Technical Paper: Risk Assessment Essay
Technical Paper: Risk Assessment
The network diagram of Global Finance, Inc. (GFI) depicts the layout of the company’s mission critical systems. The company has two servers (Email and the Oracle database) which are used more than any of their other systems. GFI heavily depend on their network to be stable because of their financial systems that are running and any outage would negatively affect their operations and financial situation. Like all other business, customer satisfaction and the security of GFI’s network is crucial. In order to ensure their network and data is secure, GFI has begun to re-evaluate their network infrastructure. GFI has had some service interruptions that has cost them over $100,000 in revenue losses.
Description of GFI’s Network, Interconnection and Communication environment Global Finance Inc. Network
The Internet is made up of two 10GB connections.
Remote Dial up access via PSTN
VPN gateway connected to an Off-Site office
A DMZ network which is made up of 2 Border (Core) routers, which are connected to the 2 10GB internet connections. 2 Distribution Routers. 1 VPN gateway, 1 firewall, 1 RMS server and a PBX box that is connected to the PSTN remote access dial up network.
Above is a table that list the six departments. There is also a breakdown of the workstations and 26 printers per department.
There are 6 10GB Access Layer VLAN switches and 3 10GB Multi-Layer switches
There is also a Trusted Computing Base Internal Network that is locate inside of Global Finance Inc. Network that is made up of 1 SUS Server, 1Oracle 9i DB Server, 1 Microsoft 2000 Exchange Email Server, 1 File and Print Server, 1 Intranet Web Server and 7 Workstations.
Assess risk based on the Global Finance, Inc. Network Diagram scenario
The GFI network diagram depicts how fast the company in relation to the amount of network devices and other equipment. GFI network seems to be built to be resilient as well as being fault tolerant. However, the company has
failed to keep the networks security up to date in relation to the growth of the network. So the main focus should be on network security. GFI needs to implement equipment level policies that will strengthen its network security. These policies should include such things as: updated hardware configurations, well maintained and updated hardware firmware and OS’s, Intrusion detection systems, system backups, real-time monitoring of the network and hardware configurations, immediate investigation of any and all security issues that are related to the network infrastructure. Since GFI has experienced prior interruptions due to network attacks, it makes since to assume that it is more of a possibility that an interruption could occur. So in order to assess the risks to GFI’s network we can use a simple formula that includes means + motive x opportunity x business Impact over Controls that would equal the risks.
Below is a diagram of how the risk to the network will be determined.
I can make the following assumptions based on the network diagram and the other information that was supplied. The network design seems to lack proper firewall coverage.
Describe and defend your assumptions as there is no further information from this company. The company does not wish to release any security-related information per company policy.
The trusted computing base (TCB) internal network in the Global Finance, Inc. Network Diagram hosts the company’s mission critical systems without which the company’s operations and financial situation would suffer. The Oracle database and email systems are among the most intensively used application servers in the company. As we know, GFI cannot afford system outages because its cash flow and financial systems heavily depend on the network stability. GFI has experienced DOS network attacks twice this year and its Oracle database and email servers had been down for a week. The recovery process required GFI to use $25,000 to restore its operations back to normal. GFI estimated the loss from these network attacks at more than $100,000 including lost customer confidence.
Those who take care of all regular (non-security related) business needs of GIAC Enterprises. •Access to the corporate network
•Access to the data network indirectly
•No access to the remote network
•No access to the “service” network
The Employees of GIF includes all inside employees EXCEPT a group of employees designated as the “Security Team” who will perform the day-to-day tasks of doing business. All management will be considered to be among this group of employees and they will not be granted different access to services. Protocol summary for the Employees:
•HTTP (TCP 80)
•FTP data (TCP 21)
•SMTP (TCP 25)
•DNS (UDP 53)
The firewall provides a number of key features:
Security Proxies – used to apply rules to the contents of the TCP/IP packets. Stateful Dynamic Packet Filtering – used to build filtering rules based on the state of a connection.
1.Scan Detection – default protection from various common network scans.
2.Spoofing Protection – detect spoofing attempts and drops the packets
3.Site Blocking – prevents defined network from passing the “wall”
4.Port Blocking – prevents defined “dangerous” ports in TCP and UDP from entering
5.SYN flood Protection – stops SYN flood Denial of Service attacks
6.Dynamic NAT – hides internal addresses
7.URL Filtering – Uses a Cyber Patrol database to control internet browsing