What are Trusted Networks in information security?

Information SecuritySafe & SecurityData Structure

Trusted networks are represented as the networks within your security boundary, and are generally the networks it is trying to defend. Computers on the trusted network can certainly access such departmental services as NFS (home and project disks), NIS (distributed account and multiple data), printers, software packages, etc.

Access to this network is secured to machines supervised by the Lab Staff, so as to secure sensitive information and uphold the accessibility of departmental resources. A recent list of machines on the trusted network can be situated here.

A trusted network (TN) architecture uses current standards, protocols and hardware devices to implement “trust.” Trusted network supports important security services including user authentication, exhaustive network device admission control, and end-device condition verify, policy-based access control, traffic filtering, and automated remediation of non-compliant devices and auditing.

In a trusted network, it needed minimum two NADs (switches with firewalls) and an AAA server. An enterprise can add as several PVSs as needed, e.g., an anti-virus validation server to provide that devices have up-to-date virus protection, a patch administration server to check that devices have the right patches and a software validation server to test the authenticity of installed device firmware. Incorporating multiple PVSs inserts to the cost of a TPCN, but improves security.

All NADs (switches, routers, wireless access points, etc.) should support trusted network functionality. Some vendors provides products with trusted network functionality. Hence, if an enterprise is using new equipment, executing a TPCN can be very cost-effective. Previous systems would likely contains essential upgrades, which can be costly.

Client devices can need software and firmware updates to provide trusted network functionality. A trusted network user is needed for authentication with the AAA server and for sending posture values. For secure applications, TPM chips can be used to check configurations and acquire posture signatures.

Devices including RTUs and PLCs do not generally have TPMs but as some RTUs already come with built-in web servers, inserting TPM to these devices is applicable, particularly if government regulations mandate the execution of trusted ICS architectures.

The administrator uses system updates by commanding new requirements in the AAA and PVSs. The AAA server instruct devices of the new policy. If the devices have the update, they test this fact with a PVS and remain in the network. Therefore, the appropriate server supports them with the needed patches (or installs the patches automatically), upon which they can enter the network.

TPCNs have the same availability issues as traditional PCNs using patches can cause elements to crash. Hence, each patch or update should be tested thoroughly before being located on the AAA server.

raja
Updated on 04-Mar-2022 10:35:21

Advertisements