CIS288 WEEK 4: Securing the Network Management Process Slide 1 Introduction Welcome to week 4 of C-I-S 288: Security Design

in a Windows 2003 Environment. In the previous lesson we discussed designing a secure public key infrastructure. In this week we will discuss securing the network management process. Next Slide: Slide 2 Objectives When you complete this lesson you will be able to: Design security for network management; Manage the risk of managing networks; Design security for Emergency Management Services; Design Group Policy to deploy software updates; and Design forest and domain trust models; Slide 3 Securing the Network Management Process Next Slide: The problem of implementing security in networks lies in the fact that you are always defending against attacks and you are defending against an enemy you dont know, dont see, and cant predict. As an administrator, you need to protect every aspect of your network to prevent an attack, whereas an attacker only needs to find a single opening to gain malicious access to your resources. Windows Server 2003 allows you to implement rolebased administration and enforce many security guidelines and policies using Group Policy and Delegation of Administration. Next Slide:

Slide 4

Managing the Risks of Network Administration

When a company experiences a period of growth and expansion, it often adds more I-T staff in addition to infrastructure such as servers and networking equipment. There will probably be situations in which administrators are hired to do specific tasks, or they could be less experienced administrators who arent strong in all aspects of the network management process. The network administration process itself can become a threat to the security of your enterprise network if you do not take steps to design a secure model for network management. If this model is weak or nonexistent, you can introduce vulnerabilities stemming from user accounts that possess excessive administrative rights.

Slide 5

Security Policies for Administrators and IT Personnel

Next Slide: Youll use a network management policy to specify ways to manage your enterprise network in a secure manner. Improper use of management tools can create just as many security vulnerabilities as the behavior of any misbehaving user or malicious attacker. Because your organization needs to trust its administrators to use their authority in a responsible fashion, youll need some type of policy in place to regulate the people who can possess administrative rights and be able to manage network resources such as file resources and infrastructure services. An example of technical means of controlling the administration process would be implementing Group Policy on an O-U where user accounts reside. Next Slide:

Slide 6

Delegating Authority Securely

Because any organization needs to place as much trust in its network administrators as it does in its financial, human resources, or legal personnel, when securing your network management model its important that you take the greatest care in selecting those individuals. This becomes even more critical for individuals who possess farreaching administrative rights, such as those assigned to the Domain Admins or Enterprise Admins groups. When you get down to the technical aspects of delegating authority over portions of the Active Directory tree, remember that best practices suggest that you divide administrative duties among your I-T staff so that they have enough permission to do the task they were hired to do, but not an excessive amount beyond that. Within Active Directory itself, you can structure your delegation strategy based on roles.

Slide 7

Securing Common Administrative Tools

Next Slide: All the security in the world cant help if the tools at the administrators disposal are not properly secured. These tools are designed to allow you to make major modifications to and troubleshoot your network; if these tools fall into the wrong hands, they can be used to damage and interrupt business productivity in your organization. Inappropriate use of network management tools can reveal administrative credentials and other sensitive information about your network. Securing the network management process involves a delicate combination of managing people, technology, and policy; a welldesigned plan takes each of these areas into account to ensure that the network remains secure. Next Slide:

Slide 8

Designing Security for Emergency Management Services

A long-awaited feature in the Windows family is the ability to manage a server via an out-of-band connection such as a COM or serial port. Out-of-band management refers to the ability to connect to a server using nontraditional methods for remote server management, such as a telephone line or a serial port, and then having the ability to troubleshoot the server though a Terminal emulator window similar to a Telnet session. Emergency Management Services, or E-M-S, allows you to mange or troubleshoot a server when it is not fully functional or when the operating system has not fully loaded. It also allows you to manage the server in a headless configuration, meaning without having a mouse, keyboard, or video device attached to it. E-M-S allows you to perform the following tasks: Start up or shut down a server; install the Windows operation system if the server can communicate with Remote Installation Services; Manage a Windows Server 2003 system when you are unable to access it the traditional way, over the network using standard tools; View system Stop errors; Change the Bios settings; Select which operating system to start; And view Power on Self-Test results.

Slide 9

Designing a Security Update Infrastructure

Next Slide: Patching a large enterprise full of server and client systems has become something of an administrative nightmare in most I-T shops because of the importance of staying on top of security patches that Microsoft releases on a not-infrequent basis. To help organizations and security specialists with this huge burden of securing networks against security vulnerabilities, Microsoft has made available a free product known as Software Update Services, or S-U-S. S-U-S essentially works as an internally controlled Windows Update site that allows you to analyze and approve security patches and then apply them to your networked computers in a consistent manner. Next Slide:

Slide 10

Designing Trust Relationships Between Domains and Forests

A trust creates the framework that governs domain-todomain or forest-to-forest relationships. A trust allows users in different domains or forests to access resources in other domains or forests based on the trust that is established. Some of the terminology you will deal with when designing trust relationships are: one-way trusts, twoway trusts, transitive trusts, and nontransitive trusts. In a one-way trust, Domain A trusts Domain B. What this means is that Domain A is trusting Domain Bs users and granting them access to its resources. A two way trust means that both Domain A and Domain B are simultaneously trusting and trusted domains, respectively, which means that users in both domains can access resources in either domain. All Windows 2000 and Windows Server 2003 domains are designed with transitive trusts by default. If Domain A trusts Domain B and Domain B trusts Domain C, then Domain A automatically trusts Domain C. And lastly nontransitive trusts are similar to the way that trust relationships functioned in Windows N-T fourpoint-zero. The trust is limited to the domains where it was explicitly configured. This level of transitivity can be a deciding factor in your security design, since if you need a domain to have absolutely no default trust relationships with any other domains in your organization, you should consider creating a separate forest.

Slide 11

Summary

Next Slide: We have reached the end of this lesson. Lets take a look at what we have covered. Discussed first was Securing the Network Management Process. The problem of implementing security in networks lies in the fact that you are always defending against attacks and you are defending against an enemy you dont know, dont see, and cant predict. Next we discussed Managing the Risks of Network Administration. The network administration process

itself can become a threat to the security of your enterprise network if you do not take steps to design a secure model for network management. This followed with Security Policies for Administrators and I-T Personnel. Because your organization needs to trust its administrators to use their authority in a responsible fashion, youll need some type of policy in place to regulate the people who can possess administrative rights and be able to manage network resources such as file resources and infrastructure services. Next we discussed Designing Security for Emergency Management Services. E-M-S allows you to mange or troubleshoot a server when it is not fully functional or when the operating system has not fully loaded. We concluded the lesson with a discussion on Designing Trust Relationships between domains and forests. A trust creates the framework that governs domain-todomain or forest-to-forest relationships. A trust allows users in different domains or forests to access resources in other domains or forests based on the trust that is established.