S 2.140 Analysis of the existing network environment
Initiation responsibility: Head of IT, IT Security Officer
Implementation responsibility: Administrator
This safeguard builds upon the results of the survey according to S 2.139 Survey of the existing network environment and requires specific knowledge in the fields of network topology, network topography, and about network-specific vulnerabilities. Furthermore, experience regarding the evaluation of the individual IT applications used with regard to confidentiality, integrity, and/or availability is necessary. Since this is a complex field also requiring large amounts of time in addition to in-depth knowledge in all fields mentioned, it may make sense to call in external consultants in order to analyse the existing network environment. The BSI may provide support in the field of the German federal administration.
An analysis of the existing network environment predominantly consists of a structure analysis, a protection requirements determination, and a vulnerabilities analysis.
A structure analysis consists of an analysis of the documentations drawn up according to S 2.139 Survey of the existing network environment. The structure analysis must be performed by an analysis team that is capable of comprehending or even deducing all possible communication links. As a result, the analysis team must have understood the mode of operation of the network and must have received information about the basic communication options. Frequently, conceptual deficiencies of the network can already be identified during structure analysis.
A successful structure analysis is an absolute prerequisite for the subsequent detailed protection requirements determination and/or vulnerabilities analysis.
Detailed protection requirements determination
The structure analysis is followed by a protection requirements determination which goes beyond the determination described in the IT-Grundschutz Methodology. Here, the requirements regarding confidentiality, availability, and integrity of the individual areas of the network and/or segments are taken into account additionally. For this, it is necessary to determine the requirements based on the different IT procedures and how these influence the existing network segmentation. As a result, it must be comprehensible which network segments entail special security requirements.
Analysis of vulnerabilities in the network
Based on the results present up to this point in time, the vulnerabilities of the network are analysed. This particularly includes the identification of network components not designed redundantly in the event of corresponding availability requirements (single points of failure). Furthermore, the areas where the requirements regarding availability, confidentiality, or integrity cannot be complied with and/or require particular attention must be mentioned. Moreover, it must be determined whether the selected segmentation is appropriate with regard to bandwidth and performance (based on the results of the traffic flow analysis from S 2.139 Survey of the existing network environment).
Exemplary vulnerability: The performance and traffic flow analysis reveals an overloaded active network component. For the corresponding communication route, high requirements regarding the availability and therefore also regarding the performance were determined within the framework of the protection requirements determination. This vulnerability requires an adaptation of the network segmentation or the replacement of the network component by a more powerful model (see S 5.61 Suitable physical segmentation, S 5.62 Suitable logical segmentation, S 5.60 Selection of a suitable backbone technology, and S 5.13 Appropriate use of equipment for network coupling).
Review questions:
- Has it been documented which security requirements are present in which network segments?
- Have the vulnerabilities of the network regarding the security requirements been analysed, defined, and assigned to the individual network areas?