Comment on National Strategy to Secure Cyberspace 14Nov200–

4 pages

English

Comment on National Strategy to Secure Cyberspace 14Nov200–

Enna - Default

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

4 pages

English

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

A propos
Informations
Extrait

Description

From: Engedi Technologies, Inc Sent: Thursday, November 14, 2002 12:15 AM To: 'feedback@cybersecurity.gov' Cc: Jeffrey A. Carley (carley@engedi.net) Subject: Engedi Technologies Feedback to The National Strategy to Secure Cyberspace Draft Comment on The National Strategy to Secure Cyberspace Draft Thank you for this opportunity to provide input into the strategy. Our particular area of interest is in securing remote network management. The strategy paper does not appear to focus significant attention on the need to secure the management of networking equipment distributed throughout the network infrastructure. The ability to remotely manage the devices and circuits that make up the corporate and public networks is critical for the security and reliability of those networks. There are a number of factors that make the ability to remotely manage the network elements essential to network operations. Managing these devices remotely without, in most cases, the need to dispatch a technician: • Increases network security (when the management communications is secure); • Increases network reliability and dependability; • Reduces operating costs; • Increases the skill levels of engineers and technicians available to manage devices; • Increases responsiveness to threats, outages, and new requirements; and • Increases the adaptability of the network to new environments, situations, and events. Many of these improvements are achieved ...

Informations

Publié par	Enna
Nombre de lectures	13
Langue	English

Extrait

From:

Engedi Technologies, Inc

Sent:

Thursday, November 14, 2002 12:15 AM

To:

'feedback@cybersecurity.gov'

Cc:

Jeffrey A. Carley (carley@engedi.net)

Subject:

Engedi Technologies Feedback to The National Strategy to Secure Cyberspace Draft

Comment on The National Strategy to Secure Cyberspace Draft

Thank you for this opportunity to provide input into the strategy. Our particular area of

interest is in securing remote network management. The strategy paper does not appear

to focus significant attention on the need to secure the management of networking

equipment distributed throughout the network infrastructure.

The ability to remotely manage the devices and circuits that make up the corporate and

public networks is critical for the security and reliability of those networks. There are a

number of factors that make the ability to remotely manage the network elements

essential to network operations. Managing these devices remotely without, in most cases,

the need to dispatch a technician:

•

Increases network security (when the management communications is secure);

•

Increases network reliability and dependability;

•

Reduces operating costs;

•

Increases the skill levels of engineers and technicians available to manage

devices;

•

Increases responsiveness to threats, outages, and new requirements; and

•

Increases the adaptability of the network to new environments, situations, and

events.

Many of these improvements are achieved by allowing a skilled technician or

management software to access the device from a remote location to perform

maintenance, monitoring, problem determination, and remediation. Due to the greater

economic feasibility of performing these activities from a remote location the software

and configurations are kept more current allowing for known vulnerabilities to be

corrected more quickly and new safeguards to be incorporated sooner. Also, an outage or

attack will be detected more quickly with remote management and a remote administrator

can respond without the time delay or cost required to travel to the site.

However, more focus needs to be placed on securing the information that is

communicated between a device and a remote administrator than is common practice in

the industry today. More often than not, this information is communicated in clear text

and is vulnerable to a variety of attacks. Often, telnet is still utilized for command line

access to the device and monitoring is performed using insecure versions of SNMP. The

information that travels over these insecure channels can be very sensitive including

administrative level passwords, device and configuration information, and performance

information.

This information may flow over an internal network or it may flow over a public

network. While allowing this information to travel unprotected over a public network is

obviously a grave security risk, allowing this information to travel on an internal network

is also a risk that should be closely scrutinized. Much of this information should only be

available to network administrators with a need to know. It needs to be protected on the

internal network as well. Solutions need to be developed to protect this information in all

environments.

While keeping the management information on an internal network can offer some

additional security and cost savings over utilizing a public network such as the PSTN or

the Internet, there are some strong advantages to having an out-of-band network

management connection available. Recommendation R4-2 and Discussion D4-2 indicate

the need for out-of-band management, but the strategy does not provide any verbiage in

support of this. There is also no indication that this out-of-band management connection

needs to be carefully secured, especially if it travels on a public network. Securing this

information should be part of the strategy.

Some of the reasons an out-of-band connection can be important include:

•

Some operations can only be performed over an out-of-band connection such as

password recovery on a Cisco router;

•

Some network or facility failures can impact the internal network connection.

Access to the device by some other connection is essential for problem

determination and/or remediation. If problem determination can commence in

minutes rather than the hours it might take to dispatch a technician, then the

Mean-Time-To-Repair can often be significantly reduced.

•

Some attacks, such as denial-of-service attacks, can reduce or eliminate the

remote administrator’s ability to access the device over the internal network.

Having an out-of-band connection for management can be essential to countering

the attack.

However, since an out-of-band connection is more likely to be over a public network,

even more steps need to be taken to protect the data that travels over that connection.

Some form of secure connection such as SSH or IPSec needs to be utilized over the

public network. Also, since the device might now be connected to a public network

without any firewall or IDS to protect it; strong measures need to be taken to protect that

device from possible attacks over the public network such as restricting this connection to

only those services needed for network management, filtering on allowable source

addresses or phone numbers, and strong authentication of the remote administrator by the

managed device.

Recommendation R4-2 refers to more secure router technology.

However, with the

continuing increase in connection speeds and advances in hardware, the demarcation

between switching, routing, and transport level connections are not as clear as it once

was.

It appears that R4-2 is meant to address the network infrastructure and the

management of said infrastructure.

Our recommendation is that this should include

routers, switches, load balancers, cache engines, firewalls, IDS sensors, WAN switches,

VPN hardware, etc. All of these require greater attention to security in their design and

implementation.

Remote management of these devices is a major area that has not

received the emphasis it needs.

R4-2 can be modified to reflect something more along the lines of:

R4-2 A public-private partnership should perfect and accelerate the adoption of more

secure networking equipment and the management of said equipment.

Securing the

management of the networking equipment includes both protecting the contents of

management connections and securing local and remote access to the networking

equipment for management purposes, including out-of-band access.

For discussion item D4-2 the wording can be more along the line of:

D4-2 How could secure out-of-band management for networking equipment be

implemented over the Internet while also protecting the networking equipment from

attack over that connection, and what are the costs and benefits?

We also believe it would be appropriate to include, under Level 4 in the Securing Shared

Systems section, a subsection discussing remote management of networking equipment.

It would seem to naturally fit after the Vulnerability Remediation subsection on page 41

of the draft. Something along the following lines might be appropriate:

Remote Management

The ability to remotely manage and monitor networking equipment is critical for the

security and reliability of the network. Remote management of the equipment allows for

more cost effective and frequent updating of the software and configuration of the

equipment to eliminate known vulnerabilities while remote monitoring allows for earlier

identification of problems or attacks, and a swifter response. Also, a larger pool of

skilled engineers and technicians are able to maintain the equipment than would be the

case if only local access were allowed. Responses to outages, threats, and attacks can

also be more rapid when the administrator can remotely access the device for problem

determination and remediation or countermeasures. Sensitive information, however, is

often communicated over the connection between the equipment and the remote

administrator including passwords and configuration information. It is therefore essential

to secure the information that is transmitted between the equipment and the remote

administrator. It is also important to restrict access to the administrative functions only to

authorized administrators.

Since the remote administrator may need access to networking equipment at a time when

the network is compromised, the administrator should have a connection to the

equipment that does not depend on the availability of the network. Often this out-of-band

connection will utilize a public network.

When a public network is utilized, it is

important to not only protect the information being transmitted, but also to protect the

networking equipment from unauthorized access or attack over the public network.

The strategic goal is to provide greater reliability and security of the network, and to

enhance the responsiveness of administrators by securing both in-band and out-of-band

remote management of networking equipment. Achieving this goal is possible by:

•

Providing for in-band and out-of-band connections for administrative access;

•

Providing strong access controls that protect access to the administrative

functions;

•

Ensuring that protocols are utilized that protect the information communicated

between the networking equipment and the remote administrator or monitoring

station; and,

•

Developing methods to protect management interfaces from attack over a

connection to a public network.

Thank you for allowing us the opportunity to provide this feedback.

Kindest regards,

Jeff Carley

CTO Engedi Technologies, Inc.

carley@engedi.net

719-510-5322

Univers
Ebooks
Livres audio
Presse
Podcasts
BD
Documents

Livre audio en ligne - Développement personnel Livre en ligne Tout le catalogue Tous les Intérêts

Comment on National Strategy to Secure Cyberspace 14Nov200–

YouScribe

Le catalogue

Le service

Les conditions