Name: Daniel Meredith
Course: CS125 -- Computer Networks
Abstract Due Date: March 30, 2000
Journal Reference: draft-ietf-ipsec-dhcp-04.txt
The security of a private network as it is seen by the outside world has always been the
prime focus of security specialists. But with the increasing movement of people wishing
to work from home it has become necessary to consider to the security of those nodes
operating outside of the protection of a companies private network. The easiest solution to
this problem is to extent the wall of the private network around the outlying nodes. This
raises a few obvious problems.
- How do you extent the wall if a physical connection to the private network is
beyond a reasonable distance?
- If they must connect to the private network, how do you guarantee a secure and
safe connection?
- Once connected, how do you make sure that the node that was brought into the
network is not a security risk to the whole network?
One possible solution to these problems is the use of DHCP over a VPN to secure and connect
the outlying nodes. Once an external machine has been configured with some kind of external
network interface (PPP, DSL, ISDN) a secure connection to a company server could be achieved
via a Virtual Private Network (VPN). Similar to the days in the past when a person could
dial directly in to their company or school mainframe to access the resources it contained,
a secure VPN could be established to allow access to the resources of the company intranet.
The increased security in both IPSEC for IPv4 and IPv6 make it possible to create not only
a secured connection for the VPN via tunneling, but also to establish the VPN in a secure
manner. The outer node would simply need to create a Security Association (SA) and Key
Exchange with the private network security gateway and then negotiate with the DHCP server
via the SA with the security gateway until the VPN could be established. This allows the
outer node to be incorporated into the private network in a very secure manner, and then
the remainder of the connection can be maintained via a VPN operating in IPSEC tunnel mode.
The largest problem I see with this practice if the ability to bring an unsecured node into
a previously secure network.
Example:
A worker for a large Internet Service Provider is forced to take some medical leave. During
this time he decides that he could just as well work from home during this time and not
take his leave. So the company decides that he should be allow to use their network via a
secured VPN. Unknown to the company the workers machine has multiple Internet interfaces and
while being connect to the VPN via one interface is also running ftp and irc servers on
other interfaces. This creates a huge security hole if his machine can be compromised via
one of the other interfaces. It is an open door to the private network of the ISP. This
is a bad thing.
The ability to add more nodes to the network means that the network has that many more
vulnerabilities. Thus security measures and standard must be setup and policed on any machine
wishing to connect to the private network. This translates to higher security costs and
raises the question: "Is connecting to the network from home, hotel, etc worth the extra
costs to maintain security?"