What to do

qwertys21 · ‎10-03-2007

As a Cisco LAN Administrator, what are the things one need to do in order to be proactive.

As at now.

1. I have done a network LAN architecture diagram to depict where each of the switches are

2. Done a software and hardware inventory

3. Checking to find out which if the hardware or software is end of life

So what else?

Thanks

Kevin Dorrell · ‎10-03-2007

Security audit?

qwertys21 · ‎10-03-2007

In terms of what?

ssh connection?

paul.matthews · ‎10-03-2007

A security audit will involve Checking SW for vulnerabilities, checking configs for good practice, chacking procsses for good practice all that kind of thing.

Also think about defining an upgrade strategy - that could be anything from "we will automatically update the moment Cisco release a new version" to " we will update if we have a problem that can be identified in the software we are running.

Look at NMS systems - something that will le you capture traffic patterns will help identify bottlenecks or issues early

Being proactive also means having plans to deal with faults - "we run with sufficient free ports in a physical location to allow repatching of all users should a switch/module fail"

qwertys21 · ‎10-09-2007

Thank you very much

Kevin Dorrell · ‎10-03-2007

In terms of, for example:

- who has access to the management features,

- using which protocols,

- how management access is logged (if at all)

- how management traffic is restricted,

- how you keep backups of the configs,

- whether you use sectret instead of password,

- whether you allow VLAN 1 anywhere,

- whether you seperate management traffic from user traffic

- etc etc

The list is huge. There are some good books, and several documents on the Cisco web, about hardening the security of Cisco switches and routers. An audit would measure your security in terms of the recommendations.

Kevin Dorrell

Luxembourg

qwertys21 · ‎10-09-2007

Thank you so much