manner
ToolsUse of unapproved tools to manage a network
Failure to secure communication channels that are used to manage a network
Lesson 2: Designing Security for Network Administrators
Process for Designing Secure Management of Networks
Common Network Management Models
Guidelines for Delegating Administrative Control
Guidelines for Acceptable Use of Network Management Tools
Guidelines for Network Management Security
Guidelines for Protecting Against Social Engineering
When planning an audit policy, you must:When planning an audit policy, you must:
Optimize the network management model.
Determine who can manage the network.
Predict threats to managing the network.
Create a list of approved tools and techniques.
Design and create policies and procedures for managing the network.
Optimize the network management model.
Determine who can manage the network.
Predict threats to managing the network.
Create a list of approved tools and techniques.
Design and create policies and procedures for managing the network.
11
33
44
22
Process for Designing Secure Management of Networks
55
Common Network Management Models
Model Characteristics
Centralized
A small group makes all network management decisions
Network administration is performed from a central location
Strong security is provided at the expense of flexibility
Decentralized
Autonomous groups make many network management decisions
Network administration is performed at multiple locations
May be required by medium and large-sized networks that have geographical, geopolitical, or language complexities
OutsourcedTrusted third parties perform network management
Outsourcing can provide expertise that your organization may lack
HybridCentralize, decentralized, or outsourced models are combined
The most common network management model
Guidelines for Delegating Administrative Control
Task Guideline
Before you delegate administrative control to a new administrator
Perform a background check on the administrator during the hiring process
Educate the administrator about how to carry out the required administrative tasks
Ensure that the administrator understands the security policies and procedures of your organization
When you delegate administrative control
Always delegate the fewest privileges necessary to complete administrator tasks
Always audit network administration and review audit logs regularly
Consider job rotation and mandatory vacations for administrators who have Access to sensitive data
Define:Define:
Which tools will be used to manage the network.
How the tools will be used.
How the network will be managed remotely.
Which tools will be used to manage the network.
How the tools will be used.
How the network will be managed remotely.
Guidelines for Acceptable Use of Network Management Tools
Guidelines for Network Management Security
Function Guideline
Use of Administrator accounts
Place limits on administrator authority
Prohibit use of administrator account for daily use
Prohibit use of administrator rights to monitor employees
Use of administration tools
Specify how to use remote administration tools securely
Prohibit using attacker tools on the network without approval
Performance of daily tasks
Follow policies and procedures when completing frequently occurring tasks
Create and update log files for change management
Guidelines for Protecting Against Social Engineering
Ensure that administrators:Ensure that administrators:
Follow defined processes and procedures.
Are on alert for suspicious or unusual events.
Use caution when working with other employees whom they do no know personally.
Follow defined processes and procedures.
Are on alert for suspicious or unusual events.
Use caution when working with other employees whom they do no know personally.
Security Policy Checklist
Create policies and procedures for determining:Create policies and procedures for determining:
Network management models.
Who can manage the network.
Tools to manage the network.
How personnel will manage the network.
Network management models.
Who can manage the network.
Tools to manage the network.
How personnel will manage the network.