8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 1/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1Version 4.0
Enterprise NetworkSecurity
Accessing the WAN ± Chapter 4
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 2/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 2
Objectives
Describe the general methods used to mitigatesecurity threats to Enterprise networks
Configure Basic Router Security
Explain how to disable unused Cisco router networkservices and interfaces
Explain how to use Cisco SDM
Manage Cisco IOS devices
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 3/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 3
Describe the General Methods used to MitigateSecurity Threats to Enterprise Networks
Explain how sophisticated attack tools and opennetworks have created an increased need for networksecurity and dynamic security policies
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 4/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 4
Describe the General Methods used to MitigateSecurity Threats to Enterprise Networks
Describe the most common security threats and howthey impact enterprises
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 5/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 5
Describe the General Methods used to MitigateSecurity Threats to Enterprise Networks
Describe the most common types of network attacksand how they impact enterprises
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 6/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 6
Describe the General Methods used to MitigateSecurity Threats to Enterprise Networks
Describe the common mitigation techniques thatenterprises use to protect themselves against threats
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 7/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 7
Describe the General Methods used to MitigateSecurity Threats to Enterprise Networks
Explain the concept of the Network Security Wheel
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 8/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 8
Describe the General Methods used to MitigateSecurity Threats to Enterprise Networks
Explain the goals of a comprehensive security policy inan organization
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 9/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 9
Configure Basic Router Security
Explain why the security of routers and their configuration settings is vital to network operation
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 10/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 10
Configure Basic Router Security
Describe the recommended approach to applying CiscoIOS security features on network routers
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 11/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 11
Configure Basic Router Security
Describe the basic security measures needed to secureCisco routers
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 12/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 12
Explain How to Disable Unused CiscoRouter Network Services and Interfaces
Describe the router services and interfaces that arevulnerable to network attack
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 13/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 13
Explain How to Disable Unused CiscoRouter Network Services and Interfaces
Explain the vulnerabilities posed by commonlyconfigured management services
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 14/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 14
Explain How to Disable Unused CiscoRouter Network Services and Interfaces
Explain how to secure a router with the command-lineinterface (CLI) auto secure command
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 15/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 15
Explain How to Use Cisco SDM
Provide an overview of Cisco SDM
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 16/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 16
Explain How to Use Cisco SDM
Explain the steps to configure a router to use CiscoSDM
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 17/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 17
Explain How to Use Cisco SDM
Explain the steps you follow to start SDM
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 18/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 18
Explain How to Use Cisco SDM
Describe the Cisco SDM Interface
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 19/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 19
Explain How to Use Cisco SDM
Describe the commonly used Cisco SDM wizards
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 20/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 20
Explain How to Use Cisco SDM
Explain how to use Cisco SDM for locking down your router
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 21/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 21
Manage Cisco IOS Devices
Describe the file systems used by a Cisco router
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 22/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 22
Manage Cisco IOS Devices
Describe how to backup and upgrade a Cisco IOSimage
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 23/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 23
Manage Cisco IOS Devices
Explain how to back up and upgrade Cisco IOSsoftware images using a network server
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 24/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 24
Manage Cisco IOS Devices
Explain how to recover a Cisco IOS software image
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 25/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 25
Manage Cisco IOS Devices
Compare the use of the show and debug commandswhen troubleshooting Cisco router configurations
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 26/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 26
Manage Cisco IOS Devices
Explain how to recover the enable password and theenable secret passwords
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 27/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 27
Summary
Security Threats to an Enterprise network include:
±Unstructured threats
±Structured threats
±External threats
±Internal threats
Methods to lessen security threats consist of:
±Device hardening
±Use of antivirus software
±Firewalls
±Download security updates
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 28/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 28
Summary
Basic router security involves the following: ±Physical security
±Update and backup IOS
±Backup configuration files
±Password configuration
±Logging router activity
Disable unused router interfaces & services to minimizetheir exploitation by intruders
Cisco SDM
±A web based management tool for configuring securitymeasures on Cisco routers
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 29/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 29
Summary
Cisco IOS Integrated File System (IFS)
±Allows for the creation, navigation & manipulation of directories on a cisco device
8/3/2019 Chapter 4 Network Security
http://slidepdf.com/reader/full/chapter-4-network-security 30/30
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 30