Information Technology Reference
In-Depth Information
Keep in mind these physical security guidelines when designing physical security archi-
tectures:
Use physical access controls such as locks or alarms.
■
Evaluate potential security breaches.
■
Assess the impact of stolen network resources and equipment.
■
Use controls such as cryptography to secure traffic flowing on networks outside
your control.
■
Figure 12-12 shows some physical security threat locations that an attacker could poten-
tially exploit.
Public Networks:
Internet, PSTN, etc.
Attacker
Data Center/Server Farm
Roaming User
Headquarters
Figure 12-12
Physical Security Threats
Infrastructure Protection
The infrastructure needs to be protected using security features and services to meet the
growing needs of business without disruption. Infrastructure protection is the process of
taking steps to reduce the risks and threats to the network infrastructure and to maintain
the integrity and high availability of network resources.
By using best practices and a security policy, you can secure and harden the infrastructure
equipment to prevent potential attacks. To combat network threats, Cisco has enhanced
Cisco IOS with security features to support the secure infrastructure and increase the net-
work's availability.
Here are some recommended best practices for infrastructure protection:
Access network equipment remotely with SSH rather than with Telnet.
■
In network switching infrastructure, use BPDU Guard, Root Guard, and VLAN
Tr unk ing P rotocol (VTP) mode Tran s parent.
■
