Figure 3-1. Conceptual Layered View of Device Security
[View full size image]
A device security policy should define rules that spell out who, where, and how these devices will be accessed,
in terms of both administrative roles and network services. The device security policy must blend into the
overall framework of the high-level requirements of the network security policy.
Hardening the Device
Device hardening is one of the fundamental security modules that should be put into practice to protect the device from
unauthorized users and activity. An intruder gaining unauthorized access to a device relinquishes complete access to the
networks, and all other security measures taken become redundant.
This chapter describes several security features that are applicable in Cisco IOS Software. Some of these features may also applicable to other Cisco platforms such as Firewall and IDS. The later section of this chapter describes specific features available
on these non-IOS Cisco devices.
Physical Security
The facility (physical location) where devices are housed is in most cases the first and last barrier encountered by an intruder.
Physical security prevents intruders from gaining physical access to the devices, and this means hands-on contact.
Pages:
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115