 |
 |
|
Cisco Network Security Solutions - Sitemaps - Call (888) 233-6471Ask.com Sitemaps
RSS Sitemap Sitemap Cache Yahoo.com Sitemap HTML Sitemaps Cisco Network Security Solutions Frequently Asked Questions (FAQ)Information theft is big business today. Malevolent hackers break into business networks to steal credit card or social security numbers for profit. Small and medium-sized businesses are at risk because they are seen as an easier mark than large corporations. Protecting the perimeter of the network is a good start, but it is not enough, since many information thefts have help from a trusted insider, such as an employee or contractor. Information theft can be costly to small and medium-sized businesses, since they rely on satisfied customers and a good reputation to help grow their business. Businesses that do not adequately protect their information could face negative publicity, government fines, or even lawsuits. For example, new consumer laws enacted in California require any business that suspects customer information has been viewed by unauthorized people must notify ALL their customers. Any security strategy must prevent theft of sensitive electronic information from both inside and outside the business. Cisco ASA 5500 Series Adaptive Security Appliances (1) Combine firewall, VPN, and optional content security and intrusion prevention to distribute network security across your operations, (2) Provide threat defense and highly secure communications services to stop attacks before they affect business continuity, (3) Reduce deployment and operational costs while delivering comprehensive network security for networks of all sizes, and (4) Support a wide range of environments from small businesses to large enterprises. Cisco Adaptive Wireless IPS Software (1) Provides automated wireless vulnerability and performance monitoring to deliver visibility and control across the network, (2) Maintains a constant awareness of the RF environment to meet the demands of the largest networks, (3) Automatically monitors for wireless network anomalies and to identify unauthorized access and RF attacks, and (4) Collaborates with Cisco network security products to create a layered approach to wireless security. In order to provide some level of separation between an organization's intranet and the Internet, firewalls have been employed. A firewall is simply a group of components that collectively form a barrier between two networks. A number of terms specific to firewalls and networking are used: (1) Bastion host. A general-purpose computer used to control access between the internal (private) network (intranet) and the Internet (or any other untrusted network). Typically, these are hosts running a flavor of the Unix operating system that has been customized in order to reduce its functionality to only what is necessary in order to support its functions. Many of the general-purpose features have been turned off, and in many cases, completely removed, in order to improve the security of the machine, (2) Router. A special purpose computer for connecting networks together. Routers also handle certain functions, such as routing , or managing the traffic on the networks they connect, (3) Access Control List (ACL). Many routers now have the ability to selectively perform their duties, based on a number of facts about a packet that comes to it. This includes things like origination address, destination address, destination service port, and so on. These can be employed to limit the sorts of packets that are allowed to come in and go out of a given network, (4) Demilitarized Zone (DMZ). The DMZ is a critical part of a firewall: it is a network that is neither part of the untrusted network, nor part of the trusted network. But, this is a network that connects the untrusted to the trusted. The importance of a DMZ is tremendous: someone who breaks into your network from the Internet should have to get through several layers in order to successfully do so. Those layers are provided by various components within the DMZ, and (4) Proxy. This is the process of having one host act in behalf of another. A host that has the ability to fetch documents from the Internet might be configured as a proxy server , and host on the intranet might be configured to be proxy clients . In this situation, when a host on the intranet wishes to fetch the web page, for example, the browser will make a connection to the proxy server, and request the given URL. The proxy server will fetch the document, and return the result to the client. In this way, all hosts on the intranet are able to access resources on the Internet without having the ability to direct talk to the Internet. The need for security in communication networks is not new. In the late nineteenth century an American undertaker named Almon Strowger discovered that he was losing business to his rivals because telephone operators, responsible for the manual connection of call requests, were unfairly diverting calls from the newly bereaved to his competitors. Strowger developed switching systems that led to the introduction of the first automated telephone exchanges in 1897. This enabled users to make their own connections using rotary dialling to signal the required destination. Security testing is an essential component of improving the security posture of your organization. Organizations that have an organized, systematic, comprehensive, on-going, and priority driven security testing regimen are in a much better position to make prudent investments to enhance the security posture of their systems. Operational Security Testing is network security testing conducted during the operational stage of data system life, that is, while the system is operating in its operational environment. A one-time password (OTP) is a password that is only valid for a single login session or transaction. OTPs avoid a number of shortcomings that are associated with traditional (static) passwords. The most important shortcoming that is addressed by OTPs is that, in contrast to static passwords, they are not vulnerable to replay attacks. This means that, if a potential intruder manages to record an OTP that was already used to log into a service or to conduct a transaction, he will not be able to abuse it since it will be no longer valid. Cisco ASA 5500 Series Adaptive Security Appliances (1) Combine firewall, VPN, and optional content security and intrusion prevention to distribute network security across your operations, (2) Provide threat defense and highly secure communications services to stop attacks before they affect business continuity, (3) Reduce deployment and operational costs while delivering comprehensive network security for networks of all sizes, and (4) Support a wide range of environments from small businesses to large enterprises. Auditors face some challenges when reviewing router and firewall configurations. I'm going to discuss a few of them in this article. My assumption is that there is a device hardening standard in place, which points out the key elements of configuration. I am also assuming configuration review is only small, and not the most important part of audit program (design assessment, change control, access control, etc... have to be done as well). |
