Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
306
Views
0
Helpful
4
Replies

SOHO security considerations

mirabelle_lou
Level 1
Level 1

‎06-12-2003 10:43 AM - edited ‎03-09-2019 03:39 AM

Hi,

What are the security technologies/products for SOHO? Are there best practices available for

reference?

Thanks,

Mirabelle Paige

Labels:
0 Helpful
4 Replies 4

osam
Level 1
Level 1

‎06-12-2003 11:22 AM

Take a look at this link,

http://www.ccnaprep.com/securityciscorouters.htm

It has many good stuff. You don't have to do them all, but at least do what's suit you, and have an idea of other concerns.

0 Helpful

mirabelle_lou
Level 1
Level 1
In response to osam

‎06-12-2003 11:38 AM

thanks, I am looking at more general recommendations at the high level.

For example, what kind of AV products, firewalls, secure wireless access should I be looking into.

thanks,

MP

0 Helpful

osam
Level 1
Level 1
In response to mirabelle_lou

‎06-12-2003 12:20 PM

As for PIXes, I would say go for PIX 501, it would be more than enough for a SOHO.

Check more info here, http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/

As for routers, I would suggest SOHO 70 or SOHO 90. The SOHO 90 supports VPN functionality.

http://www.cisco.com/en/US/products/hw/routers/ps2167/index.html

and

http://www.cisco.com/en/US/products/hw/routers/ps4866/index.html

Here is another link for Wireless devices,

http://www.cisco.com/en/US/products/hw/wireless/index.html

0 Helpful

d-garnett
Level 3
Level 3

‎06-13-2003 01:23 PM

i have installed various routers and firewalls for remote soho sites and i would have to say that for soho's with dsl links i would stick with the 806 and pix501

i always try to use cbac and ios ids

for vpn'd remote soho sites connecting to a central vpn hub site, i log the syslog msgs via ipsec to a workstation at that CO

there is a very good guide: NSA router security, that may also help out

http://www.nsa.gov/snac/cisco/download.htm

good luck

also

when defining your inbound access-lists for dsl links, it is a always good idea to have the 'deny any any log-input' after permitted traffic but the first line in all of my acls for perimter routers is always :

access-list XXX deny udp any any netbios-ns

explicitly enter WITHOUT the logging keyword. if you log this or you do not define this as a seperate acl entry causing udp 137 traffic to be caught up in your last 'deny any any log' acl statement you have so many log entries in your logs that it will make up at least 95% your logs (from pc's attached to the Internet announcing themselves -- believe it is more than 30 seconds) and you may miss other exploit attempts and scans.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents