Fri Sep 19 05:52:25 PDT 2014

Zones: Connection controls: How are connections between devices controlled?


Options:

Definitions:
Define AREAS: {zones / subzones / microzones / components}
Define SEPARATION ENFORCEMENT MECHANISMS: {firewalls / routers / gateways / proxies / guards / protocol changes / digital diodes / FSMs / physical airgaps}
Define CONNECTION MECHANISMS: protocols / traffic types / addressing schemes / addresses / ports / gateway addresses / network masks / interface software / operating environments / storage media / authentication methods / identity management approaches / personnel / control mechanisms / cryptographic protocols, systems, and systems
Define IDENTIFIERS: serial numbers / device codes / cryptographic keys / addresses
Define OPERATING MECHANISMS: physical/logical device / interface / protocol / service / operation
Basis:
Option A: The design basis threat.
Option B: The operating environment.
Option C: Duties to protect.
Option D: Revisit design basis threat as it changes over time.
Option E: Follow applicable elements of applicable standards and requirements.
Option F: Due diligence requirements.
Deter:
Option Q: Use proper online banners to warn against inappropriate actions.
Option R: Provide periodic (at rate) training and suitable education relating to connection control requirements.
Option S: Provide obvious presence of (or don't seek to conceal) some security measures and response processes.
Prevent:
Option 1: Logically separate AREAS by placing SEPARATION ENFORCEMENT MECHANISMS between them.
Option 2: Use different CONNECTION MECHANISMS and OPERATING MECHANISMS within and between different AREAS.
Option 3: {Associate / label / mark / limit} unique IDENTIFIERS to each OPERATING MECHANISMS and map them to their respective AREA(s).
Option 4: Map each connection {sequence} to all relevant OPERATING MECHANISMS, CONNECTION MECHANISMS, and SEPARATION ENFORCEMENT MECHANISMS and have all such mechanisms deny {operation / connection / flows} to unmapped connections {and sequences}.
Option 5: Secure OPERATING MECHANISMS, CONNECTION MECHANISMS, and SEPARATION ENFORCEMENT MECHANISMS using available protective mechanisms against unauthorized connections {and sequences}.
Option 6: Limit OPERATING MECHANISMS, CONNECTION MECHANISMS, and SEPARATION ENFORCEMENT MECHANISMS so that none are unused.
Option 7: Use only end-to-end connections for operations.
Detect, react, and adapt:
Option V: Place logical {alarms / detectors} on SEPARATION ENFORCEMENT MECHANISMS, CONNECTION MECHANISMS, and OPERATING MECHANISMS for unauthorized (unmapped) or inadequate connections and IDENTIFIERS.
Option W: Surveil and audit {operation / connection / flows / flow sequences} between and within SEPARATION ENFORCEMENT MECHANISMS, CONNECTION MECHANISMS, and OPERATING MECHANISMS.
Option X: Perform {regular / periodic / random / continuous} {audit reviews / tests} to detection deviation from and verify proper implementation and operation of SEPARATION ENFORCEMENT MECHANISMS, CONNECTION MECHANISMS, and OPERATING MECHANISMS with frequency based on the design basis threat.
Option Y: Implement response regimens and actions to event sequences per a systems analysis based on the design-basis threat.
Option Z: Follow incidents up with investigative and adaptation processes to identify and mitigate root causes of incidents and improve performance.

Basis:

Definitions:

For the purposes of this set of decisions, several terms are used that should be defined in detail by the operators of the system environment and cataloged as appropriate to the need. These terms are exemplified as follows:

Basis: Deter: Prevent: Detect, react, and adapt:
Copyright(c) Fred Cohen, 1988-2012 - All Rights Reserved