Home > Hardware > Cisco System



NSA/SNAC RSCG Executive Summary Card

Sort Desciption:

... Version 1.1 i Executive Summary This card is a supplement to the NSA/SNAC Router Security Configuration Guide version 1.1. It describes quick but effective ways to tighten the security of a Cisco router ...



Content Inside:

NSA/SNAC Router Security Configuration Guide Executive Summary Card Version 1.1 i Executive Summary This card is a supplement to the NSA/SNAC Router Security Configuration Guide version 1.1.  It describes quick but effective ways to tighten the security of a Cisco router, along with some important general principles for maintaining good router security.  For more information, consult the sections of the main guide listed with each recommendation. General Recommendations 1. Create and maintain a written router security policy.  The policy should identify who is allowed to log in to the router, who is allowed to configure and update it, and should outline the logging and management practices for it. [Section 3.4] 2. Comment and organize offline master editions of your router configuration files! This sounds fluffy despite being a big security win.  Also, keep the offline copies of all router configurations in sync with the actual configurations running on the routers.  This is invaluable for diagnosing suspected attacks and recovering from them. [Section 4.1] 3. Implement access lists that allow only those protocols, ports and IP addresses that are required by network users and services, and that deny everything else. [Section 3.2, 4.3] 4. Run the latest available General Deployment (GD) IOS version. [Sections 4.5.5, 8.3] 5. Test the security of your routers regularly, especially after any major configuration changes.  [Section 6] Specific Recommendations:  Router Access 1. Shut down unneeded services on the router.  Servers that are not running cannot break.  Also, more memory and processor slots are available. Start by running the show proc command on the router, then turn off clearly unneeded facilities and services.  Some servers that should almost always be turned off and the corresponding commands to disable them are listed below. ...

Source: nsa2.www.conxion.com


add to Google Reader add to Google Bookmark add to bloglines add to newsgator add to FURL add to digg add to webnews add to Netscape add to Yahoo MyWeb add to spurl.net add to diigo Bookmark newsvine Bookmark del.icio.us Bookmark @ SIMPIFY Bookmark MISTER WONG Bookmark Linkarena Bookmark icio.de Bookmark oneview Bookmark folkd.com Bookmark yigg.de Bookmark reddit Bookmark StumbleUpon Bookmark Slashdot Bookmark blinklist Bookmark technorati add to blogmarks add to blinkbits add to ma.gnolia add to smarking.com add to netvouz add to co.mments add to Connotea add to de.lirio.us

 

Related Files

Introduction to Router Configuration

Filed under: Hardware and Cisco System
CHAPTER 1-1 Cisco 1700 Series Router Software Configuration Guide 78-5407-03 1 Introduction to Router Configuration If you understand Cisco IOS software (the software that runs your router) and you ...

Cisco 1751 Router Software Configuration Guide

Filed under: Hardware and Cisco System
170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Cisco Systems, Inc. Corporate Headquarters Tel: 800 553-NETS (6387) 408 526-4000 Fax: 408 526-4100 Cisco 1751 Router Software ...

Cisco Systems Corporate Timeline

Filed under: Hardware and Cisco System
found Cisco Systems. The company is named for San Francisco gateway to the ...... Cisco Systems announces groundbreaking 12000 Terabit System. (Dec 99) ...

Global Network Solutions

Filed under: Hardware and Cisco System
Cisco Systems corporate headquarters in San Jose California. Cisco Systems ... Cisco Systems is sure to turn heads with this stateofthe ...

Cisco SPA 2100 Phone Adapter Installation Manual

Filed under: Hardware and Cisco System
1 Cisco SPA 2100 Phone Adapter Installation Manual Installation of the Cisco SPA 2100 Phone Adapter to NationPhone Index P. 1 Index, before you begin, and what is included P.2 Installing the ...