Welcome once again to the risk rack. This time on the risk rack we will be continuing our review of how to assess your organization’s network perimeter. As a reminder the identified steps were:
- Step 1: Define the functions and purposes of your network perimeter.
- Step 2: Assess the technology used along the perimeter of your network.
- Step 3: Assess the Processes used to support your network perimeter.
- Step 4: Assess the People that support your network perimeter.
- Step 5: Review all the information gathered in steps 1- 4 and establish conclusions and findings.
- Step 6: Report conclusions and findings and determine action plans.
In Part I we reviewed tips and tricks for Step 1 “Define the functions and purposes of your network perimeter” and started a spreadsheet.
In Part II of “assessing your perimeter” we will be looking at tips and tricks for Step 2: “Assess the technology used along the perimeter of your network.”
Let us begin by first defining the term “Technology” for the purpose of this article. Technology for the purpose of this article is defined as any hardware or software as well as architectural design. To provide some structure for the technology assessment I have provided the following stepped approach which I will describe below.
- Step 1: Define your network perimeter endpoints.
- Step 2: Identify hardware devices that make up each endpoint
- Step 3: Identify operating system software and application software for each device.
- Step 4: Map the hardware and software to the spreadsheet from Part I.
- Step 5: Perform a technical analysis for each piece of hardware and software based on the functions and purposes they are mapped to.
- Step 6: Document your observations and findings.
Defining an endpoint is simply identifying any segment of the network that interfaces with an external environment. There are three basic forms of endpoint interfaces:
- Private – An external link which is setup to communicate to a single entity (i.e. a standalone modem connection or T1 line) using a ‘closed’ network.
- Semi-Private – An external link that is setup to interface with a number of entities (i.e. modem pool, shared frame relay, etc.) using a ‘closed’ network
- Public – An external link that is that is setup using a open network such as the Internet