ISO/IEC INTERNATIONAL STANDARD 27033-3 First edition 2010-12-15 Information technology Security techniques Network security - Part 3: Reference networking scenarios Threats, design techniques and control issues Technologies de l'information - Techniques de sécurite Sécurité de réseau- Partie 3: Scenarios de réseautage de référence Menaces, techniques conceptuelles et questions de controle Reference number ISO/IEC 27033-3:2010(E) IEC Tso @ISO/IEC2010 HS,under I without license from IHS Not for Resale ISO/IEC 27033-3:2010(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by Iso member bodies. In COPYRIGHT PROTECTED DOCUMENT ISO/IEC2010 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either isO at the address below or ISO's member body in the country of the requester. ISO copyright office Case postale 56 . CH-1211 Geneva 20 Tel. + 4122749 01 11 Fax + 41 22 749 09 47 E-mail [email protected] Web www.iso.org Published in Switzerland CpyrgheationalganizaionfrStandardizatio @ ISO/IEC 2010 - All rights reserved I without license from IHS Not for Resale ISO/IEC 27033-3:2010(E) Contents Page Foreword .iv 1 Scope.. 2 Normative references... : Terms and definitions .. 4 Abbreviated terms.... 5 Structure.... .3 6 Overview.. 7 Internet access services for employees 7.1 Background... 7.2 Security threats 7.3 Security design techniques and controls. 8 Business to business services ... 8.1 8.2 Security threats .. .9 8.3 Security design techniques and controls ... 10 9 Business to customer services ... 11 9.1 Background.... 11 9.2 9.3 10 Enhanced collaboration services . 13 10.1 10.2 Security threats 14 10.3 Security design techniques and controls.. 14 11 Network segmentation .... 15 11.1 15 11.2 Security threats ... 11.3 Security design techniques and controls... .15 12 Networking support for home and small business offices..... 12.1 Background.. 16 12.2 Security threats 16 12.3 Security design techniques and controls. 13 Mobile communication... 18 13.1 Background... 13.2 Security threats ..18 13.3 Security design techniques and controls. 19 14 Networking support for travelling users ... 20 14.1 Background... 20 14.2 .20 14.3 15 Outsourced services. .21 15.1 15.2 Security threats .. .21 15.3 Security design techniques and controls. 22 Annex A (informative) An Example Internet Use Policy... 23 Annex B (informative) Catalogue of Threats ....... Copyright IntemationalOorganzatinfrstandadization All rights reserved ili ted withoutlicensefromIHS Not for Resale