Flylib.com

Books Software

 
 
 

Category list


Similar pages

Part III: Appendixes


Buy on amazon.com >>
Abelar G.
    << Previous page
    Table of contents
    Next page >>

    Part III: Appendixes

     

    Appendix A Deploying Effective Security Management

     

    Appendix B ASA/PIX Version 7 Advanced Features

     

    Appendix C ASA/PIX Version 7 and ASDM Software Recovery


    Appendix A. Deploying Effective Security Management

    This appendix provides a short summary of security best practices for you to use when deploying the ASA/PIX Security Appliance in your network.

    This appendix addresses the following topics:

    • Layer 2 Best Practices - Guidelines on how to mitigate network sniffing and other Layer 2 attacks in your network.

    • Authentication Best Practices - Guidelines on how to strengthen you authentication profile.

    • Perimeter Best Practices - Guidelines on how to apply access rules in your network.

    • Intrusion Prevention Best Practices - Guidelines on applying intrusion prevention software.

    • Host Intrusion Prevention Best Practices - Guidelines on effective management of host intrusion prevention.

    • VPN Best Practices - Guidelines for strengthening your VPN deployment.

    • Event Logging Best Practices - Guidelines on how to deploy event logging in your network.

    Congratulations! If you have followed the steps outlined in this book, the layers of defense in depth should be effectively deployed.

    This appendix highlights some of the best practices that have been discussed in previous chapters as well as some additional best practices that you can implement to improve the security posture of your network. Many of the concepts presented in this appendix are covered in detail in the white paper titled "SAFE: A Security Blueprint for Enterprise Networks" located on the Cisco website at http://www.cisco.com/go/safe.

    This appendix is a summary by design. The hope is that you can go directly to any topic and immediately find best practice information for any security technology addressed in the previous chapters.


    Layer 2 Best Practices

    Layer 2 (network switching) is beyond of the scope of this book and, therefore, has not been addressed in great detail. However, it is very important to the deployment of your network from both an architectural and a security standpoint.

    From a physical standpoint, Layer 2 is generally implemented by a network switch. Switches are used to connect devices on the network. For example, on the inside of your network, you might have 20 PCs. To connect those PCs to each other and then to the Internet, you need to plug them into a switch. The switch is the glue that connects all the network wire.

    From a security standpoint, a switch should keep each device on the network from seeing data going to or from another device. By default, switches do just that -they prevent one device from seeing the packets destined for another device. Unfortunately, switches might be misconfigured or compromised by a Layer 2 attack. If a switch is misconfigured, it could allow traffic for one or all PCs to be seen by other systems on the network.

    You might be asking yourself how a hacker can gain access to your inside network to compromise a Layer 2 switch with all of this security that you put in place. The answer is simple. A hacker could be

    • Someone in your company already on the network

    • A trusted vendor

    • Someone who walked into your office posing as a vendor

    • Someone who bypassed your physical security and plugged into your network

    • A hacker who compromised any inside host in your network by using a directed attack, a worm, a Trojan, or a web or e-mail virus

    If your switch is compromised, a hacker could easily see all the data that goes across your network, including the following:

    • Confidential e-mail

    • Usernames and passwords

    • Device configurations

    • Customer data

    • Database queries on web data

    • Chat data

    • Employee data

    • Company patents or confidential projects

    • Financial information

    Essentially, a hacker can "own" your network and own your corporate and customer information if Layer 2 is compromised.

    You need to ensure that all Layer 2 devices on your network are locked down. It is recommended that you read the document titled "SAFE:L2 Application Note" located at http://www.cisco.com/go/safe. If you follow these best practices, you will ensure that the security posture of your switches is such that a hacker would have a difficult time getting access.


    Buy on amazon.com >>
    Abelar G.
      << Previous page
      Table of contents
      Next page >>

      Similar products

      Similar products

       
      flylib.com © Copyright 2008-2013. All Rights Reserved.
      if you may any questions please contact us: flylib@qtcs.net
      Privacy policy