Technical paper risk assessment composition

Introduction

The network plan of Global Financial, Inc. (GFI) depicts the layout of the business mission important systems. The corporation has two servers (Email and the Oracle database) that are used more than any one of their other systems. GFI greatly depend on their particular network to be stable for their financial devices that are working and any kind of outage will negatively have an effect on their operations and financial circumstances. Like all other business, customer satisfaction and the secureness of GFI’s network is important.

In order to make sure their network and data is secure, GFI has begun to re-evaluate all their network infrastructure. GFI has already established some support interruptions that has cost them over hundred buck, 000 in revenue loss.

Description of GFI’s Network, Interconnection and Communication environment Global Financial Inc. Network

The web is made up of two 10GB cable connections.

Remote Call up get via PSTN

VPN gateway connected to an Off site office

A DMZ network which is made up of 2 Edge (Core) routers, which are connected to the 2 10GB internet connections.

2 Syndication Routers. one particular VPN gateway, 1 fire wall, 1 RMS server and a PBX box that is connected to the PSTN remote access dial up network.

Above is known as a table that list the six departments. There is also a malfunction of the workstations and twenty six printers per department.

There are 6 10GB Access Layer VLAN fuses and three or more 10GB Multi-Layer switches

There’s also a Trusted Computer Base Inner Network that is locate in Global Financial Inc. Network that is composed of 1 TUS Server, 1Oracle 9i DB Server, you Microsoft 2000 Exchange Email Server, 1 File and Print Hardware, 1 Intranet Web Machine and several Workstations.

Determine risk depending on the Global Financial, Inc. Network Diagram situation

The GFI network diagram describes how quickly the company regarding the amount of network devices and other equipment. GFI network seems to be built to always be resilient and being wrong doing tolerant. However , the company has

failed to keep the systems security current in relation to the growth of the network. So the main focus should be on network security. GFI needs to apply equipment level policies that will strengthen its network reliability. These plans should include things like: updated components configurations, well maintained and updated hardware firmware and OS’s, Attack detection devices, system back up copies, real-time monitoring of the network and hardware configurations, quick investigation of any and all secureness issues that are related to the network infrastructure. Since GFI has skilled prior disruptions due to network attacks, this makes seeing that to assume that it is mare like a possibility that the interruption could occur. So in order to assess the risks to GFI’s network we can use a simple formula that includes means + purpose x opportunity x business Impact more than Controls that will equal the hazards.

Below is actually a diagram showing how the risk towards the network will probably be determined.

I will make the subsequent assumptions based upon the network diagram as well as the other information that was offered. The network design generally seems to lack correct firewall coverage.

Describe and defend your assumptions while there is no further information from this business. The company does not wish to release any security-related information every company insurance plan.

The trustworthy computing base (TCB) interior network inside the Global Fund, Inc. Network Diagram owners the company’s objective critical systems without that this company’s businesses and financial circumstances would undergo. The Oracle database and email systems are one of the most intensively employed application machines in the business. As we know, GFI cannot afford system outages mainly because its cashflow and monetary systems greatly depend on the network steadiness. GFI has experienced DOS network disorders twice this year and its Oracle database and email servers had been down for a week. The restoration process essential GFI to work with $25, 1000 to restore their operations normal again. GFI believed the loss via these network attacks in more than $100, 000 which include lost client confidence.

Employees

Those who take care of every regular (non-security related) small business of GIAC Enterprises. ¢Access to the corporate network

¢Access for the data network indirectly

¢No entry to the remote control network

¢No usage of the “service network

The Employees of GIF contains all inside employees EXCEPT a group of workers designated since the “Security Team who will perform the day-to-day responsibilities of doing organization. All management will be considered to be among this kind of group of staff and they will certainly not be awarded different access to services. Protocol summary for the Employees:

¢HTTP (TCP 80)

¢FTP data (TCP 21)

¢SMTP (TCP 25)

¢DNS (UDP 53)

The firewall offers a number of important features:

Security Unblock proxies ” utilized to apply rules to the contents of the TCP/IP packets. Stateful Dynamic Bundle Filtering ” used to build filtering rules based on the state of a connection.

1 . Check Detection ” default defense against various common network verification.

installment payments on your Spoofing Safeguard ” detect spoofing endeavors and drops the bouts

a few. Site Obstructing ” inhibits defined network from passing the “wall

four. Port Preventing ” inhibits defined “dangerous ports in TCP and UDP from entering

5. PERSPEKTIV flood Protection ” halts SYN ton Denial of Service episodes

6th. Dynamic NAT ” hides internal address

several. URL Filtering ” Runs on the Cyber Patrol database to regulate internet surfing around

you