What are the security issues of using a trusted network?

A trusted network addresses the following security issues such as partially or completely which are as follows −

Firewall Configuration Errors (Partial) − A TPCN divides the group of firewall rules into smaller rule sets related to each access control group or role. These rule sets are sent by the AAA server to the NADs for administration upon completion of the authentication process.

As per the several configuration errors reduces logarithmically as the rule set complexity decreases. Because a TPCN has smaller rule sets, the capability for firewall configuration errors is properly lower. Furthermore, access rules in a TPCN are defined based on team or roles, not only IP addresses; this helps decrease confusion and consequently configuration errors. The configuration errors will not be completely removed. Hence, TPCN only supports a partial solution to the problem.

Bypassing Firewalls (Complete) − TPCNs explicitly address this problem by protecting all NADs and requiring them to make trust relationships with user devices before forwarding traffic (such as wireless traffic and VPN traffic). Moreover, the access control and traffic rules are used at each access point. It is not applicable to bypass the rules by hooking a line behind a firewall because the line’s switch (access point) implement the rules.

Vulnerable Devices (Partial) − In a traditional network mechanism, patch configuration administration is implemented manually by the network administration. This is an extremely complex service for remote and mobile devices.

As a result, it can be completed less frequently than recommended or it can be easily ignored. In a TPCN, the state of a device is tested automatically before it can join the network. Furthermore, its behavior is repeatedly monitored upon entry and status checks can be implemented at the desired frequency.

Unsecured Physical Access (Complete) − TPCNs address this issue by enforcing security policies on NAD ports. This is defined as “port-based access control.” Therefore, a malicious or negligent user cannot hook a tool to an open Ethernet port and gain entry into the network.

Malware (Partial) − The compliance rules required on devices before and after joining a TPCN decrease the possibility of infections by malware.

Untrusted Devices (Complete) − TPCNs address this problem explicitly by checking the signatures of the critical elements of a device using the TPM chip and also verifying the device status. If the TPM chip is trusted, the device can authenticate its identity.

Untrusted Users (Partial) − By using stronger authentication methods and clearly representing user roles, TPCNs avoid attacks including password cracking/stealing, access violations and impersonation. Moreover, by blocking some avoidable approaches, TPCNs incompletely avoid accidents caused by careless insiders that account for more than 30% of some security incidents.