Security at Line Speed Workshop
Attendee Survey
Introduction
Two difficult and seemingly contradictory imperatives are facing
research university networking: the need to enhance local network
security in the face of increased local, regional and nationwide
cyberprotection needs, and the requirement to support deployment
of high-performance, advanced network services for campus researchers
using distributed computing environments. The Security at Line Speed
Workshop seeks to identify the requirements, architectures, and
best practices needed to guide future network deployments for the
research community.
Because completing this survey is important for gathering the baseline
data and opinions that will not only help direct the workshop, but
also influence the outcome and deliverables, we have extended the
deadline for completing the survey to July 20. If you plan to attend
the workshop, please complete the survey by then and submit it to
Charles Yun <charles@internet2.edu>.
Context
An Research and Education enterprise needing very high performance
network connectivity, and including very diverse teaching/research/clinical
activities.
Problem:
Identify key network architecture principles that will:
a) ensure preservation of the End to End (E2E) or "network
utility" model but...
b) also allow for adequate local/departmental security policies,
including "defense in depth" strategies,
c) support advanced services such as IP multicast and IPv6.
Requirements/Constraints:
- recognize changing nature of threats (e.g., tunneling, encryption)
necessity of dealing with "insider attack" threat
- manageability with minimum staff (simplicity)
- ever-increasing network speeds and application demands
- avoid inhibiting innovative applications, e.g., using P2P
- recognize that some applications/users may legitimately require
less security and more flexibility (e.g., applications that may
require random ports to be open from time to time).
Survey Instrument
Basic information:
Name:
Title:
Institution:
Email Address:
----------------------------------------------------------------------------------------------------
QUESTION 1:
Do you agree with the above problem and constraint statements?
if not, how would you change it?
----------------------------------------------------------------------------------------------------
For the questions 2 through 5, please indicate your reaction to
the following propositions, where Strongly Disagree=1 and Strongly
Agree=5:
QUESTION 2:
Having border routers connected to very-high-speed links stop and
strip-search each packet for security purposes is not a viable long-term
strategy because of performance, complexity, and support concerns,
plus the changing nature of threats.
Strongly Disagree Agree
1 2 3 4 5
QUESTION 3:
It is necessary to provide an enterprise VPN server for remote
access.
Strongly Disagree Agree
1 2 3 4 5
QUESTION 4:
VLANs are an essential tool for isolating sensitive resources from
the Internet, or grouping resources into security policy equivalence
classes.
S trongly Disagree Agree
1 2 3 4 5
QUESTION 5:
Private addresses are an essential tool for isolating sensitive
resources from the Internet, or grouping resources into security
policy equivalence classes.
Strongly Disagree Agree
1 2 3 4 5
----------------------------------------------------------------------------------------------------
QUESTION 6:
Please rank the importance of the following "defense-in- depth"
security elements:
o End-point hardening
-(centrally-managed) software configuration control
-(centrally-managed) end-point firewalls
-Proactive vulnerability probing
o Intrusion Detection Systems (IDS)
o Intrusion Prevention System (IPS = IDS + realtime automatic
blocking)
o Isolation (separate fiber, or VLANs, or private addresses)
o Perimeter firewalls
----------------------------------------------------------------------------------------------------
QUESTION 7:
Perimeter Defense firewalls are important at which of the following
places in a network topology?
(Select all that apply)
- border
- subnet
- end-point
- other (please specify)
- none of the above
----------------------------------------------------------------------------------------------------
QUESTION 8:
Please rank the following traffic isolation tools in terms of importance
(1=most important, 5=least important)
_____ VLANs
_____ Private addresses
_____ Private fiber
_____ IPSEC (or other VPN)
_____ other (please specify)
----------------------------------------------------------------------------------------------------
QUESTION 9:
Please put an X next to the following "Middle-vs-Edge"
Premises with which you agree:
_____ Less and less network traffic is amenable to inferring the
service/application type by observing the IP port number.
_____ Faster pipes make it harder to examine each packet.
_____ More sophisticated attacks using random/dynamic ports will
make it harder to do any border port filtering.
_____ Use of encryption (by both good guys and bad guys) will make
perimeter firewalls ever less effective.
_____ It's more important to be able to examine traffic within perimeter
firewalls than to have end-to-end encryption.
_____ Tunneling traffic thru port 80 is on the increase, and lessens
the value of perimeter firewalls.
----------------------------------------------------------------------------------------------------
QUESTION 10:
Please rate the desirability of the following Alternative Futures
in terms of desirability (1=most desireable, 10=least desireable):
_____ Only port 80 and port 500 are ever open.
_____ Packet switching is dead; circuit switching (via personal
lambdas) will be touted as a "white list" driven security
solution.
_____ Network utility model dies a horrible death, and no two ports
behave the same due to security and bandwidth management policies.
_____ Network utility model survives (wherein all ports behave the
same) but only in the context of directory enabled networking (DEN),
where connectivity is based on per-session directory lookup for
each authenticated user.
_____ NAT turns out to be a pervasive feature instead of a bug.
_____ Vendors begin to ship net-safe systems.
_____ We figure out how to do "selective isolation" in
a more innovative way.
--------------------------------------------------------------------------------------------------
Open-ended questions:
QUESTION 11:
In the context of network operational support, would you rather
live with private addresses and NAT boxes, or firewalls that you
don't control sprinkled throughout your network infrastructure?
Why?
QUESTION 12:
How would your approach to security be different with additional
resources? Please describe the amount/type of resources required,
the changes these resources would support.
QUESTION 13:
How would your approach to security be different with fewer resources?
QUESTION 14:
Please provide a brief statement of best architectural principles
to solve the goal/constraint set listed at the outset of this document,
or your modified statement of the problem.
QUESTION 15:
Please describe your strategy for accommodating users and applications
which have network requirements that don't fit well with your security
model.
| 
