Home > Articles

  • Print
  • + Share This
This chapter is from the book

Network Security as a Continuous Process

Network security should be a continuous process built around a security policy. A continuous security policy is most effective, because it promotes retesting and reapplying updated security measures on a continuous basis. The Security Wheel, shown in Figure 1-1, represents this continuous security process.

Figure 1Figure 1-1 Security Wheel

 

To begin this continuous process known as the Security Wheel, you need to create a security policy that enables the application of security measures. A security policy needs to accomplish the following tasks:

  • Identify the organization's security objectives

  • Document the resources to be protected

  • Identify the network infrastructure with current maps and inventories

To create or implement an effective security policy, you need to determine what it is you want to protect and in what manner you will protect it. You should know and understand your network's weak points and how they can be exploited. You should also understand how your system normally functions so that you know what to expect and are familiar with how the devices are normally used. Finally, consider your network's physical security and how to protect it. Physical access to a computer, router, or firewall can give a user total control over that device.

After the security policy is developed, it becomes the hub on which the next four steps of the Security Wheel are based:

Step 1

Secure the system. This involves implementing security devices—firewalls, identification authentication systems, encryption, and so on—with the intent to prevent unauthorized access to network systems. This is where the Cisco PIX Firewall is effective.

Step 2

Monitor the network for violations and attacks against the corporate security policy. These attacks can occur within the network's secured perimeter—from a disgruntled employee or contractor—or from a source outside your trusted network. You should monitor the network with a real-time intrusion detection device such as the Cisco Intrusion Detection System (IDS). This helps you discover unauthorized entries. It also serves as a system of checks and balances to ensure that devices implemented in Step 1 of the Security Wheel have been configured and are working properly.

Step 3

Test the effectiveness of the security safeguards that are in place. Use the Cisco Secure Scanner to identify the network's security posture with respect to the security procedures that form the hub of the Security Wheel. Validation is a must. You can have the most sophisticated network security system, but if it is not working, your network can be compromised. This is why you need to test the devices you implemented in Steps 1 and 2 to make sure they are functioning properly. The Cisco Secure Scanner is designed to validate your network security.

Step 4

Improve corporate security. The improvement phase of the Security Wheel involves analyzing the data collected during the monitoring and testing phases and developing and implementing improvement mechanisms that feed into your security policy and the securing phase in Step 1. If you want to keep your network as secure as possible, you must keep repeating the cycle of the Security Wheel, because new network vulnerabilities and risks are created every day.


All four steps—secure, monitor, test, and improve—should be repeated on a continuous basis and should be incorporated into updated versions of the corporate security policy.

  • + Share This
  • 🔖 Save To Your Account