adam's notes

Security Zones

A security zone is an area of the network (or of a connected network) where the security configuration is the same for all hosts within it.

  • In physical security, an area separated by barriers that control entry and exit points
  • network architecture and security control infrastructure must ensure that these zones are segregated from one another by physical and/or logical segmentation
  • Traffic between zones should be strictly controlled using a security device
    • Traffic policies should apply the principle of least privilege

Info

A zone must have a known entry and exit point.

  • e.g., if the only authorized access point for a zone is a router, placing a wireless access point within the zone would be a security violation

Creating Zones

  • network architecture features that create segments mapped to subnets allow the creation of a zone-based security topology
    • Hosts outside the perimeter are in a public Internet zone and are untrusted
    • Hosts within the perimeter will have different levels of trust and access control requirements
  • To map out the internal security topology,
    • analyze the systems and data assets that support workflows
    • and identify ones that have similar access control requirements:
      • Database and file systems that host company data and personal data should prioritize confidentiality and integrity
        • Data should not usually be held within a single zone
        • Separating information into different zones will reduce the breach’s impact
      • Client devices need to prioritize integrity and availability
        • should not store data and therefore have a lower confidentiality requirement
      • Public-facing application servers should prioritize integrity and availability
        • should not store sensitive data
        • Publicly accessible servers must not be considered fully trusted
      • Application servers that support the network infrastructure must exhibit high levels of confidentiality, integrity, and availability
  • This analysis will generate a list of the security zones needed
  • a basic setup includes:
    • intranet
      • the internal network
    • extranet
      • an intranet segment extended to business partners
      • e.g., API access to an internal ERP system
    • honeynet
      • decoy networks designed to attract attackers
    • screened subnets or DMZ
      • area of the network open to public-facing access
      • typically houses web servers
    • Ad Hoc network
      • temporary networks that may bypass security control

Example

  • how traffic between hosts in zones with different privilege sensitivities can be subject to access controls:
    1. low privilege zone containing hosts that are difficult to secure and patch, such as printers, can accept connections but cannot initiate requests to any other hosts
    2. Client devices on the enterprise LAN can make authorized requests in different zones, such as to internal servers or Internet websites, but cannot accept new connection requests
    3. Hosts in a guest zone can access the Internet, but are not allowed to access the enterprise LAN
    4. Public-facing servers can accept requests from the Internet but cannot initiate requests to the enterprise LAN or to the Internet
    5. Where hosts are separated by VLANs within the same zone additional access rules can be configured
      • e.g., app servers should be able to make requests to databases, but not vice versa

Graph View

Backlinks