Extranet for Security
Professionals
Essential Services Analysis
Heather T. Kowalski
Tong Xu
Ying Hao
Hui Huang
Bill Halpin
Oct. 31, 2000
Review
Business Mission
- Central Repository of Security Information
- Central Location for Information Sharing
- Secure Environment, Manageable Resource
System Requirements
- SECURITY OVER RELIABILITY
- Exchange of Information
- Responsible for Information Only While on ESP System
- User Driven and Maintained
System Environment
- Dell Power Edge Servers
- Windows NT 4.0 (SP6)
- SSL
- Cold Fusion Middleware
- Only Minimal Options Activated
System Architecture
ESP – Architecture
The Internet
Router
Firewall
Web Servers
To:
George
Marty
From: Steve
Workstation
Topics of Today
ESP Services overview
Essential Services/Asset Analysis
Essential Services/Asset Usage Scenario
Essential Component Analysis
ESP Services Overview
ESP Essential Services
Site Administration
Virtual Security Office (VSO)
Collaboration Realm (CR)
Organizational Management
Library
Message Center
Users
ESP User
VSO & CR Owners
Site Manager
Organizational Manager
Site Administrator
Site Administration
Maintain Hardware Assets
Implement Hardware
Security Process
Database Management
Router
DNS
Cisco 7200
128.237.144.1
RedHat 6.2
IPchains
IDS-1
Firewall-2
Windows NT 4.0 (SP6)
Hot Fixes
Windows NT 4.0 (SP6)
Hot Fixes
RealSecure 3.2
Guardian
Pro V5
Windows NT 4.0 (SP6), Hot Fixes
NES 3.63
RedHat 6.2
IPchains
Windows NT 4.0 (SP6)
Hot Fixes
RealSecure 3.2
Web Server
DNS
IDS-2
ActiveState
Perl 5.5
Cold Fusion
4.5.1
Tripwire
2.2.1
Console
Database
Visual FoxPro
Virtual Security Office
Restricted Web Page
Function
- Information Sharing
- Information Dissemination
- Communication between Security Activity Groups
Security Considerations
Public Site
- READ access for ALL users
Private Site
- Access granted by VSO Owner to CERTAIN users
- Administrator Rights granted by VSO Owner to SPECIFIC users
Virtual Security Office
VSO Public View
VSO Private View
Collaboration Realm
Function
- Provide Selected Users with Areas to Collaborate
on Projects
Security Considerations
- Owners have total control of access
- View
- Comment
- Vote
- Admin
Collaboration Realm
Organizational
Management
Functions

Access Control to ESP website

Validate Users

Enforce ESP Policy

Create Further Push Down of Management
Security Considerations
Site Manager grants Administrative Rights to Organizational
Manager

Organizational Manager controls Users in Organization
ONLY

Organizational
Management
Library
The Library
Tool is used to
make common
reports and
documentation
available on-line to
all ESP users.
The Library is
Full Text
Searchable.
Message Center
ESP Internal “Post Office”
Message never Leaves the
Secure Web Server
Users can be Notified via an
External Mail System
Primary Users
IP||TCP/UDP||SSL
Client WorkStation
Router
(FW1)
IP||TCP/UDP||SSL
Firewall-2
IDS
DNS1
IP||TCP/UDP||SSL
DNS2
IDS
Web Server
Database
Primary Users
Router (FW1)
DNS
Client WorkStation
Cisco 7200
128.237.144.1
RedHat 6.2
IPchains
IDS-1
Firewall-2
Windows NT 4.0 (SP6)
Hot Fixes
Windows NT 4.0 (SP6)
Hot Fixes
RealSecure 3.2
Guardian
Pro V5
IDS-2
Windows NT 4.0 (SP6)
Hot Fixes
RealSecure 3.2
Web Server
Windows NT 4.0 (SP6), Hot Fixes
DNS
NES 3.63
RedHat 6.2
IPchains
ActiveState
Perl 5.5
Cold Fusion
4.5.1
Tripwire
2.2.1
Database
Visual FoxPro
Future Plans
Regular Saturday Team Meetings
Planned Meeting with Client
Goals:
Find Vulnerabilities
 Identify Compromisable Components
 Simulate Intrusions & Attacks
 Survivability Analysis
