Enterprise Network Security
-
Upload
melyssa-bauer -
Category
Documents
-
view
31 -
download
0
description
Transcript of Enterprise Network Security
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE I Chapter 6 1
Enterprise Network Security
Accessing the WAN – Chapter 4
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 2
Describe the General Methods used to Mitigate Security Threats to Enterprise Networks Sophisticated attack tools and open networks have
created an increased need for network security and dynamic security policies
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 3
Describe the General Methods used to Mitigate Security Threats to Enterprise Networks Common security threats and how they impact
enterprises
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 4
Describe the General Methods used to Mitigate Security Threats to Enterprise Networks
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 5
Describe the General Methods used to Mitigate Security Threats to Enterprise Networks Common mitigation techniques that enterprises use to
protect themselves against threats
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 6
Describe the General Methods used to Mitigate Security Threats to Enterprise Networks Network Security Wheel
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 7
Describe the General Methods used to Mitigate Security Threats to Enterprise Networks The goals of a comprehensive security policy in an
organization
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 8
Configure Basic Router Security Why the security of routers and their configuration
settings is vital to network operation
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 9
Configure Basic Router Security The recommended approach to applying Cisco IOS
security features on network routers
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 10
Configure Basic Router Security The basic security measures needed to secure Cisco
routers
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 11
Explain How to Disable Unused Cisco Router Network Services and Interfaces The router services and interfaces that are vulnerable
to network attack
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 12
Explain How to Disable Unused Cisco Router Network Services and Interfaces The vulnerabilities posed by commonly configured
management services
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 13
Explain How to Disable Unused Cisco Router Network Services and Interfaces Secure a router with the command-line interface (CLI)
auto secure command
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 14
Explain How to Use Cisco SDM
Configure a router to use Cisco SDM
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 15
Explain How to Use Cisco SDM
The steps you follow to start SDM
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 16
Explain How to Use Cisco SDM
The Cisco SDM Interface
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 17
Explain How to Use Cisco SDM
The commonly used Cisco SDM wizards
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 18
Explain How to Use Cisco SDM
Use Cisco SDM for locking down your router
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 19
Manage Cisco IOS Devices
The file systems used by a Cisco router
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 20
Manage Cisco IOS Devices
Backup and upgrade a Cisco IOS image
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 21
Manage Cisco IOS Devices
Back up and upgrade Cisco IOS software images using a network server
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 22
Manage Cisco IOS Devices
How to recover a Cisco IOS software image
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 23
Manage Cisco IOS Devices
How to recover the enable password and the enable secret passwords
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 24
Summary Security Threats to an Enterprise network include:
–Unstructured threats
–Structured threats
–External threats
–Internal threats
Methods to lessen security threats consist of:–Device hardening
–Use of antivirus software
–Firewalls
–Download security updates
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 25
Summary
Basic router security involves the following:–Physical security
–Update and backup IOS
–Backup configuration files
–Password configuration
–Logging router activity
Disable unused router interfaces & services to minimize their exploitation by intruders
Cisco SDM–A web based management tool for configuring security measures on Cisco routers
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 26
Summary
Cisco IOS Integrated File System (IFS)–Allows for the creation, navigation & manipulation of directories on a cisco device