8 Layer Security

I am going to consider network security improvements at each of the seven layers of the OSI (Open Systems Interconnection) model.

I am also going to introduce a new layer to the OSI model, the User layer at layer 8.

Layer 1 Physical layer

  • Ensure Servers are physically stored in a locked environment.
  • UPS is installed
  • WIFI – Disable SSID broadcasts, strong password on AP, implement strong encryption.
  • Offsite backups – whether physical storage of disks or cloud based backups
  • Disable unused ports on routers, switches and firewalls.

Layer 2 Data Link layer

  • Implement VLans on switches to protect against MAC Flooding, ARP and Spanning Tree Attacks
  • Separate management and user traffic into different Vlans. Don’t use Vlan 1. If VOIP is used, separate voice and data traffic.

Layer 3 Network Layer

  • On Routers assign strong passwords to VTY lines, assign strong passwords to Console and Aux ports and Telnet.
  • Introduce Network Policy Servers and quarantine zones for users who bring their own devices and for remote access users to ensure that their machines are patched and have up to data antivirus and antimalware software.
  • Introduce Firewalls and Intrusion Detection Systems.
  • Introduce NAT as a method of obscuring internal hosts IP Address from the internet.

Layer 4 Transport Layer

  • Use port scanning software to identify unnecessary open ports.
  • Ensure that FTP port 21 is closed.

Layer 5 Session Layer

  • For mobile users implement SSL VPN
  • For branch offices implement IPSec
  • Introduce policies of Strong passwords that do require changing every month
  • Set up auditing of failed logins

Layer 6 Presentation Layer

  • Introduce Encryption services TLS/SSL

Layer 7 Application Layer

  • Ensure Antivirus and Antimalware are installed and up to date
  • Operating System is updating either from WSUS or Windows Updates directly
  • Implement Kerberos authentication
  • Ensure Internet Browser is being updated.

Layer 8 User Layer

  • Educate users about latest threats and suspicious emails
  • Educate users about common social engineer techniques
  • Educate users about the importance of rebooting machines to let updates install

The above is by no means an exhaustive list of things that need to be considered when securing a network. But I think it does show that security is not just a lock on a door, it is a technique of layering and trying to consider what needs to be done where by using the OSI model helps us to create a reasonable plan of action.
Although no direct quotes have been taken, the references below are what I used to base my ideas on.

References

Oxenhandler, D. 2003. “Designing a Secure Local Area Network”, “SANS Institute, InfoSec Reading Room”. Available online at http://www.sans.org/reading-room/whitepapers/bestprac/designing-secure-local-area-network-853 accessed online 14/9/2014

Pace, K. 2004. “A layered Security Mode: OSI and Information Security”, SANS Institute. Available online at http://www.giac.org/paper/gsec/3908/layered-security-model-osi-information-security/106272 accessed online 14/9/2014

Reed, D. 2003. “Applying the OSI Seven Layer model to Information Security”, “SANS Institute, InfoSec Reading Room”. Available online at http://www.sans.org/reading-room/whitepapers/protocols/applying-osi-layer-network-model-information-security-1309 accessed online 14/9/2014

Surman, G. 2002. “Understanding security using the OSI Model”, “SANS Institute, InfoSec Reading Room”. Available online at http://www.sans.org/reading-room/whitepapers/protocols/understanding-security-osi-model-377 accessed online 14/9/2014

Airtight Networks, unknown. “Wifi Security Best Practices”, ‘AirtightNetworks.com’, available online at http://www.airtightnetworks.com/fileadmin/pdf/resources/WiFi_Security_Best_Practices.pdf accessed online 14/9/2014

Written by Mark

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this:
search previous next tag category expand menu location phone mail time cart zoom edit close