1. Enterprise Network Security Accessing the WAN Lecture week 4

2. Objectives General methods to mitigate security threats to Enterprise networks Configure Basic Router Security Explain how to disable unused Cisco router network services and interfaces Explain how to use Cisco SDM Manage Cisco IOS devices

3. Why Network Security is Important?

4. The Closed Network

5. The Network Today

6. Achieving the right balance

7. Most common security threats

8. Common types of network attacks

9. Reconnaissance Attacks

10. Access Attacks

11. DoS/DDoS Attacks

12. Malicious Code Attacks A worm executes code and installs copies of itself in the memory of the infected computer, which can, in turn, infect other hosts. A virus is malicious software that is attached to another program for the purpose of executing a particular unwanted function on a workstation.

13. Common mitigation techniques

14. Common mitigation techniques (contd)

15. Common Security Appliances and Applications

16. The Security Wheel - Secure

17. The Security Wheel - Monitor

18. The Security Wheel - Test

19. The Security Wheel - Improve

20. Goals of a comprehensive security policy in an organization

21. Enterprise Network Security 4.2 Securing Cisco Routers

22. Routers’ role in Network Security

23. Basic Router Security

24. Configure Basic Router Security

25. Implementing SSH to Secure Remote Administrative Access

26. Login Router Activity

27. Enterprise Network Security 4.3 Vulnerable Router Services and Interfaces

28. Disable Unused Services and Interfaces

29. no service tcp-small-servers no service udp-small-servers no ip http server no cpd run

30. SNMP, NTP, and DNS Vulnerabilities

31. Enterprise Network Security 4.3 Securing Routing Protocols

32. Routing Protocol Authentication Routing systems can be attacked in two ways: Disruption of peers (reset) Falsification of routing information

34. Using password authentication

35. Configuring RIPv2 with Authentication

36. Configuring EIGRP with Authentication

37. Configuring OSPF with Authentication

38. Locking router with Auto secure command

39. Enterprise Network Security 4.4 Using Cisco SDM

40. Security Device Manage

41. Configuring router to use Cisco SDM

42. Start SDM

43. Cisco SDM Interface

44. Commonly used Cisco SDM wizards

45. Locking down your router with SDM

46. Enterprise Network Security 4.5 Secure Router Management

47. IOS Maintenance Periodically, the router requires updates to be loaded to either the operating system or the configuration file. These updates are necessary to fix known security vulnerabilities, support new features that allow more advanced security policies, or improve performance

48. File systems used by a Cisco router

49. Backup and upgrade a Cisco IOS image Router#copy tftp flash: Address or name of remote host []? Router#sh flash: -#- --length-- -----date/time------ path 1 25678740 Mar 31 2010 06:36:00 +00:00 c1841-adventerprisek9-mz.124-16a.bin 2 685 Apr 14 2008 20:25:10 +00:00 pre_autosec.cfg 6250496 bytes available (25686016 bytes used)

50. Back up and upgrade Cisco IOS software images using a network server

51. Recover a Cisco IOS software image

52. Cisco IOS Troubleshooting

53. Recover the enable password and the enable secret passwords

54. Summary Security Threats to an Enterprise network include: –Unstructured threats –Structured threats –External threats –Internal threats Methods to lessen security threats consist of: –Device hardening –Use of antivirus software –Firewalls –Download security updates

55. Summary Basic router security involves the following: –Physical security –Update and backup IOS –Backup configuration files –Password configuration –Logging router activity Disable unused router interfaces & services to minimize their exploitation by intruders Cisco SDM –A web based management tool for configuring security measures on Cisco routers

56. Summary Cisco IOS Integrated File System (IFS) –Allows for the creation, navigation & manipulation of directories on a cisco device

57. Thank You