At a Black Hat Europe Conference last April a team of researchers released tools that can automate attacks on MPLS and Ethernet backbone technologies.  According to one of the researchers,”These technologies do not provide any security themselves, but just rely on the assumption that the underlying network is secure.”

As MPLS VPNs evolved from proprietary networks to supporting internet-based services, so did their risk of attack increase. German researcher Ray says,”Enterprises that use these VPN services should be aware they are vulnerable. Perform risk analysis and encrypt your traffic.  ”Just because it’s called MPLS VPN [doesn't mean] you should [automatically] trust it.”

Many retailers followed their service providers advice and simply migrated from Frame Relay and ATM networks to MPLS.  However, over time the majority of problems meant to be solved by MPLS no longer exist, and holes in the technology are being exploited. 

Total information security for retail data networks is possible.  Solutions using PKI technology, unique digital certificates with mutual mandatory authentication between security appliances, end-to-end data encryption and data integrity checking can provide a standalone data network solution or act as the security layer for
an existing MPLS VPN network.

Retailers need to re-examine wide area networking technologies and topologies as they seek to optimize the security, reliability and cost of their current data network.

Blue Ridge Military Grade VPN, Fully Managed Solution

Authentication – WHO’s who?

With flawed authentication:
• Authorization systems effectively become indiscriminate,
• Privacy services are pointless when the encryption key is available to anyone
• Integrity services (i.e., has ‘this’ been altered?) can be subverted
• Audit services capture events attributed to no one in particular and for events that may not have actually occurred.

BEST PRACTICE: Employ two-factor, mandatory, mutual PKI authentication whenever practical.

Authorization – WHO can access it?

A flawed authorization system can allow Bob to access and modify resources that only Alice may, also violating privacy and integrity. If your Active Directory, other LDAP, or some standalone server application cannot effectively distinguish between one user and another, then its ability to regulate who may access what is undermined.

BEST PRACTICE: Employ two-factor, mandatory, mutual PKI authentication whenever practical.

Privacy – WHO can see it?

Privacy, though a more general term, is frequently equated with encryption. Encryption is a commodity, generally. Any vendor’s implementation is usually as good as another’s. Administrators should always select an AES setting. In many circumstances, AES 256 adds little to no additional overhead as compared with AES 128 or AES 192. Nonetheless, weak authentication devalues strong encryption.

BEST PRACTICE: Employ two-factor, mandatory, mutual PKI authentication whenever practical.

Integrity – WHO can change it?

Cryptographic mechanisms enable a recipient of delivered electronic data to determine if it has been altered since it left the sender. If the ‘receive’ does not credibly know the data came from the ‘sender’. What’s the point of testing for data integrity?

BEST PRACTICE: Employ two-factor, mandatory, mutual PKI authentication whenever practical.

Audit – WHO did it?

Without assurance that data is unaltered, audit records are useless because the events they capture have no credible association with who did what.
Organizations are driven to meticulously audit activities due to regulatory requirements and security best practices.

BEST PRACTICE: Employ two-factor, mandatory, mutual PKI authentication whenever practical.

Why two-factor?

Endpoints, such as desktops and laptops, can be compromised with malware. Over 20% of malware found on endpoints is designed to steal user name and password credentials. A digital identity that resides within a second, physical device that prevents any copying or spoofing of that data ensures that one can rely on assertions that Alice is indeed Alice.

Why mutual authentication?

Most authentication deployments support the server (a.k.a., its administrator) authenticate any user that approaches it. But, how does the end-user authenticate the server or site? If this is untrustworthy, then all other security measures can be compromised. That is why half the email or junk mail any end-user receives points to fake websites.

Why PKI?

One-time pass code authentication schemes are generally one-way, authenticating the end-user only. PKI facilitates mutual authentication. It also provides for non-repudiation and other useful security services.