Information Technology Reference
In-Depth Information
Digital signatures use a related cryptography method that digitally signs the packet data.
A signer creates the signature using a key that is unique and known only to the original
signer. Recipients of the message can check the signature by using the signature verifica-
tion key. The cryptography inherent in digital signatures guarantees accuracy and authen-
ticity because the originator signed it. Financial businesses rely on digital signatures to
electronically sign documents and also to prove that the transactions did in fact occur.
Keep in mind the following data integrity guidelines:
Analyze the need for transmission integrity.
■
Factor in performance, but use the strongest cryptography.
■
Always use well-known cryptographic algorithms.
■
As part of the Cisco SAFE security reference architecture, threat defense enhances the se-
curity in the network by adding increased levels of security protection on network de-
vices, appliances, and endpoints. Both internal and external threats have become much
more destructive than in the past. DoS attacks, man-in-the-middle attacks, and Trojan
horses have the potential to severely impact business operations. The Cisco Threat De-
fen s e System (Cis co TDS) prov ide s a st rong defen s e ag ain st the s e inter nal and ex ter nal
threats.
Threat defense has three main areas of focus:
Enhancing the security of the existing network:
Preventing loss of downtime,
revenue, and reputation
■
Adding full security services for network endpoints:
Securing servers and desk-
tops endpoints with Cisco Network Admission Control (NAC)
■
Enabling integrated security in routers, switches, and appliances:
Security
techniques enabled throughout the network, not just in point products or locations
■
Physical Security
During your security implementations, it is essential to incorporate physical security to
increase the strength of the overall security design. Physical security helps protect and re-
strict access to network resources and physical network equipment. Sound security poli-
cies must defend against potential attacks that can cause loss of uptime or reputation, or
even revenue impacts.
Here are some considerations for potential physical threats:
Vulnerabilit ie s inherent in s ystem s when at tacker s acce s s the hardware direc tly
through console access or untrusted software.
■
Access to the network, allowing attackers to capture, alter, or remove data flowing in
the network.
■
Attackers may use their own hardware, such as a laptop or router, to inject malicious
traffic onto the network.
■
