Last week we discussed creating default setups for software. This week we will be discussing secure configurations of Network Devices. You guessed it firewalls, routers, and switches. This topic is something near and dear to my heart. I've spent a considerable amount of time over the last few weeks studying for a CCNA exam, but enough about my free time or lack thereof. Ok, so how do we configure network infrastructure securely. The first thing we can do establish a process for changes on the network. The next thing we can do is refer to that inventory of devices that we created earlier. We can then make sure that we know what versions of equipment software we are using. At this point we can check with our manufacturers and see if issues are present. After that we can make copies of all the configuration files. We can then review the files. I like to look for things like no console passwords, or unencrypted passwords in the config. Next, make sure you are using SSH or HTTPS for all management. This may not always be possible, but do your best. Lastly, and this is the most important, make sure you review the configs annually. As a bonus, while I realize this can get expensive find a way to log firewall and switch data. I recommend using Splunk for this!
No comments:
Post a Comment