** About Us > Briefing Papers > GCSx: Code of Connection The Government Connect Secure Extranet gives local authorities in England and Wales secure connection to a range of organisations - if they comply to the Code of Connection. We look at issues of user authentication and event log handling. * GCSx The Government Connect Secure Extranet (GCSx) is a trusted network for all local authorities in England and Wales, allowing secure data sharing up to RESTRICTED level. As part of the GSi family, it also provides gateways to central government networks and those of the NHS and the police. Among the benefits of this network are a secure e-mail relay service, data sharing, collaboration and joint working, outbound web browsing and support for closed user groups. The network itself is scalable and cost effective, and supports aggregated connectivity, so that several local authorities can share a single physical connection on to GCSx. (See the Government Connect web site for more on GCSx and related networks.) * Connection and Compliance The security of GCSx can only be maintained, however, by ensuring that all network endpoints are at a satisfactory level of security - the value of the network as a whole would be diminished by the connection of an authority with an infrastructure that could not be trusted by its peers. Getting connected to GCSx therefore depends on compliance to a Code of Connection (CoCo), drawn up with input from CESG and aligned to ISO 27001, specifying minimum standards and processes to which a local authority must adhere. Approximately 300 authorities had an approved code of connection at the time of writing (July 2009). Many of the issues addresses by the code are procedural, but there are two technical matters that will be familiar to anyone managing a large network with a wide range of users and patterns of working. These are the need to have a strong, reliable means of identifying users and finding a solid repository for security log and event data. * Reliable Authentication The requirement to identify users reliably is met by implementing two-factor authentication. The first factor - "something you know" - is the familiar system password, but setting up the second - "something you have" - takes real effort. Although this is nominally a security issue, there are real budget and operational concerns. An implementation needs to have a small footprint, avoid major user disruption, minimise cost and keep a tight rein on support overheads. IDsec's solution is based on RSA SecurID tokens. These are very well established in the market, with millions of users and a 20-year development history. Part of their success is the simplicity of the underlying approach: every 60 seconds the token produces a new, unpredictable numeric code that can be checked by the login process against an authentication server. This provides strong network security, and RSA's implementation has proved reliable and convenient for users. * Event Handling and Log Storage Gathering, storing and presenting security event data is another important part of the CoCo requirements. This means keeping control over all the security-relevant log data generated by various systems and devices on the network, and putting them into secure storage for future analysis and reporting. We offer the RSA enVision range of appliances, a scalable solution for secure event collection and management, based on off-the-shelf appliances. For all but the largest enterprises, a single appliance can carry out the whole job: capturing events, carrying out real-time and historical analysis and providing long-term data storage. For large enterprises and ISPs, dedicated logging devices can be used to create a fully scalable solution, handling more than 300,000 events per second. * IDsec Experience IDsec has a solid track record of implementing and supporting secure authentication and logging systems, across all sectors. We have provided a local authority in the North of England with a two-factor authentication system based on SecurID. This has helped them meet their CoCo requirements. For central government, we have installed a security event management system based on RSA enVision. In the private sector we have supplied these products to the telecommunications, finance and energy industries. Our staff have full RSA training in SecurID and enVision. * Pricing In partnership with RSA, we can offer special pricing to local authorities that need to meet GCSx connection requirements. This is only available for a limited period: call us now to find out more. * Other Services IDsec is also active in other areas of IT security, including intrusion detection and protection (IDS and IPS), penetration testing, managed services and training. * About Us IDsec is an independent company specialising in network security, and has provided penetration tests and intrusion detection systems since 1997. We can assess the security of your enterprise and advise on long-term protection: as we have for a range of blue-chip clients in the banking, telecoms, manufacturing and utility sectors. IDsec Limited 31-33 College Road, Harrow, Middlesex HA1 1EJ, United Kingdom T: +44 20 8861 2001 F: +44 20 8861 3433 W: www.idsec.co.uk All prices exclude VAT and are subject to confirmation. Copyright (C) 2009 IDsec Limited about/briefings/coco.txt 20091019 (5.09)