I am looking for a workprogram, which allows to audit Cisco routers and switches. In detail i) I have to define controls that make sense for each device (router & switch) and ii) afterwards I have to perform test procedures.
What should be reviewed? What tests should be performed?
There are many places you can go and get some great ideas, but ultimately, it will depend on your environment....where each device is located, what are the capabilities that you are looking for each device to do...just to name a few.
Some suggestions to get you started might be:
~Create a "Router Security Policy" (www.sans.org has an example)
~Create a "IOS Security Checklist" (a baseline if you will, something that is needed for ALL IOS devices. If you switches run Native IOS instead of CatOS you could use this here as well. You can use a portion of the SANS policy and implement into this.)
~Create a "CatOS Security Checklist" (Same as above)
~CIS (Center for Internet Security has a Cisco router tool that you can run to check your devices. I have never used it, but I have heard good things about it.)
~NIST (National Institute of Standards Technology) also has a lot of great stuff to give you some ideas.)
~Finally, I would end with your port/ service scan tool. (There are a variety of tools that you can use for this.)
Hopefully, I have helped out a little to get you thinking and some places to start. I will keep checking back to see how you are doing.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...