- My team at Savvis provides security assessments, design, and operational assistance for businesses.
- Learn how to analyze malware at my SANS course in New York, London, DC, and over the Web.
- My new 2-day course on Combating Malware debuts in Las Vegas at half price; full price in DC.
Network Perimeter Defense Architecture: A Case Study
This paper, written as a case study, documents a comprehensive architecture for defending network resources of a fictitious company. It illustrates an approach to setting up a strong security perimeter. This document was submitted to SANS GIAC to fulfill GIAC Certified Firewall Analyst (GCFW) certification requirements.
A the moment, this paper is only available in Adobe Acrobat PDF format. You may download it here. The table of contents is listed below for your convenience:
- Part 1: Security Architecture
- 1.1 Assigned Task
- 1.2 Application Architecture
- 1.3 Perimeter Defense
- 1.4 External Connectivity
- 1.5 Implementation
- Part 2: Security Policy
- 2.1 Assigned Task
- 2.2 Guiding Principles
- 2.3 Border Router
- 2.4 Firewalls
- 2.5 VPN Configuration
- 2.6 Applying Policy
- 2.7 Compliance Monitoring
- Part 3: Audit of the Security Architecture
- 3.1 Assigned Task
- 3.2 Planning the Assessment
- 3.3 Assessment of Security Design
- 3.4 Assessment of Defense Perimeter Implementation
- 3.5 Assessment of Defense Component Implementation
- 3.6 Defense Improvement Recommendations
- Part 4: Design Under Fire
- 4.1 Assigned Task
- 4.2 Targeted Architecture
- 4.3 Attacking the Firewall
- 4.4 Denial of Service Attack
- 4.5 Compromising an Internal System
Post-Scriptum
This paper was written in 2001. The GCFW certification practical requirements, which this paper fulfilled, are listed on the following site:
GIAC LevelTwo Firewalls, Perimeter Protection, and VPNs Practical Assignment for Capitol SANS, Version 1.4, December 2000. URL: http://www.sans.org/capsans/GCFW_assignment.htm.
About the Author: Lenny Zeltser leads the security consulting practice at Savvis, where he focuses on designing and operating security programs for cloud-based IT infrastructure. Lenny's other area of specialization is malicious software; he teaches how to analyze and combat malware at SANS Institute. Lenny explores security topics at conferences, in books and in articles. He also volunteers as an incident handler at the Internet Storm Center. You can follow Lenny on Twitter to stay in touch.
Copyright © 1995-2010 Lenny Zeltser. All rights reserved. RSS Feed.
The information on this site does not necessarily represent positions or opinions of my employer.