Enterprise Network Security Accessing the WAN Lecture week 4

Objectives General methods to mitigate security threats to Enterprise networks Configure Basic Router Security Explain how to disable unused Cisco router network services and interfaces Explain how to use Cisco SDM Manage Cisco IOS devices

Why Network Security is Important?

The Closed Network

The Network Today

Achieving the right balance

Most common security threats

Common types of network attacks

Reconnaissance Attacks

Access Attacks

DoS/DDoS Attacks

Malicious Code Attacks A worm executes code and installs copies of itself in the memory of the infected computer, which can, in turn, infect other hosts. A virus is malicious software that is attached to another program for the purpose of executing a particular unwanted function on a workstation.

Common mitigation techniques

Common mitigation techniques (contd)

Common Security Appliances and Applications

The Security Wheel - Secure

The Security Wheel - Monitor

The Security Wheel - Test

The Security Wheel - Improve

Goals of a comprehensive security policy in an organization

Enterprise Network Security 4.2 Securing Cisco Routers

Routers’ role in Network Security

Basic Router Security

Configure Basic Router Security

Implementing SSH to Secure Remote Administrative Access

Login Router Activity

Enterprise Network Security 4.3 Vulnerable Router Services and Interfaces

Disable Unused Services and Interfaces

no service tcp-small-servers no service udp-small-servers no ip http server no cpd run

SNMP, NTP, and DNS Vulnerabilities

Enterprise Network Security 4.3 Securing Routing Protocols

Routing Protocol Authentication Routing systems can be attacked in two ways: Disruption of peers (reset) Falsification of routing information

Using password authentication

Configuring RIPv2 with Authentication

Configuring EIGRP with Authentication

Configuring OSPF with Authentication

Locking router with Auto secure command

Enterprise Network Security 4.4 Using Cisco SDM

Security Device Manage

Configuring router to use Cisco SDM

Start SDM

Cisco SDM Interface

Commonly used Cisco SDM wizards

Locking down your router with SDM

Enterprise Network Security 4.5 Secure Router Management

IOS Maintenance Periodically, the router requires updates to be loaded to either the operating system or the configuration file. These updates are necessary to fix known security vulnerabilities, support new features that allow more advanced security policies, or improve performance

File systems used by a Cisco router

Backup and upgrade a Cisco IOS image Router#copy tftp flash: Address or name of remote host []? Router#sh flash: -#- --length date/time path Mar :36:00 +00:00 c1841-adventerprisek9-mz a.bin Apr :25:10 +00:00 pre_autosec.cfg bytes available ( bytes used)

Back up and upgrade Cisco IOS software images using a network server

Recover a Cisco IOS software image

Cisco IOS Troubleshooting

Recover the enable password and the enable secret passwords

Summary Security Threats to an Enterprise network include: –Unstructured threats –Structured threats –External threats –Internal threats Methods to lessen security threats consist of: –Device hardening –Use of antivirus software –Firewalls –Download security updates

Summary Basic router security involves the following: –Physical security –Update and backup IOS –Backup configuration files –Password configuration –Logging router activity Disable unused router interfaces & services to minimize their exploitation by intruders Cisco SDM –A web based management tool for configuring security measures on Cisco routers

Summary Cisco IOS Integrated File System (IFS) –Allows for the creation, navigation & manipulation of directories on a cisco device

Thank You