SlideShare a Scribd company logo

Security Risk Assessment for Quality Web Design

Download as DOCX, PDF
Ting Yin, profile picture
Ting Yin

This document provides a security risk assessment for Quality Web Design (QWD) and recommends solutions. It identifies three main security vulnerabilities: 1) issues with the network infrastructure hardware, 2) the risk of SQL injection attacks targeting client web pages, and 3) threats against the existing VPN like intrusion and denial of service attacks. It analyzes the level of risk for each threat and their potential consequences, such as theft of information, website downtime, and data or system manipulation. To address these risks, the document recommends that QWD replace its current IPSec VPN with Dell SonicWall NSA 250m and NSA 6600 appliances to gain improved security protections, services, and remote access capabilities. This would help mitigate threats while also

Technology
1 of 23
Downloaded 23 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
1 Security Risk Assessment for Quality Web Design Ting Yin Submitted to: Jude Lamour SE571 Principles of Information Security and Privacy Keller Graduate School of Management Submitted: November 16, 2014
2 Table of Contents Executive Summary………………………………………………………………………….3 Company Overview…………………………………………………………………………..3 Security Vulnerabilities……………………………………………………………………....3 Threats………………………………………………………………………………… ……4 Risk Assessment ……………………………………………………………………..……..5 The Consequence …………………………………………………………………….…….6 The Affects on The Company Competitive Advantages .......................................................7 The Definition of Solution ………….……………………………………………………..15 Justification …………………………………………………………………………………6 Impact on Business Processes ………………………………………………………………10 Reference…………………………………………………………………………………….19
3 Executive Summary Dell Sonic Firewall TCO recommends QWD to use Dell NSA 250m and NSA 6600 and to replace its current IPSec VPN. NSA 250m and NSA 6600 appliances come with a wide range and heighted level of security protection services and additional security protection hardware and software bundles. Based on a reputable technology survey, NSA 250 m and NSA 6600 are given rating of 5 out of 5 (NSA Review). NSA 6600 system should be located near QWD office headquarters and NSA 250m should be located near in QWD remote office. Both NSA systems have the right tools to protect QWD from intrusion, denial of service, and SQL attacks. In addition to the security protection, NSA systems offer mobile service for workers, business partners, customer, clients or QWD affiliations to be able to collaborate online on QWD related projects. The remote access and connectivity can further improve QWD business process and even increase revenue. Company Overview Quality Web Design (QWD) is a web design and development company that designs and creates client side web application for different industries. The web application that QWD make can help their clients to market their client information in form of web content to the outside world. QWD has a basic Microsoft (MS) shop that uses a Visual Studio (VS) Team Foundation to support its image repository. For quality analysis and site development, QWD uses VS. QWD also utilizes MS SQL Server and MS Exchange (SEC 517). Two Security Vulnerabilities In this paper, I will discuss three security vulnerabilities: one is associated with hardware, the second is associated with the software. The first vulnerability is found within the
4 network infrastructure (hardware). The second vulnerability is associated with SQL injection attack into the client’s web page (SEC 517). Threats Against VPN or Server In this section, two threats against a VPN will be discussed: 1) Intrusions; 2) Denial of Service. Intrusion is a form of threat that offers opportunities for unauthorized outsider to access and to control over parts of the VPN. The parts that can affect could be internal computers, servers, network elements, and other network components. To access into internal information or equipment as hackers or intruders, the malicious individual first inject code for traffic control into the VPN. In a simple case of the virtual invasion and unauthorized internal control is to send a single IP packet to a destination in the VPN (Threat Against). The terminals or phones and other mobile devices that are left opened and neglected are one of the primary reason that unauthorized individual can gain access to the internal resources that lie with QWD. “VPNs will likely continue to be the weakness link in an organization’s security infrastructure for some time to come.” (VPNs Virtual) Any organization is as secure as its weakest links or connections. VPNs provide illusion of a false sense of security, due to “poor implementation and maintenance.” Perhaps, VPN can be considered as one the weakest link in QWD (The Myth). Denial of service is another threat from outside against the VPN. Unlike intrusion discussed above this section, DoS prevents other from accessing the web. For hackers to complete DoS, s/he first needs to able to inject packets into the trusted zone of the VPN. The DoS attack can also interfere the VP user indirectly. When a PE router is affected by DoS attack can affect a given VPN that affect PE, which in turn can negatively affect the connected VPN (Threat Against).
5 The third threat is related to the potential SQL code insertion or injection client’s web application. SQL injection is found as one of most prevalent destructive system attack. Open Web Application Security Project (OWASP) point out SQL injection as the number one threat. Injecting extraneous code into the textboxes can potentially debilitate the entire database. SQL injection can potentially be used to perform the following types of attacks. The injection can allow hacker to illegally logon to the internal application and illegally earn the privilege to manipulate the data stored in database and to disclose confidential information (SQL Injection). Risk Assessment In 2006, the U.K. Department of Trade and Industry (DTI) did a survey and released the results on businesses regarding security incidents. Of organization surveyed, it was found that intrusion was constant at 17 percent in their period of survey study, and failure of equipment was up to 29 percent (Pfleeger, 256) . In an official study, it was found that 87-percent of businesses surveyed have suffered a service degradation up to a full outage in 2013 from a DDoS attack (XAND LAUNCHES). SQL inject was found to be one of the six most commonly reported threats for Web applications. SQL among with other top five threats accounted for 40 percentage of threats found in 2012 (HP 2012). Level of Risk and Its Influence on QWD Operation Threat Level of Risk Denial of Service 4 Intrusion 3 SQL Inject 3 4- Critical: QWD business will not be operational when it encounters the type of threat as listed
6 3- Medium –Critical: QWD business still can somewhat manage its operations, but it has to do it under the interference caused by the threats. The Consequence The consequences of security breach through VPN can lead to the theft of QWD proprietary or confidential information or loss of client information, to the exploitation or manipulation of confidential information, to web page content modification, etc. The authentication method used by IPsec authentication can weaken authentication process and can be unmanageable for QWD in deploying web services for multiple clients’ organizations. The expenses and the complexities associated with IPsec deployment, IPsec VPN selectors are insufficient to meet the need of the authorization-associated policies that QWD must have in today highly regulated environment (The Myth). To compensate the weaker authentication by IPsec VPN, QWD have to create relatively more complicated constituency-orientated policies to limited user access. IPsec VPN remote access need VPN client software and policy configuration at the end devices. With the need of additional supports and resources, QWD simply cannot deliver cost-effective secure remote access to all users from all devices. When a client is connected using IPsec, every resource inside this protected network is potentially available to the user, and therefore vulnerable to misuse and attack from that client during the entire connection (The Myth). DDoS attacks can cause costly and destructive downtime on the client’s hosted applications and resources. During the downtime caused by DDoS, the users of the websites developed and designed by QWD would be able to access the websites and the services that are offered by the clients through the web pages. In the meantime, QWD and its clients cannot communicate with the users and the clients’ customers due to the malfunctioning of the websites
7 (The Myth). The Ponemon Institute “estimates that the average cost of one minute of downtime due to a DDoS attack is $22,000. The average attack lasts at least an hour, inflicting devastating and expensive downtime on business operations.” (Xand Launches). Through SQL Injection, the hackers can obtain unauthorized access to MS SQL 2008 database (DB) server or the DB located in the corporate office. The hackers can create, review, insert, alter, or remove QWD images or confidential information stored in the QDW back-end database. Through SQL injection and manipulation, the hackers can potentially can lock or delete tables stored in the DB at the QWD servers. The malicious manipulation of the data can cause denial of service to authorized users and can unauthorized-ly grant remote command executions that are normally reserved for administrators (SQL Injection). The Affects on the Company Competitive Advantages More of QWD may go to its competitors to see more similar services to decreased trust about the security and service provided by QWD. The outrage can cause an increase in volume of customer inquiries about the outage, which can result in a loss in revenue. The security fear can drive decline in stock prices and investor confidence. The comprised IT system at QWD can further be susceptible to multiple attacks within relatively short period of time (DDoS). With data breach of confidential information (QWD corporate confidential information, employee private information and client private information) can potentially raise lawsuit not only against QWD Company itself but also to its employees as well. If hackers are able to intrude into the system developed by the software developer or engineers, the computer professional are liable to lawsuits (Five Ways).
8 Justification for Using Dell Sonic NSA 220 M and NSA 6600 Dell SonicWall Firwall TCO Comparison and analysis tool and model take into consideration of QWD current firewall requirements. Based on the client system requirement and configuration, Dell TCO make product recommendation that can improve the QWD system condition and it then make compares the selection of Dell SonicWALL product and service with a similar version of a Cisco solution. The TCO suggested solution are Dell SonicWall NSA 6600 and NSA 250 QWD system (Dell). Total TCO Savings 3 Year-over-Year of Dell SonicWall NSA over Cisco ASA is $381,405. The percentage of difference for Total Cost of Ownership (over 3 years) for Dell Sonic Wall NSA over Cisco ASA is -88.4%. QWD can save at least 88.4% when it purchases the Dell product over the Cisco version. Percent of difference projected number of labor FTEs of Dell SonicWall over Cisco ASA is 74.4%. Staff to device support ratio (Devices per 1 FTE) of DellSonic Wall is 159.9%. Firewall TCO per user (NPV over 3 years) is 88.4% of Cisco ASA (Figure 1) (Dell). Figure 1: Total Cost of Ownership Comparsion Total Cost of Ownership (TCO) Dell SonicWALL Cisco Difference Percent Difference Appliance Hardware and Support $41,321 $144,956 $103,635 71.5% Additional Security Services $7,664 $282,512 $274,848 97.3% Implementation / Configuration / $903 $2,810 $1,907 67.9%
9 Training Ongoing Operational (IT Labor) $125 $1,141 $1,015 89.0% Total TCO - Total Cost of Ownership (over 3 years) $50,014 $431,419 $381,405 88.4% Key Performance Indicators Dell SonicWALL Cisco Difference Percent Difference Projected Number of Labor FTEs 0.0 0.1 0.0 74.4% Staff to Device support ratio (Devices per 1 FTE) 143.7 55.3 88.4 159.9% Firewall TCO per user (NPV over 3 years) $50 $431 $381 88.4% Dell SonicWall NSA products include Comprehensive Gateway Security Suite (CGSS), Simple Firewall, Gateway Anti-Virus/Anti-Spyware (GAV), Intrusion Prevention Service Bundle, Application Intelligence and Control , Content Filtering Service , Botnet Filter , Context Aware Security Support Level, IPSec VPN License, and SSL VPN license. The cost saving of Dell SonicWall NSA over Cisco ASA is $157,247 and the TCO different of Dell over Cisco is – 92.6%. This mean Dell SonicWall’s security package cost 92.6% less than Cisco version (Figure 2) (Dell).
10 Figure 2: Additional Security Services Appliances and Licensing Costs Additional Security Services Appliances and Licensing Costs Dell SonicWALL Cisco Difference Percent Difference Selected Deep Packet Inspection Services $0 $149,847 $149,847 100.0% √ Intrusion Prevention Service (IPS) Appliance (Dell-Not Req. ) $0 $86,490 $86,490 100.0% √ Intrusion Prevention Service (IPS) Licensing (Dell-Included ) (Cisco-Included ) $0 $0 $0 100.0% √ Application Intelligence and Control (AIC) (Dell-Included ) (Cisco-Included ) $0 $0 $0 100.0% √ Content Filtering Service (CFS) (Dell- Included ) (Cisco-Not Incl. ) $0 $0 $0 100.0% Selected Client Services $595 $7,995 $7,400 92.6% √ IPSec VPN (Dell-Included ) $0 $0 $0 0.0% √ SSL VPN $595 $7,995 $7,400 92.6% Impact on Business Process Dell SonicWall technologies integrate both SSL/IPsec VPN into its system. The SSL/IPsec VPN offers the capability to securely and conveniently extends the corporate network
11 access beyond managed desktops to different user services. Secure Remote Access, powered by the Sonic Wall SSL/IPsec VPN edition, enables QWD to securely and seamlessly provide authorized company resources access to a wide ranger of users, contractors, and business partners on the wide variety of mobile and fixed workstations (SNA 6600, SNA 220). With inclusive support for unrestricted full-network access, as well as controlled access select web-based applications and network resources, the sonic wall VPN network platform provide flexibility needed by any VPN deployment in QWD. The VPN provides an effective and efficient combination of seamless controlled access, firewall, intrusion prevention inspection and web threat prevention that empower QWD mobile worker to be productive while protecting corporate asset or interest (SNA 6600, SNA 220) Combined SSL/ISpec VPN technology into one platform can deliver a highly customizable, simple, and flexible one-box solution for VPN deployment environments, and reduce the expense of deploying remote-access solutions (SNA 6600, SNA 220). Through client- based SSL or IPsec VPN, corporate managed laptop can remotely access seamlessly to QWD corporate network resources. Through clientless SSL VPN, remote user such QWD clients may gain access web-based application from their terminal. Business partner or other professional affiliation can access to specific QWD resources and application. NSA 6600 should be located in the corporate office. NSA 6600 supports a wide range of deployment and application environments, NSA 660 delivers maximum value to QWD with the most comprehensive set of Secure Socket Layer (SSL) and IP security (IPsec) VPN features, performance, and scalability (SNA 6600, SNA 220). The solution is comprised of a single unified platform: the NSA 6600 and the Secure Mobility Solution, enables QWD to use a highly effective combination of seamless controlled access, firewall, intrusion prevention inspection
12 and web threat prevention that enables QWD mobile workers , stationary workers and clients to be productive while helping to improve corporate profit by increasing sales. With Dell inclusive support for unrestricted full-network access, as well as controlled access to select web-based applications and network resources in QWD, the platform provides the flexibility required by any VPN deployment in QWD (Figure 3) (SNA 6600, SNA 220). Figure 3: Dell NSA 6600 in Corporate Headquarter Office
13 Figure 2: Dell NSA 250 M in Remote Office
14 NSA 250M and NSA 6600 Expert Rating Category Rating Feature 5/5 Ease of Use 5/5 Performance 5/5 Documentations 5/5 Support 5/5 Value for Money 5/5 Overall Rating 5/5 The wireless network capabilities offered by NSA 250M and NSA 6600 can empower mobile worker, who can work anywhere while protected by the security service offered the Dell technology. Based on the survey answered by the users of the NSA system, it seem that all these users are 100% satisfied with the system. They give them 5 out 5 for overall rating (NSA Review). By allowing employee the option to work at home at a certain time of a week can improve business result. Evidences have shown around two thirds of people want to work at home and eighty percentage of employee did the survey consider telework as perk. Approximately 6 out 10 employers identify telecommunication as cost saving plan for the employer. IBM saves real estate cost by $50 million, and Nortel save $100,000 per employee, who works at home. Sun Microsystem saves $68 million a year from its telecomm workers (Advantage).
15 By using Dell to brand its business can potentially attract more customer to QWD. Once the customers understand the heightened level of protection offered by Dell technology, they are more willingly to do more business with QWD or even recommend more customers to QWD. Quality Web Design can potentially experience fewer incidences of system malfunction and data breach that are resulted from intrusion, denial of service, sql injection or other. By having fewer number of incidents can potentially reduce the time and expense involved in litigation workload and cost associated with data breach and unauthorized access. Hard Solution and Security Service Solution Dell SonicWALL is a multi-service platform. The security protection extends from the network core to the perimeter of the system. Unified Threat Management (UTM) integrates support from SonicWALL’s Gateway Anti-Spyware, Anti-Virus, and Intrusion Protection service and Application. These all security appliance delivers real-time protection against the innovative mixtures of threats that include intrusion threat and SQL. The effective combination of protection against application-layer and content-based attacks is a heightened level of gateway protection defends against multiple threat coming from the access points (AP) and thoroughly look through all network layers for threats that either involve or include intrusion threat (SNA 6600, SNA 220). The Dell SonicWall Intrusion Prevention System (IPS) Service provides network protection 24 hours a day and 7 days week. Its major specification is 4.5 Gbps, Maximum Inspected Connection is 500,000, and New Connections/Per Second is 90,000. Dell’s IPS Service is activated on Dell Sonic WALL and Network Security Appliance (NSA). IPS provides high performance and deep pocket inspection with countermeasure for complete protection
16 against application exploitation and malicious traffic. The Dell IPS service is scalable to provide service to organization of all sizes. When QWD expands its business and has more customers, it still can use the Dell SonicWall system. IPS provides a layer of security enforcement and protection between each network zone and the Internet and between Internet zones for additional security against intrusion (SNA 6600, SNA 220). IPS provides bi-directional and full stack inspection that check for inbound and outbound of critical application traffic providing defense against a wide variety of attacks, such as SQL injection, cross-site scripting, remote code execution, shell code payloads, and remote procedure calls. It has a wide range of payload inspection: it spans a wide range of protocols, including MySQL, TCP, DNS, HTTP, HTTPS, SMTP, SNMP, POP3, FTP, Telnet, RTP, etc. Firewall and Networking part of the Dell Sonic Wall offer SYN Flood protection. SYN Flood provides a defense against DOS attacks using both Layer 2 SYN blacklisting and Layer 3 SYN proxies. It provides the ability to defend against DOS/DDoS through UDP/ICMP flood protection and connection rate limiting (SNA 6600, SNA 220). Dell SonicWall Virtual Private Networking technology can make network and security management more efficient for network managers/administrator. Using Dell SonicWall VPN, the network managers can establish a more secure and extensive VPN that can be more readily to control and manage. Dell Sonic VPN technology includes integrated IPSec VPN, for securing site-to-site communication. The VPN technology offers both SSL VPN and IPSec VPN for remote client-secure access. The VPN technology line also offer a complete of Secure Remote Access/SSL VPN appliances that come with remote access and management capabilities to a wide range of organizational size with varying network complexities and specification and security requirement (SNA 6600, SNA 220).
17 Dell NSA 250 M Specification Operating system SonicOS 5.9 Security Processor 2x 700 MHz Memory (RAM) 512 MB Firewall inspection throughput1 750 Mbps Full DPI throughput2 130 Mbps Application inspection throughput2 250 Mbps IPS throughput2 250 Mbps Anti-malware inspection throughput2 140 Mbps IMIX throughput3 210 Mbps SSL Inspection and Decryption (DPI SSL)2 Available VPN throughput3 200 Mbps VLAN interfaces 35 VPN Site-to-Site VPN Tunnels 50 IPSec VPN clients (Maximum) 2(25) SSL VPN licenses (Maximum) 2(15)
18 Encryption/Authentication DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1 Key exchange Diffie Hellman Groups 1, 2, 5, 14 Route-based VPN RIP, OSPF IP address assignment Static, (DHCP PPPoE, L2TP and PPTP client), Internal DHCP server, DHCP Relay NAT modes 1:1, many:1, 1:many, flexible NAT (overlapping IPS), PAT, transparent mode Routing protocols BGP, OSPF, RIPv1/v2, static routes, policy- based routing, multicast Authentication XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix Standards TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS, IEEE 802.3 Hardware Form factor Desktop (1U Rack Mountable Kit Available) NSA 6600 Specification
19 Operating system SonicOS 6.2 Security Processor 24x 1.0 GHz Firewall inspection throughput1 12.0 Gbps Full DPI throughput2 3.0 Gbps Application inspection throughput2 4.5 Gbps IPS throughput2 4.5 Gbps Anti-malware inspection throughput2 3.0 Gbps IMIX throughput3 3.5 Gbps SSL Inspection and Decryption (DPI SSL)2 1.3 Gbps VPN throughput3 5.0 Gbps VPN Site-to-Site VPN Tunnels 6000 IPSec VPN clients (Maximum) 2,000 (6,000) SSL VPN licenses (Maximum) 2 (50) Encryption/Authentication DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1 Key exchange Diffie Hellman Groups 1, 2, 5, 14 Route-based VPN RIP, OSPF Networking IP address assignemnet Static, DHCP, PPPoE, L2TP, PPTP client), Internal DhCP server, DHCP Relay Authetnicaiton XAUTH/RADIUS, Active Directory,
20 SSO, LADP, Novell, Internal user database, Terminal Services, Citrix Certifications VPNC, ICSA Firewall, ICSA Anti-Virus
21 Reference Advantage of Telecommuting. (2014). Global Workplace Analytics. http://globalworkplaceanalytics.com/resources/costs-benefits An Anomaly-Based Approach for Intrusion Detection in Web Traffic. (n.d.) Retrieved from: http://webcache.googleusercontent.com/search?client=safari&rls=en&q=cache:hmDAp gF38E4J:http://digital.csic.es/bitstream/10261/40544/1/ARTICULOS315428%255B1% 255D.pdf%2Bconsequence+intrusion+web+security&oe=UTF- 8&hl=en&as_q&nfpr&spell=1&&ct=clnk Dell SonicWALL Firewall Appliance TCO Comparison. (2014). SonicWall. Retrieved from: https://roianalyst.alinean.com/SonicWALL/ Five Ways Programmers Can be Suit. (n.d.) Retrieved from: http://www.techinsurance.com/blog/computer-consultants/5-ways-web-programmers- can-be-sued/ DDoS Boot Camp: Basic Training for an Increasing Cyber Threat . (n.d.) Retrieved from: www.prolexic.com/...ddos-boot-camp/DDoS_Boot_Camp-Prolexic_executive _ series_white_paper-073113.pdf How to Prevent Security Breaches from Known Vulnerabilities. (n.d.) http://www.esecurityplanet.com/network-security/how-to-prevent-security-breaches- from-known-vulnerabilities.html HP 2012 Cyber Risk Report. (n.d.) Retrieved from: www.hpenterprisesecurity.com/collateral/whitepaper/HP2012CyberRiskReport_0213.pdf %2BHP+2012+Cyber+Risk+Report&client=safari&rls=en&oe=UTF- 8&hl=en&&ct=clnk
22 NSA 220 Network Security Appliance. (2014). Dell SonicWall. Retrieved from :http://www.sonicwall.com/us/en/products/NSA-220.html NSA 6600 Next-Generation Firewall (NGFW). (2014).Dell SonicWall. Retrieved from: http://www.sonicwall.com/us/en/products/NSA-6600.html NSA Review. (2009). Retrieved from :http://www.scmagazine.com/sonicwall-nsa- 240/review/2678/ The Myth of the Secure Virtual Desktop Avoid a false sense of security with your VPN or VDI endpoints. (n.d.) Retrieved from: http://webcache.googleusercontent.com/search?q=cache:7LfeJvdlN_kJ:http://www.npcda taguard.com/The%2520Myth%2520of%2520the%2520Secure%2520Virtual%2520Deskt op.pdf%2BThe+Myth+of+the+Secure+Virtual+Desktop&client=safari&rls=en&oe=UTF -8&hl=en&&ct=clnk SEC 517 Course: Security Assessment and Recommendations [class handout]. (2014). New York, NY: Keller School of Management, New York, NY Smith, D. (2010). Profiles of major American psychologists [Class handout]. Department of Psychology, Harvard University, Boston, MA. SQL Injection Tutorial. (n.d.) Retrieved from :http://www.w3resource.com/sql/sql-injection/sql- injection.php#sthash.Rq9nWIAW.dpuf Threats Against a VPN. (n.d.) Retrieved from: http://etutorials.org/Networking/MPLS+VPN+security/Part+I+MPLS+VPN+and+Security+F undamentals/Chapter+2.+A+Threat+Model+for+MPLS+VPNs/Threats+Against+a+VPN/ VPNs (Virtual Private Nightmares). Retrieved from: http://www.secureworks.com/resources/newsletter/2004-05/ Why Replace Your IPSec for Remote Access. (n.d.) Retrieved from:
23 http://webcache.googleusercontent.com/search?q=cache:UnLmTmaPU8wJ:https://www.s onicwall.com/downloads/WP-ENG-035_Why-Replace-Your- IPSec_US.pdf%2BWhy+Replace+Your+IPSec+for+Remote+Access&client=safari&rls= en&oe=UTF-8&hl=en&&ct=clnk XAND Launches Distributed Denial of Service (DDOS) Protection Services to Proactively Services to Proactively Safeguard Mission-Critical IT Infrastructure. (n.d.) http://webcache.googleusercontent.com/search?client=safari&rls=en&q=cache:ZABMjD DDhLQJ:http://www.xand.com/06/press-releases/xand-launches-distributed-denial-of- service-ddos-protection-services-to-proactively-safeguard-mission-critical-it- infrastructure/%2Bdenial+of+service+percentage+risk&oe=UTF-8&hl=en&&ct=clnk

More Related Content

PDF
INLINE_PATCH_PROXY_FOR_XEN_HYPERVISOR
Neha Rana
 
PDF
Common Types of DDoS Attacks | MazeBolt Technologies
MazeBolt Technologies
 
PDF
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...
IRJET Journal
 
PDF
Web-style Wireless IDS attacks, Sergey Gordeychik
qqlan
 
PDF
Security Fact & Fiction: Three Lessons from the Headlines
Duo Security
 
PDF
IRJET- Insider Interruption Identification and Protection by using Forens...
IRJET Journal
 
PDF
Implementation of user authentication as a service for cloud network
Salam Shah
 
PDF
The Top 20 Cyberattacks on Industrial Control Systems
Muhammad FAHAD
 
INLINE_PATCH_PROXY_FOR_XEN_HYPERVISOR
Neha Rana
 
Common Types of DDoS Attacks | MazeBolt Technologies
MazeBolt Technologies
 
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...
IRJET Journal
 
Web-style Wireless IDS attacks, Sergey Gordeychik
qqlan
 
Security Fact & Fiction: Three Lessons from the Headlines
Duo Security
 
IRJET- Insider Interruption Identification and Protection by using Forens...
IRJET Journal
 
Implementation of user authentication as a service for cloud network
Salam Shah
 
The Top 20 Cyberattacks on Industrial Control Systems
Muhammad FAHAD
 

What's hot (14)

PDF
Defending Industrial Control Systems From Cyberattack
Mountain States Engineering and Controls
 
PDF
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
Brian Kelly
 
PDF
IRJET- Security Attacks Detection in Cloud using Machine Learning Algorithms
IRJET Journal
 
PDF
Solution Brief
webhostingguy
 
PDF
Web vulnerabilities
Krishna Gehlot
 
PDF
Detection of Distributed Denial of Service Attacks
ijdmtaiir
 
PPTX
MS Cloud day - Understanding and implementation on Windows Azure platform sec...
Spiffy
 
PDF
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
University of Essex
 
PDF
1738 1742
Editor IJARCET
 
PDF
IRJET- Cyber Attacks and its different Types
IRJET Journal
 
PDF
Nii sample pt_report
Chandan Bagai, GWAPT, CEHv8, CCNA
 
PDF
Vulnerability Assessment Report
Harshit Singh Bhatia
 
PDF
Cisco Annual Security Report 2016
The Internet of Things
 
PDF
INTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARD
IJCI JOURNAL
 
Defending Industrial Control Systems From Cyberattack
Mountain States Engineering and Controls
 
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
Brian Kelly
 
IRJET- Security Attacks Detection in Cloud using Machine Learning Algorithms
IRJET Journal
 
Solution Brief
webhostingguy
 
Web vulnerabilities
Krishna Gehlot
 
Detection of Distributed Denial of Service Attacks
ijdmtaiir
 
MS Cloud day - Understanding and implementation on Windows Azure platform sec...
Spiffy
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
University of Essex
 
1738 1742
Editor IJARCET
 
IRJET- Cyber Attacks and its different Types
IRJET Journal
 
Nii sample pt_report
Chandan Bagai, GWAPT, CEHv8, CCNA
 
Vulnerability Assessment Report
Harshit Singh Bhatia
 
Cisco Annual Security Report 2016
The Internet of Things
 
INTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARD
IJCI JOURNAL
 
Ad

Similar to Security Risk Assessment for Quality Web Design (20)

DOCX
English 108 Spring 2015Lexicon Assignment SheetA lexicon is a .docx
YASHU40
 
PDF
Survey of different Web Application Attacks & Its Preventive Measures
IOSR Journals
 
DOCX
Running head Threat Analysis .docx
toltonkendal
 
DOC
ISSC422_Project_Paper_John_Intindolo
John Intindolo
 
PDF
What Is Denial Of Service Attack
Stephanie Williams
 
DOCX
Network Diagram of a company ABCD Roshan basnet it 29
rosu555
 
PPTX
Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
yasirkhokhar7
 
PDF
International Journal on Cloud Computing: Services and Architecture (IJCCSA)
ijccsa
 
PDF
A Multi-Layer Real Time Remote Monitoring & Corporate Network System For Viru...
ijccsa
 
PDF
A Review paper on Securing PHP based websites From Web Application Vulnerabil...
Editor IJMTER
 
PDF
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Booz Allen Hamilton
 
PDF
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
IAEME Publication
 
PDF
International Journal of Computer Science and Security Volume (1) Issue (3)
CSCJournals
 
DOCX
Case1–NetworkDesignAbstractThecompanyinthisc.docx
wendolynhalbert
 
PPTX
Cyber terrorism
Nihal Jani
 
PDF
Securing and Managing the Oracle HTTP Server - White Paper
SecureDBA
 
PDF
Beza belayneh information_warfare_brief
Beza Belayneh
 
PDF
A Cyber Security Review
Simon Moffatt
 
PDF
Cybersecurity - Poland.pdf
PavelVtek3
 
PPTX
IBM Smarter Business 2012 - IBM Security: Threat landscape
IBM Sverige
 
English 108 Spring 2015Lexicon Assignment SheetA lexicon is a .docx
YASHU40
 
Survey of different Web Application Attacks & Its Preventive Measures
IOSR Journals
 
Running head Threat Analysis .docx
toltonkendal
 
ISSC422_Project_Paper_John_Intindolo
John Intindolo
 
What Is Denial Of Service Attack
Stephanie Williams
 
Network Diagram of a company ABCD Roshan basnet it 29
rosu555
 
Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
yasirkhokhar7
 
International Journal on Cloud Computing: Services and Architecture (IJCCSA)
ijccsa
 
A Multi-Layer Real Time Remote Monitoring & Corporate Network System For Viru...
ijccsa
 
A Review paper on Securing PHP based websites From Web Application Vulnerabil...
Editor IJMTER
 
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Booz Allen Hamilton
 
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
IAEME Publication
 
International Journal of Computer Science and Security Volume (1) Issue (3)
CSCJournals
 
Case1–NetworkDesignAbstractThecompanyinthisc.docx
wendolynhalbert
 
Cyber terrorism
Nihal Jani
 
Securing and Managing the Oracle HTTP Server - White Paper
SecureDBA
 
Beza belayneh information_warfare_brief
Beza Belayneh
 
A Cyber Security Review
Simon Moffatt
 
Cybersecurity - Poland.pdf
PavelVtek3
 
IBM Smarter Business 2012 - IBM Security: Threat landscape
IBM Sverige
 
Ad

More from Ting Yin (20)

PDF
Menu_Oct2
Ting Yin
 
PDF
Menu
Ting Yin
 
DOCX
PNA
Ting Yin
 
DOCX
RIM
Ting Yin
 
DOCX
Network
Ting Yin
 
DOCX
Managing Changes at Intel
Ting Yin
 
DOCX
iLab Solution II
Ting Yin
 
DOCX
Network Management iLab Solution
Ting Yin
 
DOCX
Game for Learning
Ting Yin
 
PPTX
Software Project Management Slide
Ting Yin
 
DOCX
Project Management
Ting Yin
 
PPTX
Enterprise Data Warehouse
Ting Yin
 
DOCX
Oracle Database
Ting Yin
 
DOCX
HRIS
Ting Yin
 
DOCX
Business Intelligence
Ting Yin
 
PDF
Wireframe mobile learning_app_march15_12_pm
Ting Yin
 
DOCX
Ting_Yin_ITS_March15_12PM
Ting Yin
 
DOCX
Ting yin its_financialpla_march15_11am
Ting Yin
 
DOCX
Ting yinits march14_6am
Ting Yin
 
PDF
HRM: Strategies to Cut Costs and Reduce Risk
Ting Yin
 
Menu_Oct2
Ting Yin
 
Menu
Ting Yin
 
PNA
Ting Yin
 
RIM
Ting Yin
 
Network
Ting Yin
 
Managing Changes at Intel
Ting Yin
 
iLab Solution II
Ting Yin
 
Network Management iLab Solution
Ting Yin
 
Game for Learning
Ting Yin
 
Software Project Management Slide
Ting Yin
 
Project Management
Ting Yin
 
Enterprise Data Warehouse
Ting Yin
 
Oracle Database
Ting Yin
 
HRIS
Ting Yin
 
Business Intelligence
Ting Yin
 
Wireframe mobile learning_app_march15_12_pm
Ting Yin
 
Ting_Yin_ITS_March15_12PM
Ting Yin
 
Ting yin its_financialpla_march15_11am
Ting Yin
 
Ting yinits march14_6am
Ting Yin
 
HRM: Strategies to Cut Costs and Reduce Risk
Ting Yin
 

Recently uploaded (20)

PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Teaching material agriculture food technology
LiaRayya
 
KodekX | Application Modernization Development
KodekX
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Cloud computing and distributed systems.
kkkkkhan
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Encapsulation theory and applications.pdf
gurumoop
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 

Security Risk Assessment for Quality Web Design

  • 1. 1 Security Risk Assessment for Quality Web Design Ting Yin Submitted to: Jude Lamour SE571 Principles of Information Security and Privacy Keller Graduate School of Management Submitted: November 16, 2014
  • 2. 2 Table of Contents Executive Summary………………………………………………………………………….3 Company Overview…………………………………………………………………………..3 Security Vulnerabilities……………………………………………………………………....3 Threats………………………………………………………………………………… ……4 Risk Assessment ……………………………………………………………………..……..5 The Consequence …………………………………………………………………….…….6 The Affects on The Company Competitive Advantages .......................................................7 The Definition of Solution ………….……………………………………………………..15 Justification …………………………………………………………………………………6 Impact on Business Processes ………………………………………………………………10 Reference…………………………………………………………………………………….19
  • 3. 3 Executive Summary Dell Sonic Firewall TCO recommends QWD to use Dell NSA 250m and NSA 6600 and to replace its current IPSec VPN. NSA 250m and NSA 6600 appliances come with a wide range and heighted level of security protection services and additional security protection hardware and software bundles. Based on a reputable technology survey, NSA 250 m and NSA 6600 are given rating of 5 out of 5 (NSA Review). NSA 6600 system should be located near QWD office headquarters and NSA 250m should be located near in QWD remote office. Both NSA systems have the right tools to protect QWD from intrusion, denial of service, and SQL attacks. In addition to the security protection, NSA systems offer mobile service for workers, business partners, customer, clients or QWD affiliations to be able to collaborate online on QWD related projects. The remote access and connectivity can further improve QWD business process and even increase revenue. Company Overview Quality Web Design (QWD) is a web design and development company that designs and creates client side web application for different industries. The web application that QWD make can help their clients to market their client information in form of web content to the outside world. QWD has a basic Microsoft (MS) shop that uses a Visual Studio (VS) Team Foundation to support its image repository. For quality analysis and site development, QWD uses VS. QWD also utilizes MS SQL Server and MS Exchange (SEC 517). Two Security Vulnerabilities In this paper, I will discuss three security vulnerabilities: one is associated with hardware, the second is associated with the software. The first vulnerability is found within the
  • 4. 4 network infrastructure (hardware). The second vulnerability is associated with SQL injection attack into the client’s web page (SEC 517). Threats Against VPN or Server In this section, two threats against a VPN will be discussed: 1) Intrusions; 2) Denial of Service. Intrusion is a form of threat that offers opportunities for unauthorized outsider to access and to control over parts of the VPN. The parts that can affect could be internal computers, servers, network elements, and other network components. To access into internal information or equipment as hackers or intruders, the malicious individual first inject code for traffic control into the VPN. In a simple case of the virtual invasion and unauthorized internal control is to send a single IP packet to a destination in the VPN (Threat Against). The terminals or phones and other mobile devices that are left opened and neglected are one of the primary reason that unauthorized individual can gain access to the internal resources that lie with QWD. “VPNs will likely continue to be the weakness link in an organization’s security infrastructure for some time to come.” (VPNs Virtual) Any organization is as secure as its weakest links or connections. VPNs provide illusion of a false sense of security, due to “poor implementation and maintenance.” Perhaps, VPN can be considered as one the weakest link in QWD (The Myth). Denial of service is another threat from outside against the VPN. Unlike intrusion discussed above this section, DoS prevents other from accessing the web. For hackers to complete DoS, s/he first needs to able to inject packets into the trusted zone of the VPN. The DoS attack can also interfere the VP user indirectly. When a PE router is affected by DoS attack can affect a given VPN that affect PE, which in turn can negatively affect the connected VPN (Threat Against).
  • 5. 5 The third threat is related to the potential SQL code insertion or injection client’s web application. SQL injection is found as one of most prevalent destructive system attack. Open Web Application Security Project (OWASP) point out SQL injection as the number one threat. Injecting extraneous code into the textboxes can potentially debilitate the entire database. SQL injection can potentially be used to perform the following types of attacks. The injection can allow hacker to illegally logon to the internal application and illegally earn the privilege to manipulate the data stored in database and to disclose confidential information (SQL Injection). Risk Assessment In 2006, the U.K. Department of Trade and Industry (DTI) did a survey and released the results on businesses regarding security incidents. Of organization surveyed, it was found that intrusion was constant at 17 percent in their period of survey study, and failure of equipment was up to 29 percent (Pfleeger, 256) . In an official study, it was found that 87-percent of businesses surveyed have suffered a service degradation up to a full outage in 2013 from a DDoS attack (XAND LAUNCHES). SQL inject was found to be one of the six most commonly reported threats for Web applications. SQL among with other top five threats accounted for 40 percentage of threats found in 2012 (HP 2012). Level of Risk and Its Influence on QWD Operation Threat Level of Risk Denial of Service 4 Intrusion 3 SQL Inject 3 4- Critical: QWD business will not be operational when it encounters the type of threat as listed
  • 6. 6 3- Medium –Critical: QWD business still can somewhat manage its operations, but it has to do it under the interference caused by the threats. The Consequence The consequences of security breach through VPN can lead to the theft of QWD proprietary or confidential information or loss of client information, to the exploitation or manipulation of confidential information, to web page content modification, etc. The authentication method used by IPsec authentication can weaken authentication process and can be unmanageable for QWD in deploying web services for multiple clients’ organizations. The expenses and the complexities associated with IPsec deployment, IPsec VPN selectors are insufficient to meet the need of the authorization-associated policies that QWD must have in today highly regulated environment (The Myth). To compensate the weaker authentication by IPsec VPN, QWD have to create relatively more complicated constituency-orientated policies to limited user access. IPsec VPN remote access need VPN client software and policy configuration at the end devices. With the need of additional supports and resources, QWD simply cannot deliver cost-effective secure remote access to all users from all devices. When a client is connected using IPsec, every resource inside this protected network is potentially available to the user, and therefore vulnerable to misuse and attack from that client during the entire connection (The Myth). DDoS attacks can cause costly and destructive downtime on the client’s hosted applications and resources. During the downtime caused by DDoS, the users of the websites developed and designed by QWD would be able to access the websites and the services that are offered by the clients through the web pages. In the meantime, QWD and its clients cannot communicate with the users and the clients’ customers due to the malfunctioning of the websites
  • 7. 7 (The Myth). The Ponemon Institute “estimates that the average cost of one minute of downtime due to a DDoS attack is $22,000. The average attack lasts at least an hour, inflicting devastating and expensive downtime on business operations.” (Xand Launches). Through SQL Injection, the hackers can obtain unauthorized access to MS SQL 2008 database (DB) server or the DB located in the corporate office. The hackers can create, review, insert, alter, or remove QWD images or confidential information stored in the QDW back-end database. Through SQL injection and manipulation, the hackers can potentially can lock or delete tables stored in the DB at the QWD servers. The malicious manipulation of the data can cause denial of service to authorized users and can unauthorized-ly grant remote command executions that are normally reserved for administrators (SQL Injection). The Affects on the Company Competitive Advantages More of QWD may go to its competitors to see more similar services to decreased trust about the security and service provided by QWD. The outrage can cause an increase in volume of customer inquiries about the outage, which can result in a loss in revenue. The security fear can drive decline in stock prices and investor confidence. The comprised IT system at QWD can further be susceptible to multiple attacks within relatively short period of time (DDoS). With data breach of confidential information (QWD corporate confidential information, employee private information and client private information) can potentially raise lawsuit not only against QWD Company itself but also to its employees as well. If hackers are able to intrude into the system developed by the software developer or engineers, the computer professional are liable to lawsuits (Five Ways).
  • 8. 8 Justification for Using Dell Sonic NSA 220 M and NSA 6600 Dell SonicWall Firwall TCO Comparison and analysis tool and model take into consideration of QWD current firewall requirements. Based on the client system requirement and configuration, Dell TCO make product recommendation that can improve the QWD system condition and it then make compares the selection of Dell SonicWALL product and service with a similar version of a Cisco solution. The TCO suggested solution are Dell SonicWall NSA 6600 and NSA 250 QWD system (Dell). Total TCO Savings 3 Year-over-Year of Dell SonicWall NSA over Cisco ASA is $381,405. The percentage of difference for Total Cost of Ownership (over 3 years) for Dell Sonic Wall NSA over Cisco ASA is -88.4%. QWD can save at least 88.4% when it purchases the Dell product over the Cisco version. Percent of difference projected number of labor FTEs of Dell SonicWall over Cisco ASA is 74.4%. Staff to device support ratio (Devices per 1 FTE) of DellSonic Wall is 159.9%. Firewall TCO per user (NPV over 3 years) is 88.4% of Cisco ASA (Figure 1) (Dell). Figure 1: Total Cost of Ownership Comparsion Total Cost of Ownership (TCO) Dell SonicWALL Cisco Difference Percent Difference Appliance Hardware and Support $41,321 $144,956 $103,635 71.5% Additional Security Services $7,664 $282,512 $274,848 97.3% Implementation / Configuration / $903 $2,810 $1,907 67.9%
  • 9. 9 Training Ongoing Operational (IT Labor) $125 $1,141 $1,015 89.0% Total TCO - Total Cost of Ownership (over 3 years) $50,014 $431,419 $381,405 88.4% Key Performance Indicators Dell SonicWALL Cisco Difference Percent Difference Projected Number of Labor FTEs 0.0 0.1 0.0 74.4% Staff to Device support ratio (Devices per 1 FTE) 143.7 55.3 88.4 159.9% Firewall TCO per user (NPV over 3 years) $50 $431 $381 88.4% Dell SonicWall NSA products include Comprehensive Gateway Security Suite (CGSS), Simple Firewall, Gateway Anti-Virus/Anti-Spyware (GAV), Intrusion Prevention Service Bundle, Application Intelligence and Control , Content Filtering Service , Botnet Filter , Context Aware Security Support Level, IPSec VPN License, and SSL VPN license. The cost saving of Dell SonicWall NSA over Cisco ASA is $157,247 and the TCO different of Dell over Cisco is – 92.6%. This mean Dell SonicWall’s security package cost 92.6% less than Cisco version (Figure 2) (Dell).
  • 10. 10 Figure 2: Additional Security Services Appliances and Licensing Costs Additional Security Services Appliances and Licensing Costs Dell SonicWALL Cisco Difference Percent Difference Selected Deep Packet Inspection Services $0 $149,847 $149,847 100.0% √ Intrusion Prevention Service (IPS) Appliance (Dell-Not Req. ) $0 $86,490 $86,490 100.0% √ Intrusion Prevention Service (IPS) Licensing (Dell-Included ) (Cisco-Included ) $0 $0 $0 100.0% √ Application Intelligence and Control (AIC) (Dell-Included ) (Cisco-Included ) $0 $0 $0 100.0% √ Content Filtering Service (CFS) (Dell- Included ) (Cisco-Not Incl. ) $0 $0 $0 100.0% Selected Client Services $595 $7,995 $7,400 92.6% √ IPSec VPN (Dell-Included ) $0 $0 $0 0.0% √ SSL VPN $595 $7,995 $7,400 92.6% Impact on Business Process Dell SonicWall technologies integrate both SSL/IPsec VPN into its system. The SSL/IPsec VPN offers the capability to securely and conveniently extends the corporate network
  • 11. 11 access beyond managed desktops to different user services. Secure Remote Access, powered by the Sonic Wall SSL/IPsec VPN edition, enables QWD to securely and seamlessly provide authorized company resources access to a wide ranger of users, contractors, and business partners on the wide variety of mobile and fixed workstations (SNA 6600, SNA 220). With inclusive support for unrestricted full-network access, as well as controlled access select web-based applications and network resources, the sonic wall VPN network platform provide flexibility needed by any VPN deployment in QWD. The VPN provides an effective and efficient combination of seamless controlled access, firewall, intrusion prevention inspection and web threat prevention that empower QWD mobile worker to be productive while protecting corporate asset or interest (SNA 6600, SNA 220) Combined SSL/ISpec VPN technology into one platform can deliver a highly customizable, simple, and flexible one-box solution for VPN deployment environments, and reduce the expense of deploying remote-access solutions (SNA 6600, SNA 220). Through client- based SSL or IPsec VPN, corporate managed laptop can remotely access seamlessly to QWD corporate network resources. Through clientless SSL VPN, remote user such QWD clients may gain access web-based application from their terminal. Business partner or other professional affiliation can access to specific QWD resources and application. NSA 6600 should be located in the corporate office. NSA 6600 supports a wide range of deployment and application environments, NSA 660 delivers maximum value to QWD with the most comprehensive set of Secure Socket Layer (SSL) and IP security (IPsec) VPN features, performance, and scalability (SNA 6600, SNA 220). The solution is comprised of a single unified platform: the NSA 6600 and the Secure Mobility Solution, enables QWD to use a highly effective combination of seamless controlled access, firewall, intrusion prevention inspection
  • 12. 12 and web threat prevention that enables QWD mobile workers , stationary workers and clients to be productive while helping to improve corporate profit by increasing sales. With Dell inclusive support for unrestricted full-network access, as well as controlled access to select web-based applications and network resources in QWD, the platform provides the flexibility required by any VPN deployment in QWD (Figure 3) (SNA 6600, SNA 220). Figure 3: Dell NSA 6600 in Corporate Headquarter Office
  • 13. 13 Figure 2: Dell NSA 250 M in Remote Office
  • 14. 14 NSA 250M and NSA 6600 Expert Rating Category Rating Feature 5/5 Ease of Use 5/5 Performance 5/5 Documentations 5/5 Support 5/5 Value for Money 5/5 Overall Rating 5/5 The wireless network capabilities offered by NSA 250M and NSA 6600 can empower mobile worker, who can work anywhere while protected by the security service offered the Dell technology. Based on the survey answered by the users of the NSA system, it seem that all these users are 100% satisfied with the system. They give them 5 out 5 for overall rating (NSA Review). By allowing employee the option to work at home at a certain time of a week can improve business result. Evidences have shown around two thirds of people want to work at home and eighty percentage of employee did the survey consider telework as perk. Approximately 6 out 10 employers identify telecommunication as cost saving plan for the employer. IBM saves real estate cost by $50 million, and Nortel save $100,000 per employee, who works at home. Sun Microsystem saves $68 million a year from its telecomm workers (Advantage).
  • 15. 15 By using Dell to brand its business can potentially attract more customer to QWD. Once the customers understand the heightened level of protection offered by Dell technology, they are more willingly to do more business with QWD or even recommend more customers to QWD. Quality Web Design can potentially experience fewer incidences of system malfunction and data breach that are resulted from intrusion, denial of service, sql injection or other. By having fewer number of incidents can potentially reduce the time and expense involved in litigation workload and cost associated with data breach and unauthorized access. Hard Solution and Security Service Solution Dell SonicWALL is a multi-service platform. The security protection extends from the network core to the perimeter of the system. Unified Threat Management (UTM) integrates support from SonicWALL’s Gateway Anti-Spyware, Anti-Virus, and Intrusion Protection service and Application. These all security appliance delivers real-time protection against the innovative mixtures of threats that include intrusion threat and SQL. The effective combination of protection against application-layer and content-based attacks is a heightened level of gateway protection defends against multiple threat coming from the access points (AP) and thoroughly look through all network layers for threats that either involve or include intrusion threat (SNA 6600, SNA 220). The Dell SonicWall Intrusion Prevention System (IPS) Service provides network protection 24 hours a day and 7 days week. Its major specification is 4.5 Gbps, Maximum Inspected Connection is 500,000, and New Connections/Per Second is 90,000. Dell’s IPS Service is activated on Dell Sonic WALL and Network Security Appliance (NSA). IPS provides high performance and deep pocket inspection with countermeasure for complete protection
  • 16. 16 against application exploitation and malicious traffic. The Dell IPS service is scalable to provide service to organization of all sizes. When QWD expands its business and has more customers, it still can use the Dell SonicWall system. IPS provides a layer of security enforcement and protection between each network zone and the Internet and between Internet zones for additional security against intrusion (SNA 6600, SNA 220). IPS provides bi-directional and full stack inspection that check for inbound and outbound of critical application traffic providing defense against a wide variety of attacks, such as SQL injection, cross-site scripting, remote code execution, shell code payloads, and remote procedure calls. It has a wide range of payload inspection: it spans a wide range of protocols, including MySQL, TCP, DNS, HTTP, HTTPS, SMTP, SNMP, POP3, FTP, Telnet, RTP, etc. Firewall and Networking part of the Dell Sonic Wall offer SYN Flood protection. SYN Flood provides a defense against DOS attacks using both Layer 2 SYN blacklisting and Layer 3 SYN proxies. It provides the ability to defend against DOS/DDoS through UDP/ICMP flood protection and connection rate limiting (SNA 6600, SNA 220). Dell SonicWall Virtual Private Networking technology can make network and security management more efficient for network managers/administrator. Using Dell SonicWall VPN, the network managers can establish a more secure and extensive VPN that can be more readily to control and manage. Dell Sonic VPN technology includes integrated IPSec VPN, for securing site-to-site communication. The VPN technology offers both SSL VPN and IPSec VPN for remote client-secure access. The VPN technology line also offer a complete of Secure Remote Access/SSL VPN appliances that come with remote access and management capabilities to a wide range of organizational size with varying network complexities and specification and security requirement (SNA 6600, SNA 220).
  • 17. 17 Dell NSA 250 M Specification Operating system SonicOS 5.9 Security Processor 2x 700 MHz Memory (RAM) 512 MB Firewall inspection throughput1 750 Mbps Full DPI throughput2 130 Mbps Application inspection throughput2 250 Mbps IPS throughput2 250 Mbps Anti-malware inspection throughput2 140 Mbps IMIX throughput3 210 Mbps SSL Inspection and Decryption (DPI SSL)2 Available VPN throughput3 200 Mbps VLAN interfaces 35 VPN Site-to-Site VPN Tunnels 50 IPSec VPN clients (Maximum) 2(25) SSL VPN licenses (Maximum) 2(15)
  • 18. 18 Encryption/Authentication DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1 Key exchange Diffie Hellman Groups 1, 2, 5, 14 Route-based VPN RIP, OSPF IP address assignment Static, (DHCP PPPoE, L2TP and PPTP client), Internal DHCP server, DHCP Relay NAT modes 1:1, many:1, 1:many, flexible NAT (overlapping IPS), PAT, transparent mode Routing protocols BGP, OSPF, RIPv1/v2, static routes, policy- based routing, multicast Authentication XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix Standards TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS, IEEE 802.3 Hardware Form factor Desktop (1U Rack Mountable Kit Available) NSA 6600 Specification
  • 19. 19 Operating system SonicOS 6.2 Security Processor 24x 1.0 GHz Firewall inspection throughput1 12.0 Gbps Full DPI throughput2 3.0 Gbps Application inspection throughput2 4.5 Gbps IPS throughput2 4.5 Gbps Anti-malware inspection throughput2 3.0 Gbps IMIX throughput3 3.5 Gbps SSL Inspection and Decryption (DPI SSL)2 1.3 Gbps VPN throughput3 5.0 Gbps VPN Site-to-Site VPN Tunnels 6000 IPSec VPN clients (Maximum) 2,000 (6,000) SSL VPN licenses (Maximum) 2 (50) Encryption/Authentication DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1 Key exchange Diffie Hellman Groups 1, 2, 5, 14 Route-based VPN RIP, OSPF Networking IP address assignemnet Static, DHCP, PPPoE, L2TP, PPTP client), Internal DhCP server, DHCP Relay Authetnicaiton XAUTH/RADIUS, Active Directory,
  • 20. 20 SSO, LADP, Novell, Internal user database, Terminal Services, Citrix Certifications VPNC, ICSA Firewall, ICSA Anti-Virus
  • 21. 21 Reference Advantage of Telecommuting. (2014). Global Workplace Analytics. http://globalworkplaceanalytics.com/resources/costs-benefits An Anomaly-Based Approach for Intrusion Detection in Web Traffic. (n.d.) Retrieved from: http://webcache.googleusercontent.com/search?client=safari&rls=en&q=cache:hmDAp gF38E4J:http://digital.csic.es/bitstream/10261/40544/1/ARTICULOS315428%255B1% 255D.pdf%2Bconsequence+intrusion+web+security&oe=UTF- 8&hl=en&as_q&nfpr&spell=1&&ct=clnk Dell SonicWALL Firewall Appliance TCO Comparison. (2014). SonicWall. Retrieved from: https://roianalyst.alinean.com/SonicWALL/ Five Ways Programmers Can be Suit. (n.d.) Retrieved from: http://www.techinsurance.com/blog/computer-consultants/5-ways-web-programmers- can-be-sued/ DDoS Boot Camp: Basic Training for an Increasing Cyber Threat . (n.d.) Retrieved from: www.prolexic.com/...ddos-boot-camp/DDoS_Boot_Camp-Prolexic_executive _ series_white_paper-073113.pdf How to Prevent Security Breaches from Known Vulnerabilities. (n.d.) http://www.esecurityplanet.com/network-security/how-to-prevent-security-breaches- from-known-vulnerabilities.html HP 2012 Cyber Risk Report. (n.d.) Retrieved from: www.hpenterprisesecurity.com/collateral/whitepaper/HP2012CyberRiskReport_0213.pdf %2BHP+2012+Cyber+Risk+Report&client=safari&rls=en&oe=UTF- 8&hl=en&&ct=clnk
  • 22. 22 NSA 220 Network Security Appliance. (2014). Dell SonicWall. Retrieved from :http://www.sonicwall.com/us/en/products/NSA-220.html NSA 6600 Next-Generation Firewall (NGFW). (2014).Dell SonicWall. Retrieved from: http://www.sonicwall.com/us/en/products/NSA-6600.html NSA Review. (2009). Retrieved from :http://www.scmagazine.com/sonicwall-nsa- 240/review/2678/ The Myth of the Secure Virtual Desktop Avoid a false sense of security with your VPN or VDI endpoints. (n.d.) Retrieved from: http://webcache.googleusercontent.com/search?q=cache:7LfeJvdlN_kJ:http://www.npcda taguard.com/The%2520Myth%2520of%2520the%2520Secure%2520Virtual%2520Deskt op.pdf%2BThe+Myth+of+the+Secure+Virtual+Desktop&client=safari&rls=en&oe=UTF -8&hl=en&&ct=clnk SEC 517 Course: Security Assessment and Recommendations [class handout]. (2014). New York, NY: Keller School of Management, New York, NY Smith, D. (2010). Profiles of major American psychologists [Class handout]. Department of Psychology, Harvard University, Boston, MA. SQL Injection Tutorial. (n.d.) Retrieved from :http://www.w3resource.com/sql/sql-injection/sql- injection.php#sthash.Rq9nWIAW.dpuf Threats Against a VPN. (n.d.) Retrieved from: http://etutorials.org/Networking/MPLS+VPN+security/Part+I+MPLS+VPN+and+Security+F undamentals/Chapter+2.+A+Threat+Model+for+MPLS+VPNs/Threats+Against+a+VPN/ VPNs (Virtual Private Nightmares). Retrieved from: http://www.secureworks.com/resources/newsletter/2004-05/ Why Replace Your IPSec for Remote Access. (n.d.) Retrieved from:
  • 23. 23 http://webcache.googleusercontent.com/search?q=cache:UnLmTmaPU8wJ:https://www.s onicwall.com/downloads/WP-ENG-035_Why-Replace-Your- IPSec_US.pdf%2BWhy+Replace+Your+IPSec+for+Remote+Access&client=safari&rls= en&oe=UTF-8&hl=en&&ct=clnk XAND Launches Distributed Denial of Service (DDOS) Protection Services to Proactively Services to Proactively Safeguard Mission-Critical IT Infrastructure. (n.d.) http://webcache.googleusercontent.com/search?client=safari&rls=en&q=cache:ZABMjD DDhLQJ:http://www.xand.com/06/press-releases/xand-launches-distributed-denial-of- service-ddos-protection-services-to-proactively-safeguard-mission-critical-it- infrastructure/%2Bdenial+of+service+percentage+risk&oe=UTF-8&hl=en&&ct=clnk