Hardening your network infrastructure is going to be a long process that involves examining all your network infrastructure equipment and evaluating what vulnerabilities exist as well as identifying how to harden your equipment against those vulnerabilities. However, you can undertake six tasks to start making an immediate impact on the security of your network.
First, you must review your network design so that you know what you are dealing with. This will serve as a roadmap of what needs to be done. Next, you need to implement a firewall. A firewall is the best thing you can introduce into your environment to address security. After that, you should implement ACLs on your equipment. Restrict not only the traffic that can pass through the system, but also who has access to the system. At the same time, review all your network equipment and ensure that any unnecessary services and features have been turned off or disabled. Protocols like Spanning Tree Protocol are very good at what they do, but if you do not need that functionality, turn those features off. Although likely not in the realm of the network infrastructure engineer, virus protection can make your life much easier. Insist that virus protection be installed and configured on all systems in your enterprise. Also, make sure there is a regular schedule for updating the virus signatures and scanning engine to protect against new viruses. Last but not least, secure your wireless connections. Wireless today is really just an open door to your network, inviting unauthorized access to anyone who happens to be in range of your wireless access point. If you don t need wireless access, don t use it. If you do, make sure you have properly secured your wireless access points. If you aren t sure whether your wireless access points are secured, turn them off and start again.
Security is a complex process; however, these six tasks are all relatively easy to perform and will make an immediate and noticeable impact on your overall security posture .