How Do I Choose the Best Telecommunications Support?

Offensive and defensive confrontations are always present in telecommunication networks. In various parts of the telecommunication network, network defense always has limitations, weak links and loopholes, thus making network attacks possible. Similarly, there are limitations, weaknesses and loopholes in network attacks, making network defense possible.

Chinese name: Telecommunication Network Security Defense

Foreign name: Network security defense

Telecommunications Network Security Defense Telecommunications Network Security Defense System

The network security defense system of a telecommunications network consists of 4 parts (see Figure 1):

Figure 1 Network Security Defense Architecture

I. Legal aspects of cybersecurity

Cyber security involves many legal issues: illegal, conviction, punishment, civil, prosecution, privacy. It can be seen that network security defense of telecommunication networks is a state action. The state has tried to find a balance between personal privacy and national security through various legislation and policies. At the same time, the issue of network security has also attracted widespread public attention. For example, regarding the confidentiality of wired telecommunication networks, one opinion holds that telecom operators must not disclose user information except as required by law (known as an opt-out strategy); another view states that with the consent of users, telecommunications operations Merchants can sell some user information "(called an opt-in strategy). For example, the controversy over the confidentiality of wireless telecommunication networks: "Who should the operator and wireless users have more control over confidentiality?" "Will wireless users be monitored by the operator or the government?" These debates involve national legal and policy issues .

Second, network security management

(I) Management Concept

1. Network Security Management Objectives

(1) Understand the behavior of the network and users;

(2) Assess network and system security;

(3) Ensure the implementation of network access control policies.

2. Network Security Management Object

(1) Hardware;

(2) Software;

(3) data;

(4) personnel;

(5) documents;

(6) Consumables.

3 Classification of Network Security Management System

(1) System security management;

(2) Security service management;

(3) Security mechanism management.

4 Principles of Safety Management

(1) the principle of multi-person accountability;

(2) the principle of limited term;

(3) Principle of separation of duties.

5. Safety management process

(1) Evaluation;

(2) Strategy;

(3) Realize;

(4) training;

(5) Audit.

6. Network Security Management Implementation Process

See Figure 2 for the implementation process of network security management.

Figure 2 Network Security Management Implementation Process

(II) Risk assessment of telecommunication networks

See Figure 3 for a schematic diagram of telecommunication network risk assessment.

Figure 3 Telecommunication network risk assessment

1. Security experts conduct timely risk assessments of each hierarchy and component of a telecommunications network in stages.

2. Assessing the risk is to determine the losses suffered by the telecommunications network when the attack is successful, including: loss of money, loss of time, loss of resources, loss of image, and business loss.

3 The assessment targets include: network, network security, policies and procedures, precautions, security awareness, personnel, workload, attitude, compliance, and business.

4 The results of the assessment should give: best-case risk, worst-case risk, and most-likelihood risk.

(Three) develop a strategy

1. The goal of the strategy is to define some principles: how the telecommunication network should configure the system; how the telecommunication network should operate in a normal environment; how the telecommunication network should operate in an abnormal environment.

2. The content of the strategy must be clear in purpose, scope, and responsibility.

3 The policy categories include:

(1) Information security policy;

(2) Information infrastructure security strategy;

(3) Computer usage strategy;

(4) Telecom network usage strategy;

(5) strategies for using various translation systems;

(6) User management strategy;

(7) System management strategy;

(8) Configuration and backup management strategies;

(9) Emergency response process strategy;

(10) Disaster recovery plan strategy;

(11) Design methodological strategies.

(D) to achieve security

1. Deployment strategy

(1) The strategy is accepted;

(2) Education;

(3) Realize.

2. Use strategies effectively

(1) Effective use of existing systems;

(2) Effective use of the new system.

3 Achieving security

(1) Identify and adopt technical tools;

(2) Physical control;

(3) Hiring security personnel.

(V) Review

A safety expert conducts a timely safety audit of the management process in stages, and draws a safety evaluation and safety issue of the safety cycle management process.

1. Content of review

(1) Review of compliance with telecommunications network operating strategies;

(2) Review of records of the occurrence and handling of historical security incidents in telecommunications networks;

(3) Evaluation of the effects and problems of new security measures adopted by telecommunications networks.

2. Security audit process

(1) Automatic response;

(2) Data generation;

(3) analysis;

(4) Browse;

(5) Event selection;

(6) Event storage.

3 Composition of the audit system

(1) Network data collection technology;

(2) Protocol reduction technology;

(3) Content analysis technology;

(4) Information filtering technology.

Third, network security technology

(I) Mechanism Defense and Technical Defense

This report has been discussed in the classification of telecommunication network mechanisms and the analysis of security attributes of telecommunication networks: the mechanism of telecommunication networks determines the basic security attributes of telecommunications networks. The basic mechanism of the telecommunication network determines what implementation technology is used to implement the telecommunication network, and the basic security attributes determine what specific security technology is used and the role these security technologies may play. Therefore, when designing a telecommunications network, we must first choose the telecommunications network mechanism and system based on service quality, network resource utilization efficiency, network security, and cost constraints, and then choose specific implementation technologies, otherwise there will be endless problems, which is computer network security. The root of tragedy. Back then, using the Internet to interconnect computer systems in a trusted environment was a major invention, and now working in an untrusted environment has become a major tragedy.

(Two) reactive and proactive strategies

Reactivity strategy: Set security controls where needed, on a case-by-case basis. This strategy has been unable to adapt to the recent cyber confrontation situation, and a proactivity strategy needs to be established: based on risk analysis, security controls are established. Proactive security strategies include: understanding your organization; conducting risk assessments; identifying digital property; performing asset protection; identifying and removing vulnerabilities; establishing and implementing security policies; conducting security education for employees; and repeating the processes described above.

(3) "peripheral defense strategy" and "mutual suspicion strategy"

The "perimeter defense strategy" generally adopted in the early years of the world: to prevent external attackers from penetrating the perimeter to protect all content inside the network. However, once the attacker breaks through the perimeter, the attacker takes full control of the internal resources. With the escalation of confrontation and the complication of the network, the weakness of this strategy gradually becomes prominent and its effectiveness gradually decreases. Therefore, it is necessary to adopt other effective defense strategies, such as: "Mutual Suspicion strategy": Each component of the network always suspects other components, so resource access must be frequently re-authorized.

(IV) Coordination and combination between single technical defense and network defense technology

A single technical function is the foundation of network security defense, and has played an important role in the development of information security and computer network security technologies: as in an insecure society, building villages with high wall sanitation and high walls in villages Sanitation home. However, it is now necessary to establish and maintain a security order for society as a whole. At this time, the single technology is already inadequate, and we must consider the coordination of different single technologies. Single technologies in different positions form alliances, and even different single technologies in different positions are required to form a security defense system through a dedicated intelligent network.

(V) Relevance and Independence of Defense Technology

From the above discussion, it can be seen that security technologies can be divided into technologies for safeguarding information security, technologies for safeguarding computer networks, and technologies for safeguarding telecommunications networks; it can also be seen that these technologies have obvious correlations. This is understandable. Computer network security technology borrowed from information security technology in the early days, and telecommunication network security technology borrowed from computer network security technology in the early days. As we all know, this correlation is not conducive to overall defense. Clarify the requirements of the network confrontation situation: reduce the correlation between various defense technologies as much as possible, and emphasize the independence between network defense technologies.

(VI) Hierarchical structure of telecommunication network security functions

See Figure 9-4 for the hierarchy of telecommunication network security functions.

Figure 4 Hierarchical structure of telecommunication network security functions

(1) Physical layer: Prevent the transmission system from being used, detected and destroyed illegally.

(2) Link layer: Prevent multiplexing equipment from being used, detected and destroyed illegally.

(3) Network layer: Prevents the addressing device from being used, detected and destroyed illegally.

The three layers of functions are integrated to realize the security guarantee function of the entire telecommunications network through network protection, network detection and network response.

In terms of network security personnel

The weakest link in the security mechanism is people.

(1) Government Officials

The government plays a decisive role in the security cause of the cyber world, so the security awareness of government officials is particularly important. Some people warn that it is a step away from treating the Internet as a super spy tool. Many governments are not aware of the problem, but the US government is aware of it and takes it very seriously.

(2) Experts in network security technology research and development

Cultivate talents: High-level talents are the foundation for ensuring network security.

In 2005, the US President's Information Advisory Committee (PITAC) presented a report-"Cyberspace Security: Urgent Needs", which emphasized that to improve the nation's cyberspace security posture, it is indispensable for highly trained personnel to develop, deploy and adopt new Cyberspace security products and practices. There are too few such talents in the United States compared to the huge (cyberspace security) challenges. PITAC estimates that today there are fewer than 250 active cyberspace security or information assurance experts in US academic institutions, many of whom lack formal training or extensive professional experience. PITAC found that the national cyberspace security research team is too small to support the research and education on cyberspace security technologies necessary to protect the United States. PITAC recommends that the federal government should work to promote the recruitment and retention of cyberspace security researchers and students in research universities, and to at least double the research team on basic technologies for civil cyberspace security within a decade.

(3) Professional operators of network security

If the internal security of the telecommunications network is fragile, all security work around the telecommunications network is wasted. Most networks are hard outside and soft inside, and the network edge is more secure than the network inside. Internal vulnerability is the root cause of the cybersecurity nightmare. International Computer Security Association Statistics: Insiders cause 80% of security issues. The main causes of network security problems are: well-intentioned employees, employees who often violate regulations, dissatisfied / malicious administrators. It can be seen that selecting, using, educating and managing network security professionals is very important for network security.

(4) Social masses

Advice to the general public: If you have an Internet connection, you must pay attention to network security issues and do not trust the empty promises of any Internet service provider, otherwise sooner or later something will go wrong.

V. Cyber Security Defense System of National Telecommunication Network

(1) Composition of National Cyber Security Defense System

See Figure 5 for the composition of the National Cyber Security Defense System.

Figure 5 Composition of National Cyber Security Defense System

1. National Cyber Security Needs: Defend Defense Requirements.

2. National legislative authorization: Provide law enforcement authority.

3 National Cyber Security Defense System: Performs cyber security defense functions.

4 Cyber Security Defense Management Agency: Performs system management and necessary human decisions.

5. Network security defense monitoring: Monitor the operating status of telecommunications networks.

6. Network security defense control: Implement security defense control on telecommunication networks.

7. National Telecommunication Network: Accepts detection and control of network security defense systems.

(II) Features of the National Cyber Security Defense System

1. Cyber security defense involves the national level, the operational level and the broad user level, which determines that cyber security defense is a social system project.

2. Network security defense has clear adversity, which determines the diversity, novelty, and time variability of network defense issues and network defense technologies.

3 The core of the national cyber security defense system is to establish a sound monitoring and response mechanism

Monitoring and response is a cyclic process. This process forms the life cycle of a particular event or attack. With another attack, a new process cycle begins.

(1) Monitoring: Determine whether an attack has occurred or has already occurred.

(2) Features: Analyze attacks based on the purpose, method, impact, and source of the attack.

(3) Alarm: Provides advance warning of possible attacks, including advance notice of attack strategies, scenarios, targets, and time.

(4) Response: Make arrangements to mitigate attacks and respond to normal operations as soon as possible.

(5) Investigation: Accumulate and analyze attacks in order to provide feedback, improve existing protection, detection, and response capabilities, ensure that the same incident does not occur again, and provide identification evidence of the attack.

How Do I Choose the Best Telecommunications Support?

Telecommunications Network Security Defense Telecommunications Network Security Defense System

IN OTHER LANGUAGES

RELATED ARTICLES

How can we help?