Building Secure and Reliable Systems: A Comprehensive Guide

Chapter 4: Two Basic Security Patterns

1. Perimeter Security

Like a castle with a high wall, perimeter security focuses on creating a strong barrier between your network and the outside world. A robust firewall acts as the gatekeeper, allowing you to operate freely within your network.

Think of it as a crunchy candy shell with a soft, gooey center. However, the effectiveness of perimeter security is diminishing with the rise of wireless networks and cross-connections with partner organizations. The crunchy candy shell is disappearing.

2. Defense in Depth

This approach involves layering security measures at all points in a network. This multi-layered strategy includes:

  • Firewalls to protect against internet-based attacks.
  • Antivirus systems to scan email messages.
  • Antimalware software on individual PCs.
  • Encryption for secure communication between computers.

Security and Reliability

Security and reliability go hand in hand. An insecure system is vulnerable to attacks that compromise its reliability. If management prioritizes reliability, emphasize how addressing security concerns directly enhances system stability.

Documenting Company Security Policies

  1. Acceptable Use Policy (AUP): Defines legitimate users of computer and network resources, outlining permissible activities and providing explicit examples of unacceptable use. Users must sign this policy.
  2. Monitoring and Privacy Policy: Outlines company practices for monitoring computer and network resources, including individual computer activity, network traffic, email, web browsing, and log monitoring.
  3. Remote Access Policy: Explains risks associated with unauthorized network access and describes precautions for safeguarding sensitive information like passwords and PINs.
  4. Network Connectivity Policy: Defines how the company establishes network connections with other entities or shares resources with third parties, such as extranets.
  5. Log-Retention Policy: Specifies what data is logged, for how long, and how it is managed. Logs are crucial for incident tracking but require significant storage space if retained indefinitely.

Basics for the Technical Staff

1. Meet Business Needs

Design security systems that align with business objectives. The ideal solution should:

  • Enable efficient workflows.
  • Provide a reasonable level of security.
  • Maintain simplicity and clarity.
  • Be implementable within a reasonable timeframe.

2. Build Security on a Solid Infrastructure

A robust security program requires a strong foundation. Build your computer and network infrastructure with security as a top priority.

3. Stay Informed About the Latest Attacks

Security professionals must stay ahead of emerging threats. Regularly track security mailing lists and websites to stay informed about current attack methods and mitigation strategies.

4. Implement Authentication and Authorization

Authentication verifies a user’s identity, while authorization determines their access rights and permissions (e.g., System Administrator, Database Administrator, User).

5. Utilize an Authorization Matrix

An authorization matrix defines specific actions users can perform based on their roles. For example, customers can access their own emails but not others, while administrators have broader access to manage databases and system configurations.

6. Choose the Right Products and Vendors

Select security products and vendors that align with your specific needs and budget. Conduct thorough research and consider factors like reliability, support, and industry reputation.

7. Conduct Internal Audits

Regularly assess your security environment to ensure compliance with established policies and design criteria. Internal audits help identify vulnerabilities and areas for improvement.

Management and Organizational Issues

1. Allocate Resources Effectively

Provide the security team with the necessary resources, including budget, personnel, and tools. Encourage collaboration and knowledge sharing within the industry to stay informed about best practices.

2. Establish an Incident Response Plan

Develop a comprehensive incident response plan to handle security breaches effectively. Prepare in advance by forming a dedicated team and outlining clear procedures for incident identification, containment, eradication, and recovery.

3. Conduct External Audits

Engage independent security consultants to perform external audits. These objective assessments provide valuable insights and recommendations for strengthening your security posture.

4. Foster Cross-Functional Collaboration

Encourage communication and collaboration between the security team and other departments. Stay informed about business developments that may impact security and involve key stakeholders in policy development.

Chapter 5: System Upgrades

Verify Software Compatibility

Before upgrading your operating system (OS), ensure all software packages are compatible. Contact vendors or consult their websites to determine if your current software versions are supported on the new OS. Document your findings for future reference.

If software is incompatible, consider these options:

  1. Upgrade to a release supported on both OS versions.
  2. Upgrade to a release that only works on the new OS.
  3. Replace the software if it’s no longer supported.

Select a Maintenance Window

Coordinate with users to determine a suitable maintenance window for the upgrade. Clearly communicate the scheduled time, estimated duration, and any potential impact on system availability. Have a rollback plan in case of unforeseen issues.

Announce the Upgrade

Notify users about the upcoming upgrade with clear and concise announcements. Use a consistent format for all communications to ensure familiarity. Highlight important details in the subject line for quick reference.

Execute Tests

Perform thorough testing immediately before the upgrade to identify and address any last-minute issues. This proactive approach minimizes the risk of encountering problems during or after the upgrade.

Test Your Work

After the upgrade, repeat all previously conducted tests to verify system functionality and stability. Follow established debugging procedures if any issues arise. Communicate with users at prearranged times to confirm successful implementation.

Have a Back-Out Plan

Develop a comprehensive back-out plan to restore the system to its previous state if the upgrade fails. This plan should outline the steps required to revert changes and minimize downtime.

Restore User Access

Once the upgrade is complete and the system is stable, restore user access. Communicate the completion status to users and provide any necessary instructions or updates.

Communicate Completion or Back-Out

Inform users about the upgrade’s successful completion or, if necessary, the initiation of the back-out plan. Transparency and clear communication are crucial throughout the upgrade process.

Chapter 6: System Monitoring

Monitoring is essential for maintaining a reliable and professional service. There are two primary types of monitoring:

1. Historical Monitoring

  • Records long-term uptime, usage, and performance statistics.
  • Involves data collection and analysis.
  • Tools like Cricket and Orca are commonly used.
  • Data condensation (e.g., using averages) and expiration policies help manage storage space.

2. Real-Time Monitoring

  • Provides immediate alerts for system issues like host downtime or service disruptions.
  • SNMP (Simple Network Monitoring Protocol) is widely used for real-time network monitoring and management.
  • Escalation procedures define when to involve higher-level support based on the severity and duration of issues.
  • Active monitoring systems not only detect problems but also attempt to resolve them automatically.

Chapter 7: Email Service

Building a Reliable Email Service

A reliable and scalable email service requires a strong foundation. System administrators should prioritize the following:

1. Privacy Policy

Establish and communicate a clear email privacy policy to all employees. This policy should outline data handling practices and comply with relevant regulations.

2. Namespaces

Standardize email addresses for consistency and professionalism. Use a first.last format (e.g., and implement strategies to avoid conflicts for users with the same name.

3. Reliability

Email is a critical service. Design and maintain a highly reliable email system to minimize downtime and ensure users can send and receive messages without interruption.

4. Simplicity

Avoid unnecessary complexity in your email system design. Simplicity enhances reliability and makes the system easier to manage and support. Focus on five key aspects:

  • Mail Transport Agent (MTA): Routes email between servers.
  • Mail Delivery Agent (MDA): Receives and stores email messages on the destination server.
  • Email Access Server: Provides access protocols (POP3, IMAP4) for email clients.
  • List Processing: Manages email distribution to groups of recipients.
  • Filtering: Implements anti-spam and anti-virus measures to protect users and the system.