NIST 800-44 Version 2 Guidelines on Securing Public Web Servers

More documents

Recommendations

Info

GUIDELINES ON SECURING PUBLIC WEB SERVERS The disadvantages of a DMZ from a security standpoint are as follows: DoS attacks aimed at the Web server may have an effect on the internal network. Depending on the firewall configuration controlling traffic between the DMZ and internal network, it may be possible for the Web server to be used to attack or compromise hosts on the internal network. In other words, protection offered by the DMZ depends in large part on the firewall configuration. For organizations that support their own Web server, a DMZ is almost invariably the best option. It offers protection for the Web server and other externally accessible servers without exposing the internal network. However, it should only be considered secure when employed in conjunction with the other steps discussed in this document. 8.1.3 Outsourced Hosting Some organizations choose to outsource the hosting of their Web servers to a third party (e.g., an ISP, Web hosting service, or other government agency). In this case, the Web server would not be located on the organization’s network. The hosting service network would have a dedicated network that hosts many Web servers (for many organizations) operating on a single network (see Figure 8-4). Figure 8-4. Outsourced Web Server Hosting From a security standpoint, the advantages of outsourcing are as follows: DoS attacks aimed at the Web server have no effect on the organization’s production network. Compromise of the Web server does not directly threaten the internal production network. The outsourcer may have greater knowledge of securing and protecting Web servers. 8-4
GUIDELINES ON SECURING PUBLIC WEB SERVERS The network can be optimized solely for the support and protection of Web servers. The disadvantages of outsourcing from a security standpoint are as follows: It requires trusting a third party with Web server content. It is more difficult to remotely administer the Web server or remotely update Web server content. Less control can be provided over the security of the Web server. The Web server may be affected by attacks aimed at other Web servers hosted by the outsourcer on the same network. Outsourcing often makes sense for smaller organizations that cannot afford to support the necessary Web server staff. It may also be appropriate for larger organizations that do not wish to host their own Web servers. Outsourcing usually does not make sense for organizations that wish to maintain tight control over their Web servers. 8.1.4 Management Network Web servers and other important components can be connected to each other and managed through an organization’s standard networks or through a separate network known as a management network. If a management network is used, each host being managed through the network has an additional network interface known as a management interface that connects to the management network. Also, each host being managed is unable to pass any traffic between its management interface and any of its other network interfaces. Consoles and other hosts that are used to manage the Web components are attached to the management network only. This architecture effectively isolates the management network from the production networks. The benefits of doing this are to protect the components from some attacks and to ensure that the components can be managed under adverse conditions (e.g., DDoS attack). Disadvantages of using a management network include the additional costs of networking equipment and other hardware (e.g., personal computers [PC] for the consoles) and the inconvenience for Web component administrators of using separate computers for management and monitoring. 8.2 Network Element Configuration Once the Web server has been positioned in the network, the network infrastructure elements should be configured to support and protect it. The primary elements of a network infrastructure that affect Web server security are firewalls, routers, IDSs, intrusion prevention systems (IPS), switches, load balancers, and reverse proxies. Each has an important role to play and is critical to the overall strategy of protecting the Web server through defense-in-depth. Unfortunately, when it comes to securing a Web server, there is no single “silver bullet” solution. A firewall or IPS alone cannot adequately protect a public Web server from all threats or attacks. 8.2.1 Router/Firewall Configuration Several types of firewalls exist. The most basic firewalls are routers that can provide access control for IP packets. In the middle are stateful firewalls that can provide access control based on TCP and User 8-5
Page 1 and 2:
Special Publication 800</st
Page 3 and 4:
GUIDELINES ON SECURING PUBLIC WEB S
Page 5 and 6:
Page 7 and 8:
Page 9 and 10:
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Page 25 and 26:
Page 27 and 28:
Page 29 and 30:
Page 31 and 32:
Page 33 and 34:
Page 35 and 36:
Page 37 and 38:
Page 39 and 40: GUIDELINES ON SECURING PUBLIC WEB S
Page 89: GUIDELINES ON SECURING PUBLIC WEB S
Page 141 and 142:
show all

NIST 800-44 Version 2 Guidelines on Securing Public Web Servers

Create successful ePaper yourself

Delete template?

Save as template?