1 / 21

Auditing Cisco Routers and Firewalls

Auditing Cisco Routers and Firewalls. Presented by Ken Fishkin The Cohn Consulting Group kfishkin@jhcohn.com 973 228-3500 ext. 6541 Microsoft Certified Systems Engineer Cisco Security Specialist 1 Cisco Certified Network Associate Citrix Certified Administrator . November 7, 2002.

shiri
Download Presentation

Auditing Cisco Routers and Firewalls

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Auditing Cisco Routers and Firewalls Presented by Ken Fishkin The Cohn Consulting Group kfishkin@jhcohn.com 973 228-3500 ext. 6541 Microsoft Certified Systems Engineer Cisco Security Specialist 1 Cisco Certified Network Associate Citrix Certified Administrator November 7, 2002

  2. Current Internet Security Threats that Cisco Firewalls Can Help Prevent • Denial of Service Attacks • Poorly secured remote access to a corporate network • Downloading malicious Java and Active x code from web sites • Internet address spoofing

  3. Defining a Router

  4. How does a Router Handle Incoming Data • Where is the final destination for the data? • What path makes the most sense for the data to take?

  5. Defining a Firewall

  6. How does a Firewall Handle Incoming Data • What type of data is it? • What server is the data trying to reach? • Does the data look legitimate? • What is the data’s origin?

  7. Firewall Add-ons • Remote user / office support • Failover support • Load balancing • Web content filtering • Email filtering / blocking

  8. Blurring the Lines • Cisco routers can be upgraded to perform the following: • Basic firewall support • Remote user and office support • Intrusion Detection System (IDS) support

  9. What Advantages Does the Cisco PIX Have Over a Cisco Router With Firewall Software? • More rigorous security screening before allowing data through its network • Failover capabilities • Increased performance • More robust remote user / office capabilities • By design, all incoming Internet access is blocked.

  10. Auditing your company’s needs • What is your company’s exposure to the Internet? • How much do the employees need to use it? • How much down time is acceptable? • Need for redundant hardware • What is the company’s budget? • Is remote access a luxury or a necessity? • Does administration need to monitor their employee’s web surfing?

  11. Minimally Protecting Your Network

  12. A More Secure Network

  13. Common Questions to Ask when Auditing your Router and Firewall • Where can people gain physical access to them? • Where can people gain administrative access to them? • Who can gain remote access to them? • How are administrative users authenticated?

  14. Common Questions… continued • Are the passwords secure, encrypted and given to a staff member other than someone from the MIS department? • Are logs securely stored when any configuration changes or unusual behavior occur? • Are the latest software and security measures installed and configured? • Can any exposed servers be more secure from hackers?

  15. Auditing Tips for Routers • Since routers are not at all secure by default, review how tightly locked down they are. • Determine if the router’s internal clock is synchronized with a time server. • Analyze any router to router network traffic and determine if the proper encryption policies are enforced. • Examine if the Intrusion Detection System features are properly configured. • Review any warning messages to discourage any unauthorized access.

  16. Auditing Tips for Firewalls • Determine if all services allowed through your network are still valid. • Review your remote access policy regarding encryption and authentication. • Monitor your incoming traffic to see if it can be improved. • Analyze your firewall’s visibility to hackers.

  17. General Security Maintenance Tips • Keep current with the latest security bulletins, patches, etc.. • Every six months you should audit your network and make sure that your security policies are up-to-date. • Test your system regularly.

More Related