Securing Hastily Formed Networks For Disaster Relief & Emergency Response

Securing Hastily Formed Networks
For Disaster Relief and Emergency
Response
BRKSEC-1000

BRKSEC-1000 © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 2

“We don’t just get involved in something and then
leave…we get involved in ways nobody else
does.”

John Chambers
President & CEO – Cisco Systems

Agenda

 A bit about Cisco Tactical Operations
 The intersection of human needs and
networks
 Introducing the “Hastily Formed Network” (HFN)
 Security considerations of HFNs
 Q&A
 Wrap-up


Cisco Tactical Operations
humanitarian networks

Cisco TacOps Provides Crisis Support

 Cisco Tactical Operations (TacOps) is a dedicated crisis response team
that establishes emergency networks after a disaster.
 TacOps personnel skills include technical, operational, first responder,
military and logistics
 Promotes innovative technology solutions for disaster response and other
hardship situations.
 Emergency response funded
by Cisco Corporate Philanthropy.


Cisco Learned Lessons from Hurricane Katrina
 Initially: TacOps supported “extreme risk” incidents

 Expanded mission: To have a scalable, coordinated,
response to disasters (2005) … because:

 Hurricane Katrina - what Cisco did:
‒ Cisco sent hundreds of volunteers and tons
of equipment to Gulf region.
‒ We were successful, but…

 Hurricane Katrina - lessons learned:
‒ There were many willing engineers but few
trained for the environment.
‒ Less effective due to the Cisco-wide uncoordinated
response.
‒ No standardized Cisco mobile platform for disaster
response.

Today: All-hazards Response, Anywhere

 Famine, Horn of Africa  Plane Crash, Palo Alto CA
 Tornadoes, AL, NC, MO  Earthquake, Port-Au-Prince
 Earthquake/Tsunami, Japan Haiti
 Earthquakes, Christchurch  Fiber-Optic Cut, SF Bay Area
New Zealand CA
 Flooding, Brazil  Flooding, Cedar Rapids IA
 Flooding, Queensland  Evans Road Fire, NC
Australia  Harris Fire, San Diego CA
 Fourmile Canyon Fire, Boulder  Hurricanes Katrina, Gustav,
CO Ike
 Gas Pipeline Explosion, San
Bruno CA


US Relationships

Office of Emergency Services


International Relationships


The Intersection of Human Needs and
Networks

All Crisis Responders Share the Same Problem

NGOs/VOADs/
International Orgs Public Safety

Transportation How to deliver the right National, State &
Local Government
information in the right
format to the right person
at the right time?
Critical Infrastructure
Healthcare

Defense 13


The Need for Technology in Disaster is Increasing
Goal: Mission workflow
and productivity
benefits to save lives
 Radio, phone Radio + Integrated Data and speed recovery.
 Single device Any Device (BYOD)
 Voice only Voice, Video, Data
 Closed teams Open collaboration
 Command centric In the field, social media, everyone
 Fixed locations Deployable anywhere


Introducing Hastily Formed Networks

Typical ICT Challenges in Disaster
Information and Computing Technologies (ICT) are Needed but Overwhelmed

 Lack of power
 Degraded telephony infrastructure
 Degraded Push-to-Talk Radio,
Lack of interoperability
 Oversubscribed services
 Limited Internet access
 Few IT resources
 Lack of trained staff


Solution: Hastily Formed Networks (HFN)
Instant Emergency Networks

 HFNs are portable, IP-based networks
that are deployed in emergencies
when normal communications
has been disabled or destroyed.

 Enable on-scene and remote responders
to share situational awareness, coordinate
operations, establish command and control.

 Communicate within the affected
area as well as to the outside world.


NPS/Cisco HFN Layered Model
HUMAN / COGNITIVE
Social/Cultural Organizational Political Economic

TEXT VOICE VIDEO/IMAGERY SPECIALIZED
- email - Push-to-talk - VTC - Collaboration
APPLICATION - chat - Cellular - GIS - Sit Awareness
- SMS - VoIP - Layered Maps - Cmd/Control
- Sat Phone/PSTN - Fusion
WIRED WIRELESS WIRELESS SAT
- DSL LOCAL LONG HAUL BROADBAND
NETWORK - Cable - WiFi - WiMAX - VSAT
- Other ISP WAN - PAN - Microwave - BGAN
- MAN - IP over HF
POWER HUMAN NEEDS PHYSICAL NET OP CENTER
- Fossil Fuel - Shelter SECURITY - Network Sec
PHYSICAL - Renewable - Water - Force Protection -Cmd/Control
- Fuel - Access - Leadership
- Food Authorization


That Layer Model Assumes Something Important

 Security underlies every element of an HFN.


HFNs: What They Are

 Portable: mobile, rolling kit, easily moved
with few personnel

 Rapidly deployable: pre-configured, set up
with minimal training

 Interim: Once pre-event communications
is restored typically decommissioned.

 Based on: WiFi/VSAT/WiMAX/etc.


HFNs: What They Are Not

 A replacement for pre-emergency infrastructure.

 Designed for large numbers of users

 High bandwidth (if on VSAT). High latency, etc. needs to be considered.

Typical NOC HFN NOC (Haiti)

The First Deployed HFN: Hurricane Katrina


More Recently: 2010 Haiti Quake

Airport
USNS COMFORT

NPS HFN TEAM HAITI NETWORK
VSAT/BGAN Satellite
WiMAX Point-to-Point
WiFi Mesh
WiFi Access Point

Mobile and Kit HFN Solutions
Example Units for Our Security Discussions

 Network Emergency Response Vehicle
(NERV)
‒ ISR G2 based platform/VSAT/Mesh
‒ Video surveillance, streaming, TelePresence
 Mobile Communicator Vehicle (MC2)
‒ ISR based platform. VSAT, Mesh
 Emergency Communications Kit (ECK)
‒ Rapidly deployable communications capability
‒ ISR 2811 / 3825 based


Security: What are We Really Trying to Do?

 Keep bad things out.
 Protect the mission
 Keep critical services running
 Know what’s happening
on the network and devices Inside Outside

 Balance security and access

 Get it right every time.


Myth Busting: Information Security in a
Disaster
 Assumption: “In a crisis network, I need to get deployed
quickly. I don’t have time
or the resources to secure
the network!”

 Reality: All HFN networks
should be pre-planned – plan
and build your security into
your infrastructure!


HFN Security Starts With the Physical

 You’re going into a disaster zone!

 “Force Protection”

 Physical security of equipment

 Logistics

 Intelligence

 Health and Safety


Basic Information Security Concepts via HFN

 Confidentiality: secure voice, video. Patient data. Security sensitive info.

 Integrity: command and control channels

 Availability: Denial of Service, appropriate use of the network, VSAT

 Authenticity: User/admin verification, trusted endpoints.


IP Traffic Planes (a Reminder)

 Data plane traffic: end-station, user generated traffic.

 Control plane traffic: network device generated or received traffic used to
operate create the network itself. (ARP, EIGRP, OSPF, etc.)

 Management plane traffic: traffic designed to manage the network or
devices on the network. (SSH, FTP, SNMP, NTP, etc.)

 Addressing can help keep things organized: All kits/vehicles have
/16, and each vlan is a /24 with a specified role. We can identify
traffic flows easily.

HFNs Use the Same Basic Infosec
Assumptions
 Least-privilege access: Users, devices, systems are given minimal
access given the crisis environment (advanced AAA solutions, etc. may
not be available!)
 Threats may come from anywhere in the network.
 Simplicity: Once initially configured, the security architecture should
establish itself without requiring any additional work from personnel who
already have too much to do.
 Defense-in-Depth: No single security feature or technology can mitigate
the range of possible threats.


Cisco NERV Architecture
Internet

VHF

VSAT UHF Wireless
DMVPN/FW Core
IPICS IP Phone
Router Router
HF Inside Wireless
3925 3945
AP 1242
Satellite
Modem Access
Switch

Wireless
Controller
Cisco Systems
San Jose, CA
Wireless
Raleigh, NC
Mesh AP Video
1524- Surveillance
PS/1522
IP Phone Video
7970/9971 Conferencing
(C40)
Cameras


Use Strong Passwords, Restricted Privileges

 For system/network devices, strong passwords are enforced.
- No dictionary words, mix of special chars, letters, numbers
- Based on mnemonic/phrase that is easily remembered
(no guesswork in a disaster)
- No “cisco/cisco” or similar. Duh!

 Computers and other devices: “user” (non admin accounts), and
administrative accounts. Use the least-access user needed for a task.


DoS is the Primary Security Concern
with Satellite
 Satellite is often the only way to get
broadband data in a disaster.
 The “thin sippy straw” – b/w from
128kbps – 5mbps (typical Ku VSAT system)
 Protect your satellite bandwidth at all costs!
 Malicious traffic
‒ Zombie, flooding traffic.
 Inappropriate use …?
‒ YouTube
‒ BitTorrent
‒ FarmVille

A Real World Security Incident…

 Once upon a time… the NERV had a
flat, open network.

 Evans Road Fire in North Carolina.

 Firefighter’s laptop came onto
the NERV pre-infected – DDoS
zombie w/spoofed SRC IP.

 Created DoS condition on the satellite uplink.


…Had Us Reevaluate Access.

 Designed for differentiated access in a
easy-to-deploy fashion.

 “Untrusted” VLANs: open WiFi,
certain networks such as those
external to the NERV or kits Optical & Copper
(patch panel) – access to the patch panel allow
only limited access
Internet only.

 “Trusted” VLANs have open access to
servers, vehicle-based resources, etc.
Requires you to have physical access to vehicle/kit

Our HFN Firewall Strategy – One Policy,
Everywhere Field Units

 Each “unit” is responsible ASA Firewall

for its own firewall
 Each policy is the same
San Jose, CA
 Inbound IOS firewall,
BOGON filters
Internet
 Egress Internet-only from
“untrusted” networks
 Egress “sanity checking” ASA Firewall

filters for spoofed outbound
traffic
Raleigh, NC


Dynamic Multipoint VPN Increases Resiliency

 3DES / SHA1 IPSEC DMVPN ASA Firewall
protects all management plane
control plane VoIP, TelePresence DMVPN Tunnel
traffic.
San Jose, CA
 IPSEC tunnels link both
backend hubs in San Jose Internet IPSEC
and RTP
 Each remote unit comes
ASA Firewall
up and establishes two tunnels
DMVPN Tunnel

 DMVPN is NAT friendly & Raleigh, NC
increases resiliency.

Remote Access VPN Brings in Remote Users
Remote user
(Jabber Video)

 Cisco ASAs configured to support both ASA Firewall
remote access IPSEC and AnyConnect
SSL VPN AnyConnect

 Remote users are typically San Jose, CA
trying to join the TelePresence
environment, or Internet
CTS C40
administer the infrastructure.
Low volume.
ASA Firewall

Raleigh, NC


Intrusion Monitoring for Malicious Traffic

 Monitor network traffic using NM-IPS
 Monitor the VLAN between core router
and gateway router (e.g. to/from
Internet or VPN)
 Since our usage patterns change from
deployment to deployment, we use
them in IDS mode and rely upon
on-scene engineers to investigate
alarms.
 Consider which network segments
you “care the most about”


Security Features for 802.11 Mesh Networks

 Mesh networks support 802.11i – WPA2
 But do your clients? Old devices
may not support it.
 Cisco LWAPP considered insecure –
avoid it (it’s old anyway!)
 Since code 5.2 – CAPWAP [RFC 5415]
interoperable … but don’t bet on it.
 Encryption + authentication required between AP and controller
(which means you’ll have to do some pre-config, not plug and play)
 Segment traffic across multiple wireless VLANs


802.16e WiMax Security – Proceed with Caution

 WiMax provides a wireless bridge
technology (4G)
 Range: dozens of kilometers

 BUT …
 Security features variable
from each vendor, no standardization
 Do your homework.
‒ Quality of security implementation is spotty.
‒ 3DES, AES 128, 192, 256 for encryption
‒ Don’t use MAC auth. Use vs X.509 EAP-TLS

Host Security…When You Don’t Control
the Host!
 All TacOps server hosts are hardened. PCs have a/v, CSA, etc.

 But what about “untrusted” hosts on scene?

 American Red Cross
‒ maintains ghost master system images, keep them patched & up to date.
‒ When they’re deploying laptops, they will image the laptops immediately before
shipping them out.


Network Monitoring – Know Your Network
Health (Don’t Just Assume!)
 You need to know what’s going on
before your users do.

 SNMP, Cisco NetFlow, ASDM
‒ Beware of “chatty” management
plane protocols that might cause
trouble over satellite.
‒ Consider what network elements
really need to be monitored.


Wrapping it all up

 The need for technology in disasters is increasing.
 Hastily Formed Networks provide IP in austere environments
 SECURE Hastily Formed Networks can help save lives and speed
recovery to affected communities.

 You can have ease of deployment and security – it takes an
architectural approach.


Connect with us Online
Web. Email. Social Media.

 On Cisco.com: http://www.cisco.com/go/tacops/

 Email: tacops-info@cisco.com

 Facebook:
http://www.facebook.com/cisco.tacops

 Twitter:
@SJ_NERV
@RTP_NERV


Complete Your Online
Session Evaluation
 Give us your feedback and you
could win fabulous prizes.
Winners announced daily.
 Receive 20 Passport points for each
session evaluation you complete.
 Complete your session evaluation
online now (open a browser through
our wireless network to access our Don’t forget to activate your
portal) or visit one of the Internet Cisco Live Virtual account for access to
stations throughout the Convention all session material, communities, and
on-demand and live activities throughout
Center. the year. Activate your account at the
Cisco booth in the World of Solutions or visit
www.ciscolive.com.


Final Thoughts

 Get hands-on experience with the Walk-in Labs located in World of
Solutions, booth 1042
 Come see demos of many key solutions and products in the main Cisco
booth 2924
 Visit www.ciscoLive365.com after the event for updated PDFs, on-
demand session videos, networking, and more!
 Follow Cisco Live! using social media:
‒ Facebook: https://www.facebook.com/ciscoliveus
‒ Twitter: https://twitter.com/#!/CiscoLive
‒ LinkedIn Group: http://linkd.in/CiscoLI


Securing Hastily Formed Networks For Disaster Relief & Emergency Response

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

Similaire à Securing Hastily Formed Networks For Disaster Relief & Emergency Response

Similaire à Securing Hastily Formed Networks For Disaster Relief & Emergency Response (20)

Dernier

Dernier (20)

Securing Hastily Formed Networks For Disaster Relief & Emergency Response