The first line of defense against security threat is usually: Perimeter router, includes configuration of the perimeter. By disabling services and logging, network security can be more secure.
Some services which are rarely used like: CDP, finger, and TCP and UDP can be disable to secure the network even further. Hackers might make use of these service's security issue to try and gain unauthorized access into the network or get the network information.
Event logging is also important for security purpose, to reference is any security issues 'pop' out.
Interface status change, changes to system configuration, access list matches, events detected by the firewall, and intrusion detection features are some things that are log. Most routers are able to save system
logging information to a local RAM buffer.
There are different types of router configuration. Patches & Updates which means we have to stay updated to the latest patch and update. Protocols which means by using ingress and egress filtering, or screen ICMP traffic from internal network to counter protocol level attack. Administrative access which means deciding which interface and ports administration connection is allowed. Restricting access to the specific interfaces and ports, and encrypting them, having countermeasures against hijacking into these interfaces.
No comments:
Post a Comment