Lotus Security Part II

1,663 views
1,562 views

Published on

Building Rock Solid Lotus Domino Security
Part II - Security Policy & Infrastructure Security

Published in: Technology
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,663
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide

Lotus Security Part II

  1. 1. Lotus Domino Building Rock Solid Security Part - II © Sanjaya Kumar Saxena
  2. 2. Defining Security Policy Basic Methodology Know Your Business Needs Identify and inventory assets and threats POLICY Lorem ipsum dolor sit amet, consectetur adipiscing elit. Duis eleifend ornare nisi, id pellentesque nunc luctus vitae. Proin erat sem, mattis sit amet dapibus pulvinar, tempus id diam. Morbi non nisl ante, vel euismod tortor. Curabitur rhoncus tellus a felis rutrum vel luctus erat laoreet. Nunc non lobortis Develop a policy for Operations, Monitoring & Upgrade turpis. Nam ultrices, nulla in sodales semper, turpis risus cursus orci, ac posuere mauris sapien quis diam. Phasellus gravida dapibus interdum. Aliquam erat volutpat. Donec eget massa vitae tortor faucibus congue sed sed justo. Curabitur elementum enim quis sem fringilla pulvinar. Proin sit amet augue sed urna euismod congue eget id mi. In elit nisi, of Infrastructure from Security perspective posuere non malesuada a, aliquam eget enim. Aenean scelerisque velit ut nisi consectetur a consequat magna viverra. Quisque vel lorem sit amet eros dignissim lobortis. Maece- nas quis nisl tortor, eu bibendum nunc. Fusce vitae felis ut tortor commodo tempus. Curabitur ligula lorem, blandit nec feugiat in, ultricies in nibh. Morbi iaculis eleifend porttitor. Cras eget purus diam. Quisque posuere accumsan felis vel tristique. Communicate Security Policy to Employees, including necessary training Enforce Policy Learn and Improve © Sanjaya Kumar Saxena
  3. 3. Know Your Business Needs Integrity, Accuracy and Safeguarding the Organization's Information Assets Availability of Critical Assets Lowering the Threats and Risks possible to the Information Assets Necessary confidentiality of the Critical Assets Regulatory Compliance as required by the Law of the Land © Sanjaya Kumar Saxena
  4. 4. Identify and Inventory Assets & Threats Assets Servers Applications Data DNSBL Queries DOS Unauthorized Access Risk Analysis Asset Threat Probability Impact Exposure=pxi © Sanjaya Kumar Saxena
  5. 5. Develop Security Policy Risk Analysis helps develop Security Policy Each policy must have a corresponding process POLICY PROCESS High Quality Passwords to Run dictionary attack once every month be used by every user Train new employees on how to create easy-to- remember quality passwords Configure Domino password policy POLICY Lorem ipsum dolor sit amet, consectetur adipiscing elit. Duis eleifend ornare nisi, id pellentesque nunc luctus vitae. Proin erat sem, mattis sit amet dapibus pulvinar, tempus id diam. Morbi non nisl ante, vel euismod tortor. Curabitur rhoncus tellus a felis rutrum vel luctus erat laoreet. Nunc non lobortis turpis. Nam ultrices, nulla in sodales semper, turpis risus cursus orci, ac posuere mauris sapien quis diam. Phasellus gravida dapibus interdum. Aliquam erat volutpat. Donec eget massa vitae tortor faucibus congue sed sed justo. Curabitur elementum enim quis sem fringilla pulvinar. Proin sit amet augue sed urna euismod congue eget id mi. In elit nisi, posuere non malesuada a, aliquam eget enim. Aenean scelerisque velit ut nisi consectetur a consequat magna viverra. Quisque vel lorem sit amet eros dignissim lobortis. Maece- nas quis nisl tortor, eu bibendum nunc. Fusce vitae felis ut tortor commodo tempus. Curabitur ligula lorem, blandit nec feugiat in, ultricies in nibh. Morbi iaculis eleifend porttitor. Cras eget purus diam. Quisque posuere accumsan felis vel tristique. © Sanjaya Kumar Saxena
  6. 6. Develop Security Policy Essential Processes: Develop Monitoring Process Develop Incident Develop Configuration Management Process Management Process POLICY Lorem ipsum dolor sit amet, consectetur adipiscing elit. Duis eleifend ornare nisi, id pellentesque nunc luctus vitae. Proin erat sem, mattis sit amet dapibus pulvinar, tempus id diam. Morbi non nisl ante, vel euismod tortor. Curabitur rhoncus tellus a felis rutrum vel luctus erat laoreet. Nunc non lobortis turpis. Nam ultrices, nulla in sodales semper, turpis risus cursus orci, ac posuere mauris sapien quis diam. Phasellus gravida dapibus interdum. Aliquam erat volutpat. Donec eget massa vitae tortor faucibus congue sed sed justo. Curabitur elementum enim quis sem fringilla pulvinar. Proin sit amet augue sed urna euismod congue eget id mi. In elit nisi, posuere non malesuada a, aliquam eget enim. Aenean scelerisque velit ut nisi consectetur a consequat magna viverra. Quisque vel lorem sit amet eros dignissim lobortis. Maece- nas quis nisl tortor, eu bibendum nunc. Fusce vitae felis ut tortor commodo tempus. Curabitur ligula lorem, blandit nec feugiat in, ultricies in nibh. Morbi iaculis eleifend porttitor. Cras eget purus diam. Quisque posuere accumsan felis vel tristique. © Sanjaya Kumar Saxena
  7. 7. Domino Security Infrastructure Perspective © Sanjaya Kumar Saxena
  8. 8. Domino Security Model Network Firewalls IPs SSL Work Station Server ECL Work Station Ports Java Applet OS Domino Server Servers Java Script Handling Patches ACL Services Access Privilege ACL Design Elements Documents Forms Encryption Key Views Reader/Author Field Folders Who can read this Fields Doc. © Sanjaya Kumar Saxena
  9. 9. Secure Messaging E-mails by default travel in clear text over the network E-mails are normally transported in plain text over the network including the internet. This makes e- mails vulnerable to packet sniffing. The simple way to protect e-mails being read on over the wire is to encrypt the mail traffic. Any standard sniffer can intercept mail contents By default, contents are also stored in clear text To prevent unauthorized access to e-mails from unauthorized access, it is a good idea to store encrypted e-mails rather then in clear text. © Sanjaya Kumar Saxena
  10. 10. Secure Mail Transmission Network Port Encryption Applicable in Domino Environment SMTP over SSL Transport Layer Security © Sanjaya Kumar Saxena
  11. 11. Network Port Encryption Admin Client > Configuration > Server > Set Up Port By default the communication between domino servers or between the notes client and domino server is in clear and therefore can be easily sniffed. Domino port encryption allows the network traffic to be encrypted. This is the best way to secure all in communication between Domino Servers & Notes Clients. © Sanjaya Kumar Saxena
  12. 12. SMTP over SSL Using SMTP over SSL, you can encrypt traffic between non-Domino servers over the internet using port 465. However, this is not the popular mechanism in use. © Sanjaya Kumar Saxena
  13. 13. Transport Layer Security Transport Layer Security (TLS) is similar to SMTP over SSL except that the encrypted session is initiated over the normal SMTP port i.e. 25. Most mailing server prefer to use TLS. Use ‘Enable’, TLS will be used when other server supports Enable SMTP over SSL © Sanjaya Kumar Saxena
  14. 14. Advanced Secure Mail Transmission Exchange Encrypted Messages Use Custom Solution © Sanjaya Kumar Saxena
  15. 15. Exchange Encrypted Message © Sanjaya Kumar Saxena
  16. 16. Custom Solution Partner Mail Servers Users Mail Server Hosts Partners’ Mailboxes Uses Directory Assistance Separate Domain Uses Partner ID hosted on Partner Mail Server Runs https Leverages New Mail Agent © Sanjaya Kumar Saxena
  17. 17. SMTP Best Practice Access Control & Firewall Firewall Firewall Dedicated SMTP/LPAP Mail Servers Anti-Spam Servers SMTP NRPC INTERNET Enable only SMTP Port SECURE Run only SMTP & NETWORK essential tasks Modify SMTP Server Greeting Use Different Domain Use Extended Directory © Sanjaya Kumar Saxena
  18. 18. What is Spam? An abuse of Electronic Messaging to send Unsolicited Bulk messages (*wikipedia) Various Types: E-mail Spam: Most Popular Search Engine Spam IM Spam Online Ads Forums, Blogs, Wiki, etc. © Sanjaya Kumar Saxena
  19. 19. E-mail Spam Also known as Junk E-mail Unsolicited Bulk E-mail Comes in fancy wrappers Users Say: I can't define it, but I know it when I see it We don’t want it, Users don’t want it … but we still get it … © Sanjaya Kumar Saxena
  20. 20. Some Facts related to Spam Approx 200 billion Spam messages are generated per day About 80% of all spam is sent by fewer than 200 spammers 2008 was one of the Lucky years, One ISP (McColo) shutdown brought the SPAM e-mail down by around 50% Only that this was short lived ! © Sanjaya Kumar Saxena
  21. 21. Spam-related Trends The following tables show the top10 domains Spammers used in 2008 © Sanjaya Kumar Saxena
  22. 22. Spam-related Trends The following tables show the top10 Top Level domains Spammers used in 2008 © Sanjaya Kumar Saxena
  23. 23. Spam-related Trends .CN seems to be on rise Applicable in Domino Environment More than 97% of Spam URLs are up for a week or less Random.com © Sanjaya Kumar Saxena
  24. 24. Spammer Techniques E-Mail Harvesting Mail Sender Spoofing E-Mail Validation Directory Attack Open Relay Friendly ISPs (Remember McColo case) Fake Received Header Phishing © Sanjaya Kumar Saxena
  25. 25. Avoiding Spam Avoiding becoming a target in the first place (best of all) Using an outside mail filtering service (Third Party) Dealing with spam internally at the server and/or user level © Sanjaya Kumar Saxena
  26. 26. Preventing Spam Avoiding Spam User Education through E-mail, Security Policy Prevent “Harvesting” Clear distinction while using Official / Personal e-mail ID Avoid your web pages being indexed by search engines Create Free / Temp e-mail addresses and discard after usage Third Party As Software (Trend Micro, Symantec …) As Hardware (Ironport, Baracuda …) As Service (Postini, Yahoo …) Most appealing but Possible issues Availability, TCO and Control © Sanjaya Kumar Saxena
  27. 27. Preventing Spam Blocking at Server and User Level Is used even after Third Party, to prevent “False Positives” Prevents Mail Clutter Primarily achieved through Better Architecture Server Configurations Mail Rules Need to understand Load patterns © Sanjaya Kumar Saxena
  28. 28. Preventing Spam Access Control & Firewall Firewall Firewall THE ENTERPRISE Dedicated SMTP/LPAP INTERNET Mail Servers Anti-Spam Servers Users Spam Mail Percentage Reduction © Sanjaya Kumar Saxena
  29. 29. Preventing Spam Server-level Configurations Block Open Relays (Domino does it by default) Additional Relay Controls in Server Configuration Document Use in-bound intended recipients Verify that Local Domain recipient exists in the Domino directory Address Look-up: Full Name only Whitelist and Blacklist Control Inbound Connection Controls (Reverse DNS Look-up), Server Controls Mailbox Configuration - Held/Dead Messages Logging Level Use Extended SMTP Commands SSL is a good option © Sanjaya Kumar Saxena
  30. 30. Preventing Spam Server-level Mail Rules Computers need much more than.. “I can’t define it, but I know when I see it.” You need to define it Identify Patterns Mail and User Behavior Check logs regularly Keep abreast with latest trends © Sanjaya Kumar Saxena
  31. 31. Domino Domain Monitoring Pre-configured monitoring capabilities via Single interface to view multiple servers across domains. © Sanjaya Kumar Saxena
  32. 32. DDM Security Probes A probe is a discrete check, or set of checks, configured to run against one or more servers, databases, and services. The probe returns status and server health information to DDM.NSF SECURITY PROBE DESCRIPTION Compares a set of baseline security configuration settings to the same settings in a domain. This probe is a "Best Practices" security audit of the domain. Best Practices Note To create your own Best Practices probe, modify the security configuration settings on the Specifics tab. Compares settings in a specific Server document to settings in a Configuration specified "good" Server document. Any discrepancy generates an event. Monitors the access control privileges that groups and individuals Database ACL have in specified databases on the server running the probe. You designate the acceptable access levels on the Specifics tab. Reviews the security properties for a specified database and Database Review generates a report on the probe findings. Generates a report on the security settings specified in the Specifics tab of the Probe document. You have the option of Review selecting the "Directory Profile Note" and the "Security settings in my configuration document" options if you want the settings in those documents reviewed by the probe. © Sanjaya Kumar Saxena
  33. 33. DDM Web Probes WEB PROBE NAMES DESCRIPTION Reviews Web server configuration values on specified servers Best Practices against a set of predefined values. Performs a comparison of Web server configuration values on Configuration specified servers against the same values for a known good server or guideline server. © Sanjaya Kumar Saxena
  34. 34. Workstation Security Execution Control List Defines various actions allowed in: Notes Workstation Java Applets Java Script © Sanjaya Kumar Saxena
  35. 35. ECL has has Notes DB Signature User ECL has corresponds to ECL Signature Policy enforces uniform ECL © Sanjaya Kumar Saxena
  36. 36. Sample ECL © Sanjaya Kumar Saxena
  37. 37. Access Control Mechanisms Notes ID File Management ACL and Groups © Sanjaya Kumar Saxena
  38. 38. Notes ID Management Define a Naming Convention Define Storage and Back-up Mechanism Consider Password Recovery Define default password generation method Define ID file distribution mechanism © Sanjaya Kumar Saxena
  39. 39. How is ACL enforced? Direct user entry takes precedence over group membership Always the highest access level right applies All the roles and access flags are added for all matching entries User is listed as author with delete option and listed as editor without delete he will be able to delete all documents © Sanjaya Kumar Saxena
  40. 40. ACL Best Practices Anonymous access to database must be avoided ACL must be enforced consistently on all databases Maximum default rights to address book should be set to author with all other rights and roles removed © Sanjaya Kumar Saxena
  41. 41. Group Best Practices Hierarchical name of the user is always entered in a group Purpose should be clearly defined in the group document Access level code (M-Manager, D-Designer, E-Editor, A-Author, R-Reader, and P-Depositor) must be part of the group name as the first letter of the name While assigning the ACL, the appropriate user type must be selected While creating, moving, or deleting a user, updates in the appropriate groups are always made. Similar care is taken for servers also. Add LocalDomainServers with full access to all databases to ensure correct replication Manager with all roles enabled Add LocalDomainAdmins with full rights and roles for support and troubleshooting © Sanjaya Kumar Saxena
  42. 42. Recommended Groups DenyAccess AllowDBCreationOn<server> Administrator<server> © Sanjaya Kumar Saxena

×