Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Enterprise Network Security Accessing the WAN – Chapter 4.

Published byBaldwin Skinner Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Enterprise Network Security Accessing the WAN – Chapter 4."— Presentation transcript:

1 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Enterprise Network Security Accessing the WAN – Chapter 4

2 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 2 Objectives  Describe the general methods used to mitigate security threats to Enterprise networks  Configure Basic Router Security  Explain how to disable unused Cisco router network services and interfaces  Explain how to use Cisco SDM  Manage Cisco IOS devices

3 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 3

4 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 4

5 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 5

6 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 6 Reconnaissance (also scouting) is a military and medical term denoting exploration conducted to gain information.

7 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 7

8 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 8

9 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 9

10 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 10 What is a Security Policy?  A statement of rules by which people are given access to an organization’s technology and information assets to which they must abide

11 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 11 Functions of a Security Policy  Protects people and information  Sets rules for specific behavior by users, system administrators, management and security personnel  Authorizes security personnel to monitor, probe and investigate  Defines and authorizes the consequences of violators

12 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 12

13 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 13

14 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 14 Applying Cisco IOS Security Features to Routers 1.Manager router security 2.Secure remote administrative access to routers 3.Logging router activity 4.Secure venerable router services and interfaces 5.Secure router protocols 6.Control and filter network traffic

15 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 15 Passphrase Examples “All people seem to need data processing” Apstndp “My favourite spy is James Bond 007” Mfsijb007 “It was the best of time, it was the worst of times” iwtbotiwtwot “Fly me to the moon and let me play among the start” fmttmalmpats

16 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 16

17 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 17

18 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 18 Venerable Router Services

19 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 19 Venerable Router Services

20 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 20 Venerable Router Services

21 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 21 Venerable Router Services

22 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 22 Venerable Router Services

23 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 23 Venerable Router Services

24 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 24 Venerable Router Services

25 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 25 Venerable Router Services

26 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 26 Venerable Router Services

27 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 27 Venerable Router Services

28 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 28

29 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 29 SNMP, NTP, and DNS Vulnerabilities Protocol  SNMP  NTP  DNS Vulnerability Versions 1 & 2 pass management information & community strings (passwords) in clear text Leaves listening ports open and vulnerable Can help attackers connect IP addresses to domain names

30 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 30

31 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 31

32 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 32 Security Device Manager (SDM)

33 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 33 Cisco SDM Features  Imbedded web-based management tools  Intelligent wizards  Tools for more advanced users ACL VPN Crypto map editor Cisco IOS CLI preview

34 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 34

35 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 35

36 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 36

37 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 37

38 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 38

39 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 39

40 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 40

41 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 41

42 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 42

43 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 43

44 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 44

45 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 45 Cisco IOS Troubleshooting Commands SHOW Static Low overhead Gather facts DBUG Dynamic High overhead Observe Processes Processing Characteristic Processing load Primary use

46 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 46

47 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 47 Summary  Security Threats to an Enterprise network include: –Unstructured threats –Structured threats –External threats –Internal threats  Methods to lessen security threats consist of: –Device hardening –Use of antivirus software –Firewalls –Download security updates

48 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 48 Summary  Basic router security involves the following: –Physical security –Update and backup IOS –Backup configuration files –Password configuration –Logging router activity  Disable unused router interfaces & services to minimize their exploitation by intruders  Cisco SDM –A web based management tool for configuring security measures on Cisco routers

49 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 49 Summary  Cisco IOS Integrated File System (IFS) –Allows for the creation, navigation & manipulation of directories on a cisco device

50 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 50

Download ppt "© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Enterprise Network Security Accessing the WAN – Chapter 4."

Similar presentations

Operating and Configuring Cisco IOS Devices © 2004 Cisco Systems, Inc. All rights reserved. Operating Cisco IOS Software INTRO v2.0—8-1.

Operating and Configuring Cisco IOS Devices © 2004 Cisco Systems, Inc. All rights reserved. Operating Cisco IOS Software INTRO v2.0—8-1.
Managing Your Network Environment © 2004 Cisco Systems, Inc. All rights reserved. Managing Cisco IOS Devices INTRO v2.0—9-1.

Managing Your Network Environment © 2004 Cisco Systems, Inc. All rights reserved. Managing Cisco IOS Devices INTRO v2.0—9-1.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Inter- VLAN Routing LAN Switching and Wireless – Chapter 6.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Inter- VLAN Routing LAN Switching and Wireless – Chapter 6.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 VLANs LAN Switching and Wireless – Chapter 3.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 VLANs LAN Switching and Wireless – Chapter 3.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 VLANs LAN Switching and Wireless – Chapter 3.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 VLANs LAN Switching and Wireless – Chapter 3.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Troubleshooting the Network Connecting Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Troubleshooting the Network Connecting Networks.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 LAN Connections Using the Cisco SDM.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 LAN Connections Using the Cisco SDM.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Configuring and Testing Your Network Network Fundamentals – Chapter 11.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Configuring and Testing Your Network Network Fundamentals – Chapter 11.
Enterprise Network Security Accessing the WAN Lecture week 4.

Enterprise Network Security Accessing the WAN Lecture week 4.
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.

© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 Configuring Network Devices Working at a Small-to-Medium Business or ISP – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 Configuring Network Devices Working at a Small-to-Medium Business or ISP – Chapter.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 LAN Switching and Wireless Implement Inter-VLAN Routing Chapter 6 Modified.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 LAN Switching and Wireless Implement Inter-VLAN Routing Chapter 6 Modified.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Exploring the Enterprise Network Infrastructure Introducing Routing and Switching.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Exploring the Enterprise Network Infrastructure Introducing Routing and Switching.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 Module Summary  Cisco routers operate at Layer 3, and their function is path determination.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 Module Summary  Cisco routers operate at Layer 3, and their function is path determination.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Enterprise Network Security Accessing the WAN – Chapter 4.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Enterprise Network Security Accessing the WAN – Chapter 4.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Enterprise Network Security Accessing the WAN – Chapter 4.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Enterprise Network Security Accessing the WAN – Chapter 4.

Similar presentations

Ads by Google