Upload
lester-ward
View
220
Download
0
Tags:
Embed Size (px)
Citation preview
• The CLI uses a hierarchical structure for the modes.
• In order from top to bottom, the major modes are:• User mode• Privileged mode• Global Configuration mode• Specific Configuration modes
• User Mode – view only• Privileged Mode – used to manage, update
configuration• By default, no authentication required.
Policy – roles, responsibilities, permissions, standard configurationsAccess – Physical and ElectronicIOS - The operating system for the router is a crucial component. Configuration Management – both static and dynamic. Basic hardening should be one of the first steps implemented to minimize the risk of attacks. Logging - log information helps to determine whether the router is working properly of if it has been probed or worst case, compromised.
• Security policy should define:• Roles – define administrator, operator and any user
role.• Permissions – defines how who will be granted
privileges on the device.• Rules of conduct – define how rules will be
configured on the router and who will approve rule implementation.
• Responsibilities – define who will make config changes or who will monitor logs.
• Minimum Configuration Standards – basic hardening requirements.
• Access should be limited 24/7 365 days a year. • Environmental controls - free of electrostatic and
magnetic interference, temperature and humidity controlled, Uninterruptible Power Supply (UPS)
• Some routers offer PC-Card slots or CompactFlash slots
• The Cisco password recovery procedure allows individual to gain privileged access to the device without using a password.
• There are two types of access: local and remote. • Local access involves a direct connection to a
console port on the router with a dumb terminal or a laptop computer.