中文网站
  Advanced Search
Read the latest Blogs from IT professionals in the field. Read and write community created documents. Need IT help? Ask our staff. Connect with your peers. Check our Tech Shop for posters, books and software tools. Home
HomeInformation, Computer and Network SecuritySecurity Vulnerabilities

Network Security of WAN: ATM, Frame Relay an Broadband Access

Wide Area Network (WAN) typically connects with multiple local Area networks using core technologies such as ATM, Frame Relay and TCP/IP. The typically WAN access technologies are cable, xDSL, Dial Up and T1/E1. Each technology has its own security vulnerabilities:

For ATM network, information sniffing, identity spoofing, Denial of service, Virtual circuits hijacking , ATM switch attack. ATM Based Spoofing and traffic analysis are the main concerns. The mitigations to address the security problems are:

  • User Authentication and verification of identities
  • Controlled Access and Authorization and network activity logging for later analysis
  • Protection of Confidentiality: Stored and communicated data should be confidential.
  • Protection of Data Integrity: The security system should guarantee the integrity of the stored and communicated data.
  • Use firewall to protect ATM Switches from Denial of Service attacks, Spoofing and other attacks

For the Frame Relay network, data privacy and integrity is the most important issue in terms of security. Frame Relay network is vulnerable for information sniffing, password attacks, war dialing, spoofing and connection hijacking. The most important defenses against these attacks are the encryption of highly sensitive data in storage and in transit across networks, and the use of strong authentication to control access to stored data such as critical systems and business processes.

Actually, TCP/IP is the mostly used Wide Area Network (WAN) technology. It has a whole different set of security problems. TCP/IP is also the technology of choice for the Internet. When more companies are trying to establish a virtual private network WAN over the Internet, the security challenges then are facing a totally different world. The TCP/IP security vulnerabilities and solutions will be discussed in separate articles.

On the access side, the most popular technologies are cable and xDSL modem for homes and SOHOs. T1/E1 and DS3 etc. are mostly used by businesses. The security risks associated with the access are: Static IP as a target of attack and shared media for cable access (this has been addressed by DOCSIS).

‹ Network Security at the Transport Layer (Layer 4: TCP and UDP)upPharming and Anti-pharming Mitigations and Technologies ›