CISCO: Network Security Baseline - [Review]

CISCO has developed the following technical document for strong network security based on his security framework, the Cisco Security Framework (CSF).

Now I'm going to share with all of you a brief introduction of the content of this paper.
What's Network Security Baseline?

This document is a support guide to strong network security based on CISCO Systems. This guide presents the fundamental network security elements that are key to developing a strong network security baseline, and it is designed to assist in this endeavour by outlining those key security elements that should be addressed in the first phase of implementing defense-in-depth.

The keys areas of security baseline:
  • Infrastructure Device Access
  • Routing Infrastructure
  • Device Resiliency and Survivability
  • Network Telemetry
  • Network Policy Enforcement
  • Switching Infrastructure
To prevent that default security settings become into a trouble, CISCO has developed this "security baseline" for hardening network facilitites in order to support network administrator in its labor.

In order to ensure a comprehensive solution, the Cisco Security Framework (CSF) is applied in the development of Network Security Baseline. CSF provides a comprehensive method of assessing and validating the security requirements of a system.

What's Cisco Security Framework?

The Cisco Security Framework (CSF) is a security operational process model aimed at ensuring network, and service, availability and business continuity. It is designed to identify current threat vectors through the use of best common practices and comprehensive solutions.

Cisco Security Framework (CSF).

Harden network infrastructure, isolate hosts and services, and enforce security policies. To achieve this total visibility and complete control, enforce network policy.

The Network Security Baseline presented may be used as a reference model during the initial assessment and gap analysis phases. It provides the minimum requirements for control and management protection. Strengths and weaknesses of real-world networks can be identified by comparing them against the baseline.

How to should I used this paper?

CISCO addresses the security configuration in each of key areas of security baseline matching with CSF Methodology. For each key areas the CSF Methodology is assessed and aplied where it highlight the technologies and features identified for baseline secure supported by Cisco IOS plattform.  In fact, all sample configurations in this paper are based on Cisco IOS platforms and features.

The follwing table is a sample of CSF Methodology assessment into "Infraestructure Device Access" area.

Table - Applying CSF Methodology in Infraestructura Device Access - Technology need to be hardening.

This is a great handbook for hardening a Network based on CISCO System, even you can get strong knwologedment in network security for applying in other devices.

If you are a network administrator and have something to do with Information Security, I highly recommend  you.

0 comentarios:

Publicar un comentario