1 / 13

Designing Manageable Protocols

Designing Manageable Protocols. Andrew Cormack Chief Security Adviser UKERNA. Why Manage Networks?. Networks have production uses Teaching, assessment, administration, video conferencing, … Time-critical, bandwidth-criticial, reliability-critical Bandwidth is finite

alma
Download Presentation

Designing Manageable Protocols

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Designing Manageable Protocols Andrew Cormack Chief Security Adviser UKERNA

  2. Why Manage Networks? • Networks have production uses • Teaching, assessment, administration, video conferencing, … • Time-critical, bandwidth-criticial, reliability-critical • Bandwidth is finite • Some things are more important than others • Different priorities in different organisations • Important things should have priority • Helps if priorities are written down!

  3. Management Tools? • Manager told – “Service X is important” • Manager sees – IP packets • Packets have • Source & destination address • Source & destination port • Initial TCP packet has a direction • How to map packets to services? • Need help from protocol design

  4. Management Requirements • Identifiable • Services give rise to recognisable network flows • Controllable • Services can be permitted on some network segments • Services can be denied from some network segments • Non-hazardous • My use of a service must not be a hazard to others • My use of a service should not be a hazard to me

  5. Management Assumptions • Least-worst assumptions • Port number identifies service • E.g. port 80 = web • IP address(es) identify location on network • Source is client; destination is server [TCP only] • Dangerous assumptions • IP address identifies person • Port <1024 means trusted

  6. I [C [H [ I [C [H ? ? 80 ? Case Studies – HTTP www.site

  7. I ?C [H x I [C [H ? ? 21 ? 20 ? Case Studies – FTP ftp.site

  8. I xC xH [ I xC xH x ? 21 ? ? ? Case Studies – passive FTP ftp.site

  9. I xC xH x I xC xH x 6697-6701 + more ? ? Variable UDP ports 4444-8888 Case Studies – P2P (Napster) 64.124.41/24

  10. Future developments • Dynamic address allocation • DHCP or NAT • Must align address allocation with managed groups • IP version 6 • Little change to manageability • Port numbers may be buried in a chain of headers • Encryption may make application layer invisible • Mobility is extreme dynamic address allocation

  11. Conclusion: Protocols need • Identifiable traffic flows • Well defined, appropriate use of reserved ports • Clarity over relationship between hosts • Direction of initiation must be apparent • Support for layered protection • Expect to meet firewalls; work with proxies • Application proxies may be only option

  12. Give managers options • YES/NO is not enough

More Related