esp technical overview n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
ESP Technical Overview PowerPoint Presentation
Download Presentation
ESP Technical Overview

Loading in 2 Seconds...

play fullscreen
1 / 22

ESP Technical Overview - PowerPoint PPT Presentation


  • 97 Views
  • Uploaded on

ESP Technical Overview. Marty Lindner September 2000. Agenda. What is “ ESP ” Goals of the ESP ESP Technology Overview. What is the “ ESP ”. E xtranet for S ecurity P rofessional. What is the “ESP”.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'ESP Technical Overview' - elizabeth-santana


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
esp technical overview

ESP Technical Overview

Marty Lindner

September 2000

agenda
Agenda
  • What is “ESP”
  • Goals of the ESP
  • ESP Technology Overview
what is the esp
What is the “ESP”
  • Extranet for Security Professional
what is the esp1
What is the “ESP”
  • From a users perspective the ESP is a web site that is used by a group of people sharing a common interest or need
what is the esp2
What is the “ESP”
  • From an IT professionals perspective the ESP is a secure web environment created by using
    • Commercial Off The Shelf (COTS) products
    • Good Programming Practices
    • Strict network policies enforced by multiple firewalls and intrusion detection systems
    • Automated intrusion detection software developed for the ESP environment
what is the esp3
What is the “ESP”
  • A set of collaboration tools used thru a common web interface
    • Mail Tool
    • Calendar Tool
    • Document Collaboration Tool
    • Document Library
goals of the esp
Goals of the ESP
  • Minimal cost to the end users
  • Provide a mechanism for sharing FOUO/SBU information over the public internet
  • Maintain the highest level of security
esp infrastructure
ESP Infrastructure

The Internet

Firewall

Router

Web Servers

To: George

Marty

From: Steve

Workstation

Database Servers

Firewall

end user workstation
End User Workstation

The Internet

Firewall

Router

Web Servers

To: George

Marty

From: Steve

Workstation

Database Servers

Firewall

end user workstation1
End User Workstation
  • One of the ESP goals is to minimize the cost to the end user
  • The only end user requirement is a web browser that supports U.S. domestic encryption (128 bits)
the internet
The Internet

The Internet

Firewall

Router

Web Servers

To: George

Marty

From: Steve

Workstation

Database Servers

Firewall

the internet1
The Internet
  • The ESP technology makes one assumption about the Internet
    • You can not trust it!
  • To overcome this lack of trust, the ESP uses the Secure Socket Layer (SSL) protocol and X.509 certificates to provide authenticity, integrity and confidentiality
    • www.ietf.org\rfc\rfc2246.txt
ssl security
SSL Security

The Internet

Firewall

Router

SSL provides a secure path through the Internet

Web Servers

To: George

Marty

From: Steve

Workstation

Database Servers

Firewall

firewall strategy
Firewall Strategy

The Internet

Firewall

Router

Multiple inline firewalls create more complex maze for intruders to navigate

Web Servers

To: George

Marty

From: Steve

Workstation

Database Servers

Firewall

firewall strategy1
Firewall Strategy
  • Multiple firewalls randomly inserted into the network topology
    • Sidewinder 5.0
      • www.securecomputing.com
    • Guardian
      • www.netguard.com
    • Cisco Secure PIX Firewall
      • www.cisco.com
    • Linux IPchains
      • www.linuxdocs.org
network monitoring
Network Monitoring

The Internet

Firewall

Router

Passive network monitoring tools assist and automate the intrusion detection process

Web Servers

To: George

Marty

From: Steve

Workstation

Database Servers

Firewall

network monitoring1
Network Monitoring
  • Several passive network monitoring agents are used to detect signs of intrusion
    • Real Secure 3.2
      • www.iss.net
    • Snort 1.6.3
      • www.snort.org
web server security
Web Server Security

The Internet

Firewall

Router

The middleware enhances security by incorporating additional authentication techniques

Web Servers

To: George

Marty

From: Steve

Workstation

Database Servers

Firewall

web server security1
Web Server Security
  • System is dedicated to web services only
  • No additional services offered
  • Software
    • Hardened Windows NT 4.0
      • www.microsoft.com
    • Tripwire system integrity software 2.2.1
      • www.tripwire.com
    • Netscape Enterprise Server 3.63
      • home.netscape.com
    • Cold Fusion Server 4.5.1
      • www.alliare.com
database security
Database Security

The Internet

Firewall

Router

The database only responds to authenticated requests from the Web servers

Web Servers

To: George

Marty

From: Steve

Workstation

Database Servers

Firewall

database security1
Database Security
  • Database servers only except communications from an authenticated IPsec session
    • www.ietf.org\rfc\rfc2401.txt