Network trust relationships
Business networks frequently require connections to other business networks. Such connections can occur over leased lines, proprietary wide area networks (WANs), value-added networks (VANs), or public networks such as the Internet. For instance, many local governments use leased lines or dedicated circuits to connect regional offices across the state. Many businesses use commercial VANs to connect business units across the country or the world.
The various network segments involved may be under control of different organizations and may operate under various security policies. By their very nature, when networks are connected, the security of the resulting overall network drops to the level of the weakest network. When decisions are made for connecting networks, trust relationships must be defined to avoid reducing the effective security of all networks involved.
Trusted networks are defined as networks that share the same security policy or implement security controls and procedures that provide an agreed upon set of common security services. Untrusted networks are those that do not implement such a common set of security controls or where the level of security is unknown or unpredictable. The most secure policy is to only allow connection to trusted networks, as defined by an appropriate level of management. However, business needs may force temporary connections with business partners or remote sites that involve the use of untrusted networks.
High
All connections from the organization network to external networks must be approved by and managed by a network services manager. Connections should be allowed only with external networks that have been reviewed and found to have acceptable security controls and procedures. All connections to approved external networks should pass through organization-approved firewalls.
Low to medium
All connections from the organization network to external networks should be approved by a network services manager. All connections to approved external networks should pass through organization-approved firewalls. To eliminate a major vulnerability, all connections and accounts related to external network connections should be periodically reviewed and deleted as soon as they are no longer required.
Tip: Audit trails and system logs for external network connections should be reviewed weekly. Any accounts related to these connections that are not used on a monthly basis should be deactivated. A network services manager should ask functional managers to validate the need for all such connections on a quarterly basis. When notified by the network system manager that the need for connection to a particular network is no longer valid, all accounts and parameters related to the connection should be deleted within one working day.
In this tutorial:
- Firewall Security Policy
- Firewall protection
- Firewall architectures
- Multi-homed host
- Screened host
- Screened subnet
- Types of firewalls
- Packet-filtering gateways
- Application gateways
- Hybrid or complex gateways
- Routing versus forwarding
- IP spoofing
- DNS and mail resolution
- Intranet
- Network trust relationships
- Virtual private networks
- Qualification of the firewall administrator
- Remote firewall administration
- Firewall backup
- System integrity
- Physical firewall security
- Firewall incident handling
- Upgrading the firewall
- Revision/update of firewall policy
- Examples of service-specific policies