Upload
simon-murphy
View
215
Download
0
Embed Size (px)
Citation preview
Managing security Managing security
Risk management :all network operation implies a certain Risk management :all network operation implies a certain risk that must be accepted , avoided , reduced or transferred risk that must be accepted , avoided , reduced or transferred ..Business continuity : the operator s critical processes and Business continuity : the operator s critical processes and and information should be protected from disclosure and /or and information should be protected from disclosure and /or disruption.disruption.Lowering operator costs:well thought_out security solutions Lowering operator costs:well thought_out security solutions provide a payback in terms of reduced operating provide a payback in terms of reduced operating costs,reduced risk of fraud,a reduced risk of critical costs,reduced risk of fraud,a reduced risk of critical security_related network outages and potentially less churn.security_related network outages and potentially less churn.
The security wheelThe security wheel
Impletment network and respond to Impletment network and respond to incidents incidents
Monitor network and respond to Monitor network and respond to incidentsincidents
Test the security of the networkTest the security of the network
Lmprove network security.Lmprove network security.
Security_a continuous Security_a continuous processprocess
Security policySecurity policy
Impletment Network SecurityImpletment Network Security
Monitor/RespondMonitor/Respond
TestTest
Manage / ImproveManage / Improve
Network SecurityNetwork Security
The Network desigen should also best common The Network desigen should also best common practice for telecom network security . Two practice for telecom network security . Two main inputs in the designing of network main inputs in the designing of network security are threat/risk assessment and the security are threat/risk assessment and the development of a security policy . The main development of a security policy . The main inputs to a threat/risk assessment are the inputs to a threat/risk assessment are the overall security golas and security golas and overall security golas and security golas and security budget to ensure the planned security budget to ensure the planned levelof security is reached.levelof security is reached.
The network is divided into zones with clearly The network is divided into zones with clearly defined traffic flows . Encryption/VPN defined traffic flows . Encryption/VPN technologyies are applied where necessary.technologyies are applied where necessary.
Network security auditsNetwork security audits
Network security audits can be performed on two levels :Network security audits can be performed on two levels :* network security assessment* network security assessment* network security analysis.* network security analysis.Security assessment – network – common items such as Security assessment – network – common items such as
security policies and security desigen , or functionality security policies and security desigen , or functionality areas such as GPRS , O&M , and billing , are audited on a areas such as GPRS , O&M , and billing , are audited on a higher level .documentation and plans should be studied higher level .documentation and plans should be studied and compared with industry practice so that , together with and compared with industry practice so that , together with key personnel , recommendations can be produced.key personnel , recommendations can be produced.
Security Analysis – Functionality areas or specific nodes are Security Analysis – Functionality areas or specific nodes are examined in a detailed way . Node configuration scripts are examined in a detailed way . Node configuration scripts are cheked . Log analysis , vulnerability scaning and non-cheked . Log analysis , vulnerability scaning and non-destructive pentration can also performed.destructive pentration can also performed.