What to do

Unanswered Question
Oct 3rd, 2007

As a Cisco LAN Administrator, what are the things one need to do in order to be proactive.

As at now.

1. I have done a network LAN architecture diagram to depict where each of the switches are

2. Done a software and hardware inventory

3. Checking to find out which if the hardware or software is end of life

So what else?

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
paul.matthews Wed, 10/03/2007 - 02:37

A security audit will involve Checking SW for vulnerabilities, checking configs for good practice, chacking procsses for good practice all that kind of thing.

Also think about defining an upgrade strategy - that could be anything from "we will automatically update the moment Cisco release a new version" to " we will update if we have a problem that can be identified in the software we are running.

Look at NMS systems - something that will le you capture traffic patterns will help identify bottlenecks or issues early

Being proactive also means having plans to deal with faults - "we run with sufficient free ports in a physical location to allow repatching of all users should a switch/module fail"

Kevin Dorrell Wed, 10/03/2007 - 02:40

In terms of, for example:

- who has access to the management features,

- using which protocols,

- how management access is logged (if at all)

- how management traffic is restricted,

- how you keep backups of the configs,

- whether you use sectret instead of password,

- whether you allow VLAN 1 anywhere,

- whether you seperate management traffic from user traffic

- etc etc

The list is huge. There are some good books, and several documents on the Cisco web, about hardening the security of Cisco switches and routers. An audit would measure your security in terms of the recommendations.

Kevin Dorrell

Luxembourg

Actions

This Discussion