Network Security Checklist

From Guidance Share

- J.D. Meier, Alex Mackman, Michael Dunner, Srinath Vasireddy, Ray Escamilla and Anandha Murukan

Contents 1 Router Considerations 2 Firewall Considerations 3 Switch Considerations 4 Resources

Router Considerations

• Latest patches and updates are installed.
• You subscribed to router vendor's security notification service.
• Known vulnerable ports are blocked.
• Ingress and egress filtering is enabled. Incoming and outgoing packets are confirmed as coming from public or internal networks.
• ICMP traffic is screened from the internal network.
• Administration interfaces to the router are enumerated and secured.
• Web-facing administration is disabled.
• Directed broadcast traffic is not received or forwarded.
• Unused services are disabled (for example, TFTP).
• Strong passwords are used.
• Logging is enabled and audited for unusual traffic or patterns.
• Large ping packets are screened.
• Routing Information Protocol (RIP) packets, if used, are blocked at the outermost router.

Firewall Considerations

• Latest patches and updates are installed.
• Effective filters are in place to prevent malicious traffic from entering the perimeter
• Unused ports are blocked by default.
• Unused protocols are blocked by default.
• IPsec is configured for encrypted communication within the perimeter network.
• Intrusion detection is enabled at the firewall.

Switch Considerations

• Latest patches and updates are installed.
• Administrative interfaces are enumerated and secured.
• Unused administrative interfaces are disabled.
• Unused services are disabled.
• Available services are secured.

Resources

• See online on MSDN: http://msdn.microsoft.com/library/en-us/dnnetsec/html/CL_SecuNet.asp