Hey, I'm on Twitter Contact Me|Research

Network Perimeter Defense Architecture: A Case Study

This paper, written as a case study, documents a comprehensive architecture for defending network resources of a fictitious company. It illustrates an approach to setting up a strong security perimeter. This document was submitted to SANS GIAC to fulfill GIAC Certified Firewall Analyst (GCFW) certification requirements.

A the moment, this paper is only available in Adobe Acrobat PDF format. You may download it here. The table of contents is listed below for your convenience:

Part 1: Security Architecture
1.1 Assigned Task
1.2 Application Architecture
1.3 Perimeter Defense
1.4 External Connectivity
1.5 Implementation
Part 2: Security Policy
2.1 Assigned Task
2.2 Guiding Principles
2.3 Border Router
2.4 Firewalls
2.5 VPN Configuration
2.6 Applying Policy
2.7 Compliance Monitoring
Part 3: Audit of the Security Architecture
3.1 Assigned Task
3.2 Planning the Assessment
3.3 Assessment of Security Design
3.4 Assessment of Defense Perimeter Implementation
3.5 Assessment of Defense Component Implementation
3.6 Defense Improvement Recommendations
Part 4: Design Under Fire
4.1 Assigned Task
4.2 Targeted Architecture
4.3 Attacking the Firewall
4.4 Denial of Service Attack
4.5 Compromising an Internal System

Post-Scriptum

This paper was written in 2001. The GCFW certification practical requirements, which this paper fulfilled, are listed on the following site:

GIAC LevelTwo Firewalls, Perimeter Protection, and VPNs Practical Assignment for Capitol SANS, Version 1.4, December 2000. URL: http://www.sans.org/capsans/GCFW_assignment.htm.


About the Author: Lenny Zeltser leads the security consulting practice at Savvis. His team provides security assessments, design, and operational assistance for business-critical IT infrastructure. Lenny also teaches malware analysis at SANS Institute, explores security topics at conferences and in articles, and volunteers as an incident handler at the Internet Storm Center.