Download presentation
Presentation is loading. Please wait.
Published byMartin Owens Modified over 9 years ago
1
Enterprise Network Security Accessing the WAN Lecture week 4
2
Objectives General methods to mitigate security threats to Enterprise networks Configure Basic Router Security Explain how to disable unused Cisco router network services and interfaces Explain how to use Cisco SDM Manage Cisco IOS devices
3
Why Network Security is Important?
4
The Closed Network
5
The Network Today
6
Achieving the right balance
7
Most common security threats
8
Common types of network attacks
9
Reconnaissance Attacks
10
Access Attacks
11
DoS/DDoS Attacks
12
Malicious Code Attacks A worm executes code and installs copies of itself in the memory of the infected computer, which can, in turn, infect other hosts. A virus is malicious software that is attached to another program for the purpose of executing a particular unwanted function on a workstation.
13
Common mitigation techniques
14
Common mitigation techniques (contd)
15
Common Security Appliances and Applications
16
The Security Wheel - Secure
17
The Security Wheel - Monitor
18
The Security Wheel - Test
19
The Security Wheel - Improve
20
Goals of a comprehensive security policy in an organization
21
Enterprise Network Security 4.2 Securing Cisco Routers
22
Routers’ role in Network Security
23
Basic Router Security
24
Configure Basic Router Security
25
Implementing SSH to Secure Remote Administrative Access
26
Login Router Activity
27
Enterprise Network Security 4.3 Vulnerable Router Services and Interfaces
28
Disable Unused Services and Interfaces
29
no service tcp-small-servers no service udp-small-servers no ip http server no cpd run
30
SNMP, NTP, and DNS Vulnerabilities
31
Enterprise Network Security 4.3 Securing Routing Protocols
32
Routing Protocol Authentication Routing systems can be attacked in two ways: Disruption of peers (reset) Falsification of routing information
34
Using password authentication
35
Configuring RIPv2 with Authentication
36
Configuring EIGRP with Authentication
37
Configuring OSPF with Authentication
38
Locking router with Auto secure command
39
Enterprise Network Security 4.4 Using Cisco SDM
40
Security Device Manage
41
Configuring router to use Cisco SDM
42
Start SDM
43
Cisco SDM Interface
44
Commonly used Cisco SDM wizards
45
Locking down your router with SDM
46
Enterprise Network Security 4.5 Secure Router Management
47
IOS Maintenance Periodically, the router requires updates to be loaded to either the operating system or the configuration file. These updates are necessary to fix known security vulnerabilities, support new features that allow more advanced security policies, or improve performance
48
File systems used by a Cisco router
49
Backup and upgrade a Cisco IOS image Router#copy tftp flash: Address or name of remote host []? Router#sh flash: -#- --length-- -----date/time------ path 1 25678740 Mar 31 2010 06:36:00 +00:00 c1841-adventerprisek9-mz.124-16a.bin 2 685 Apr 14 2008 20:25:10 +00:00 pre_autosec.cfg 6250496 bytes available (25686016 bytes used)
50
Back up and upgrade Cisco IOS software images using a network server
51
Recover a Cisco IOS software image
52
Cisco IOS Troubleshooting
53
Recover the enable password and the enable secret passwords
54
Summary Security Threats to an Enterprise network include: –Unstructured threats –Structured threats –External threats –Internal threats Methods to lessen security threats consist of: –Device hardening –Use of antivirus software –Firewalls –Download security updates
55
Summary Basic router security involves the following: –Physical security –Update and backup IOS –Backup configuration files –Password configuration –Logging router activity Disable unused router interfaces & services to minimize their exploitation by intruders Cisco SDM –A web based management tool for configuring security measures on Cisco routers
56
Summary Cisco IOS Integrated File System (IFS) –Allows for the creation, navigation & manipulation of directories on a cisco device
57
Thank You
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.