A Network object is used to represent a network area/zone. All hosts connected to the same network can communicate with each other without any restrictions in communication. If hosts are restricted to communicate with each other, they should be connected to different network objects in the model.


Network and Neighboring Objects
Network and Neighboring Objects


HostConnectionA connection to a Host object denotes that a host has a logical connection to this particular network.A missing connection to a Host prevents compromise through Hosts.
Vulnerability ScannerAuthenticated ScanTells that there is a VilnerabilityScanner with login credentials monitoring the Hosts connected to this Network.A missing Vulnerability Scanner increases the risk of FindUnknownService and FindExploitForPublicPatchableVulnerability.
Vulnerability ScannerUnauthenticated ScanTells that there is a VulnerabilityScanner with no login credentials monitoring the Hosts connected to this Network by using "external" scans.A missing Vulnerability Scanner increases the risk of FindUnknownService and FindExploitForPublic- PatchableVulnerability.
DataflowCommunicationAn association to a Dataflow denotes that the Dataflow passes via the Network.A missing Dataflow association might make the calculation take a longer time (since the Dataflow association needs to be derived algorithmically instead).
Physical zonePhysical AccessA connection to a Physical Zone denotes that an attacker has physical access to the Network.A missing Physical Zone prevents compromise by physical access.
RouterAdministrationThe Router can be administered from this Network zone.An Attacker cannot DiscoverEntrance through an Administration Network.
RouterConnectionThis is a general connection for regular Network-Router-Network traffic.A missing Router between Networks indicates that there is no communication between them.
NetworkNetwork exposureDefines which Network the Service is accessible from.Mandatory if the Host hosting the Service is connected to more than one Network.
Zone ManagementManagementA connection to a Zone Management indicated that there are some maintenance routines regarding security that are practiced on this part of the network which applies to all Hosts on the Network.A missing Zone Management might increase the risk of finding an unknown service, and make it possible to attack a non-patched (but patchable) vulnerability.

Attack Steps and Defenses

Network Attack Steps and Defenses
Network Attack Steps and Defenses


Attack StepDescriptionLeads to
ARPCachePoisoningThe possibility to trick users/hosts/clients/dataflows to communicate with unintended systems. Gives access to Dataflows.Network: DenialOfService
Dataflow: Access
CompromiseThe possibility to control/own it.Network: DenialOfService
Network: DNSSpoof
Service: Connect
UnknownService: Identify
Datastore: Read
Datastore: Write
DNSSpoofThe possibility to pretend being a DNS but providing malicious information. Gives access to Dataflows.Dataflow: Access
DenialOfServiceThe possibility to block the network. (The communication medium.)Dataflow: DenialOfService


DNSSecDNSSEC adds authentication to communication through digital signatures. The purpose of enabling DNSSEC is to protect the network against DNS spoofing attack where the DNS cache is tampered with.Prevents DNSSpoof.Off
PortSecurityPort Security (or Port-, MAC- binding) does not allow MAC addresses associated to a port to change. This prevents MAC- cloning and spoofing.Can prevent Compromise when an Attacker has physical access.Off
StaticARPTablesAn ARP table maps IP addresses to physical MAC addresses. Static ARP Tables have static mappings which prevents ARP spoofing.Prevents ARPCachePoisioning.Off