In describing these
general principles, the chapter focuses on routers, switches, firewalls, concentrators, and intrusion-detection
devices. The chapter describes a number of important security tasks, including accessing methods and controls,
hardening configuration, identifying unwanted services, managing devices, and monitoring and auditing
services. Device-specific features available for administration devices such as firewalls, concentrators, and
Intrusion Prevention Systems (IPS) are also discussed. The last part of the chapter presents a basic checklist for
device security.
Device Security Policy
As discussed in Chapter 1, "Overview of Network Security," security policies are of utmost importance. They are
a set of rules, practices, and procedures that dictate how sensitive information is managed, protected, and
distributed. Among several types of policies, one is developed to establish the rules for protecting devices.
Cisco devices such as routers, switches, firewalls, and concentrators are an integral part of the network, and
securing these devices is an essential part of the overall network security policy.
An organization must have a device security policy that dictates the rules to protect device access and access
control.
Pages:
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112