At present, the attacks on the web increasingly, denial of service attacks, phishing, SQL injection and so on, and Enterprise Portal is the enterprise's "face", how to ensure that its security is operational maintenance personnel, security managers, CIOs need thoughtful, comprehensive consideration of the problem. This article will focus on this problem, first to the Enterprise Portal Web system detailed security threat analysis, and then give the corresponding solution principles and techniques, and according to the principles to provide specific implementation of the network topology and deployment points.
The threat of Enterprise Portal system
The Enterprise Portal system is faced with a great threat in running security and data security, including running security threats and data security threats.
(1) Operating Security threats
Mainly refers to the Enterprise Portal in the process of providing external services, malicious users (hackers) through a number of open service ports, open service information, etc. to organize and implement attacks, so that the Enterprise Portal service is not available, resulting in its operational security problems.
The main attack behaviors include: Malicious users use hacker tools to construct malicious messages to deny service attacks on online systems exposed to public networks, or even botnets formed by multiple network nodes, which constitute distributed denial of service attacks, and, in the face of attack, due to the partition of server-side network architecture and the lack of strict isolation measures, Hackers may take advantage of this deployment of vulnerabilities, and cause the entire server cluster paralysis, for example, because the Web server is paralyzed, hackers to the Web server as a springboard, so as to attack the backend database server, such as intranet key resources and so on.
(2) Data security threats
Mainly refers to the Enterprise Portal in the service involved in the user data, communication data, etc. due to hackers eavesdropping, redirection, and so on, resulting in the illegal disclosure of data.
The main attack behaviors include: the malicious user guesses the user name and password of the legal user through the landing interface of the Web browser, thus posing as legitimate users for Web access and system use; the malicious user is embedded in the submitted form by constructing illegal code that may be recognized and executed by the network system error. Cause abnormal information leakage, even the system crashes; a malicious user may illegally steal a legitimate user's communication message in a transmission network, thereby obtaining sensitive information that should not have been obtained; the user is directed into other illegal websites, such as the popular Phishing website (phishing), etc. So that without the knowledge of the disclosure of personal confidential information, resulting in economic losses.
Second, the level of defense plan
2.1 Design Secure network topology
Design security topology, is to ensure the security of Enterprise Portal site is the first step, but also a very important step, it can effectively from the network layer and application layer to resist external attacks, so as to ensure the operation of security.
The main aspects include the following:
(1) Network layer Defense
The deployment of a firewall can effectively network layer defense, to prevent foreign attacks, including denial of service attacks and distributed denial of service attacks, focus on filtering malicious traffic, burst traffic, and so on. More importantly: the effective use of the DMZ (demilitarized zone, demilitarized Zone) on the firewall can effectively isolate the external network and the internal network so that the immediate DMZ area is attacked and the intranet resource security is not affected.
In the deployment process, it is recommended to adopt a heterogeneous two-way firewall approach. That is, the use of different manufacturers of different models of the two firewalls, respectively, as the internal and external firewall, so that can be very good to achieve the separation of internal and external network and security enhancement purposes, because that is the way the firewall was attacked, it is difficult to affect the two-road firewall, Because hackers need more effort to analyze and execute attacks on different firewalls.
(2) Application Layer Defense
At the back of the firewall, devices that join application layer defenses, such as IPs (intrusion prevention system, intrusion prevention systems), WAF (Web application Firewall, application Firewall), UTM (Unified Threat Management, unified threat management, etc., from the application layer to the Enterprise Portal from the external Web site from the application layer (including URL links, Web content, etc.) for fine-grained filtering and detection, malicious content, such as real-time blocking. Furthermore, it can restrain and block the SQL injection attacks, buffer overflow attacks, tampering with Web pages and deleting files.
(3) Load Balancing
The server side of Enterprise Portal system needs the load balancing and load protection mechanism of the military back. Because the system is facing a huge amount of service, server-side devices basically need to have more than one server for business sharing, so as to improve performance and avoid the emergence of bottlenecks, therefore, it is necessary to use a reasonable load balancing and load protection mechanism for each server's business traffic to effectively share, according to round Robin, LRU (least recently Used) and other methods to carry out load balancing; In addition, the load protection mechanism needs to evaluate the CPU resources and memory resources of each server in real time, if the threshold value (80% or above) is exceeded, the overload protection will be carried out immediately. So as to ensure the security of the server itself.
Typically, there are 2 ways to implement it. One kind is buys the mature hardware load balanced product, like F5 and so on the website traffic control and the diversion, guarantees the backstage each server the flow to be balanced as well as high availability, but spends high; one is by using the open source system software LVS (Linux virtual Server,linux) , Nginx (Engine X) and other load balancing software to build applications, which can save a certain amount of money.
2.2 Enhanced User Access control
The design of the access control strategy and means, to a large extent, to avoid the access of illegal users, so as to protect the security of Enterprise Portal sites. Currently suitable for Enterprise Portal authentication methods are as follows, you can use one or a combination of several ways:
L Username + Password: The most traditional way of verification;
L Digital Certificate: For important web system applications, it is necessary to verify the user's credentials according to the PKI (public Key Infrastructure) mechanism, so as to authenticate the user (usually the server is authenticated to the client, and can establish two-way authentication, That is, the user authenticates the server to prevent fake illegal websites, and ensures the non-repudiation of the transaction. There are two ways to provide a certificate:
1 File Certificate: Save on the user disk and file system, there is a certain security risk;
2 The USB Device storage certificate: stored on the USB device, security is very high.
2.3 Encrypted communication data
The mature SSL (Secure Socket Layer, Secure Sockets Layer) mechanism can be used to ensure the encrypted transmission of the web system data and the user's authentication to the Web system server. For the use of Web browsers online system applications, using the ssl+ digital certificate in the way (ie HTTPS protocol), to ensure the encryption of communication data transmission, but also to ensure that the client server-side authentication, to avoid the user is impersonating legitimate Web site "phishing" deception, Thus leaking confidential information (username and password, etc.), resulting in irreversible economic losses.
In the process of using SSL, you first need to apply for the corresponding digital certificate. Generally speaking, there are two kinds of processing methods.
1 One is the application authority issued digital certificates, such as verisign,globalsign and other institutions issued digital certificates, which requires a certain amount of money, the advantage of the current almost all mainstream browsers can be well supported, That is, you only need to deploy the certificate on the server of the Enterprise Portal site to establish an SSL encrypted channel on the client and server side;
2 The other is the use of open source tools such as OpenSSL to generate the corresponding root certificate and server certificate, which can save a large amount of money, but the disadvantage is that the mainstream browser is not well supported, the need for the client and server to deploy the root certificate and server certificates, This is difficult to handle when the client is very much, and the user experience is poor.
2.4 Good risk control
Risk control is the use of penetration testing in the Enterprise Portal before the attack to explore, analyze, evaluate, and the use of patching, implementation of security technology and equipment to solve the site may be a variety of risks, vulnerabilities. This requires a periodic, spontaneous mining of web system vulnerabilities, and according to the mining vulnerabilities through a variety of security mechanisms and patches and other means of protection to effectively avoid the "0 attack" and so on.
At present, Enterprise Portal can obtain the open port, service, operating system type of Enterprise Portal by using port scan, attack simulation and so on, and exploit its related vulnerabilities for attack test. And according to the test results to strengthen the security of the system in various ways to avoid being exploited by hackers and other attacks.