Information Technology Reference
In-Depth Information
In network switching infrastructure, use ARP inspection and DHCP snooping.
■
In network switching infrastructure, use Control Plane Policing (CoPP).
■
Use AAA for access control management.
■
Enable syslog collection; review the logs for further analysis.
■
Use Simple Network Management Protocol Version 3 (SNMPv3) for its security and
privacy features.
■
Disable unused network services, such as tcp-small-servers and udp-small-servers.
■
Use FTP or SFTP rather than TFTP to manage images.
■
Use access classes to restrict access to management and the command-line inter-
face (CLI).
■
Enable routing protocol authentication when available (Enhanced Interior Gateway
Routing Protocol [EIGRP], Open Shortest Path First [OSPF] Protocol, Intermediate
System-to-Intermediate System [IS-IS], Border Gateway Protocol [BGP], Hot Standby
Router Protocol [HSRP], VLAN Trunking Protocol [VTP]).
■
Use one-step lockdown in Security Device Manager (SDM) before connecting the
router to the Internet.
■
Security management solutions are used to monitor, control, and support the network in-
frastructure. These same tools can be helpful during network audits and can save adminis-
trators a considerable amount of time.
Security management solutions provide the following:
Key
To p i c
Collects, interprets, and presents information
■
Provisions network security policies for deployment
■
Maintains consistency by tracking policy changes
■
Monitors account activity and provides role-based access control (RBAC)
■
A strong security implementation is only as good as the policies that are used. One of
the biggest risks with a good security implementation is policy error. The network op-
erations personnel need to fully understand the security policies, processes, and tools
so that they can respond quickly when a security incident arises.
