Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Remote access typically involves allowing telnet, SSH connections to the router Remote requires.

Published byAugustine O’Neal’ Modified over 9 years ago

Similar presentations

Presentation on theme: "1 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Remote access typically involves allowing telnet, SSH connections to the router Remote requires."— Presentation transcript:

1 1 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Remote access typically involves allowing telnet, SSH connections to the router Remote requires that the device have enough networking services installed to be accessed across the network. More to follow. Electronic Access Controls

2 2 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Cisco issues new IOS versions and upgrades fairly frequently. If the IOS is not kept current then the device may be susceptible to information gathering and network attacks. The Cisco Product Security Incident Response Team (PSIRT) creates and maintains publications, commonly referred to as PSIRT Advisories, for security−related issues in Cisco products. Security advisories and responses are available at http://www.cisco.com/go/psirt Cisco IOS

3 3 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Cisco – PSIRT

4 4 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Loopback Address Banner Accounts Command Privilege Levels Passwords Management Ports AAA Network Services NTP SNMP Static Configuration Controls

5 5 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Network devices communicate using various management protocols, such as OSPF, EIGRP, STP, VTP, SNMP, TACACS. An internal virtual interface called a loopback interface should be defined and designated as the source interface for most traffic generated by the router itself. Loopback Address

6 6 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public A login banner should be set up on each operational network device. Banner

7 7 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public By default, no accounts established. Accounts can be established: On device (Login local) On AAA server. Cisco IOS releases support the RADIUS and TACACS+ Using AAA with a security server, access to network devices and network services can be controlled from a centralized location. Accounts

8 8 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Each administrator should have their own unique login user name for the router. User name is included in log messages. Only allow accounts that are required on the router. Review the running –config and verify that unique user- ids have been created for administrators and any users. Verify that the privilege level for the accounts is based on a need to know, least privilege basis. Accounts – Audit Steps

Download ppt "1 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Remote access typically involves allowing telnet, SSH connections to the router Remote requires."

Similar presentations

© 2003, Cisco Systems, Inc. All rights reserved..

© 2003, Cisco Systems, Inc. All rights reserved..
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 4: Routing Concepts Routing Protocols.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 4: Routing Concepts Routing Protocols.
Securing the Router Chris Cunningham.

Securing the Router Chris Cunningham.
Virtual LANs.

Virtual LANs.
CCNA2 Module 4. Discovering and Connecting to Neighbors Enable and disable CDP Use the show cdp neighbors command Determine which neighboring devices.

CCNA2 Module 4. Discovering and Connecting to Neighbors Enable and disable CDP Use the show cdp neighbors command Determine which neighboring devices.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing & Switching.
Managing Your Network Environment © 2004 Cisco Systems, Inc. All rights reserved. Managing Cisco IOS Devices INTRO v2.0—9-1.

Managing Your Network Environment © 2004 Cisco Systems, Inc. All rights reserved. Managing Cisco IOS Devices INTRO v2.0—9-1.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Troubleshooting the Network Connecting Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Troubleshooting the Network Connecting Networks.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing and Switching Essentials.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing and Switching Essentials.
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—4-1 Implement an IPv4-Based Redistribution Solution Lab 4-1 Debrief.

© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—4-1 Implement an IPv4-Based Redistribution Solution Lab 4-1 Debrief.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Configuring and Testing Your Network Network Fundamentals – Chapter 11.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Configuring and Testing Your Network Network Fundamentals – Chapter 11.
1 CCNA 2 v3.1 Module 4. 2 CCNA 2 Module 4 Learning about Devices.

1 CCNA 2 v3.1 Module 4. 2 CCNA 2 Module 4 Learning about Devices.
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.

Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
Enterprise Network Security Accessing the WAN Lecture week 4.

Enterprise Network Security Accessing the WAN Lecture week 4.
S6C12 - AAA AAA Facts. AAA Defined Authentication, Authorization, and Accounting Central Management of AAA –Information in a single, centralized, secure.

S6C12 - AAA AAA Facts. AAA Defined Authentication, Authorization, and Accounting Central Management of AAA –Information in a single, centralized, secure.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Securing Network Services.

© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Securing Network Services.
Network Security1 – Chapter 3 – Device Security (B) Security of major devices: How to protect the device against attacks aimed at compromising the device.

Network Security1 – Chapter 3 – Device Security (B) Security of major devices: How to protect the device against attacks aimed at compromising the device.
Verify that management VLAN has been reassigned. Verify that operational VLANs do not have access to the management VLAN. Verify that the ports in the.

Verify that management VLAN has been reassigned. Verify that operational VLANs do not have access to the management VLAN. Verify that the ports in the.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Configuring and Testing Your Network Network Fundamentals – Chapter 11 Final.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Configuring and Testing Your Network Network Fundamentals – Chapter 11 Final.
Privilege Levels Cisco IOS provides for 16 different privilege levels ranging from 0 to 15. Cisco IOS comes with 2 predefined user levels. User mode.

Privilege Levels Cisco IOS provides for 16 different privilege levels ranging from 0 to 15. Cisco IOS comes with 2 predefined user levels. User mode.

Similar presentations

Ads by Google