|
|
Initiation responsibility: Head of IT Section, IT Security Management
Implementation responsibility: Administrators
This analysis is based on the results of the examinations performed in accordance with S 2.139 Survey of the existing network environment and requires a specialised knowledge of network topology, network topography and network-specific vulnerabilities. A further prerequisite here is experience in the evaluation of the confidentiality, integrity and availability of the individual IT applications employed. As this extremely complex subject not only requires an in-depth knowledge of all the aspects mentioned, but is also very time-consuming, it might be advisable to hire external consultants for an analysis of the existing network situation. Within the scope of the federal German administration, the BSI can provide assistance here.
An analysis of the existing network situation essentially involves a structural analysis, a determination of protection requirements, and an examination of vulnerabilities.
A structural analysis involves an evaluation of the documentation prepared as part of S 2.139 Survey of the existing network environment. A structural analysis must be performed by an analysis team capable of interpreting and deducing all possible communications relations. As an outcome, the analysis team must possess a full understanding of the operation of the network and be informed about the principal possibilities of communication. The construction vulnerabilities in a network can often be identified already during structural analysis.
A successful structural analysis is a prerequisite for a subsequent, detailed determination of the protection requirements and an analysis of vulnerabilities.
Detailed determination of the protection requirements
A structural analysis is followed by a determination of the protection requirements exceeding the scope of the measures stipulated in Chapter 2. Requirements concerning the confidentiality, availability and integrity of individual subnetworks and network segments are also considered here. In this context, it is necessary to determine the requirements generated by the various IT procedures in use, and how they influence the existing segmentation of the network. As an outcome, it must be possible to identify the network segments in which special protection requirements need to be fulfilled.
Analysis of vulnerabilities in the network
An analysis of the vulnerabilities in the network is performed on the basis of the results obtained so far. Given corresponding requirements of availability, this includes, in particular, an identification of non-redundant network components (single-points-of-failure). Furthermore, it is necessary to specify the areas in which requirements concerning availability, confidentiality and integrity cannot be fulfilled or require special attention. It is also necessary to determine whether the selected segmentation is suitable in terms of bandwidth and performance (based on the results of traffic flow analysis described in S 2.139 Survey of the existing network situation).
Example of a vulnerability: An analysis of performance and traffic flow reveals an overloaded active network component. During a determination of the protection requirements by the affected communications route, high requirements concerning availability and performance were established. This vulnerability requires an adaptation of the network segmentation or a replacement of the network components with a more efficient model (refer to S 5.61 Suitable physical segmentation, S 5.62 Suitable logical segmentation, S 5.1 Removal, or short-circuiting ond gournding, of unneeded lines and S 5.13 Appropriate use of equipment for network coupling).
Additional controls:
| © Copyright
by Bundesamt für Sicherheit in der Informationstechnik |
July 1999 |