Network Security Checklist
From Guidance Share
- J.D. Meier, Alex Mackman, Michael Dunner, Srinath Vasireddy, Ray Escamilla and Anandha Murukan
Contents |
[edit]
Router Considerations
- Latest patches and updates are installed.
- You subscribed to router vendor's security notification service.
- Known vulnerable ports are blocked.
- Ingress and egress filtering is enabled. Incoming and outgoing packets are confirmed as coming from public or internal networks.
- ICMP traffic is screened from the internal network.
- Administration interfaces to the router are enumerated and secured.
- Web-facing administration is disabled.
- Directed broadcast traffic is not received or forwarded.
- Unused services are disabled (for example, TFTP).
- Strong passwords are used.
- Logging is enabled and audited for unusual traffic or patterns.
- Large ping packets are screened.
- Routing Information Protocol (RIP) packets, if used, are blocked at the outermost router.
[edit]
Firewall Considerations
- Latest patches and updates are installed.
- Effective filters are in place to prevent malicious traffic from entering the perimeter
- Unused ports are blocked by default.
- Unused protocols are blocked by default.
- IPsec is configured for encrypted communication within the perimeter network.
- Intrusion detection is enabled at the firewall.
[edit]
Switch Considerations
- Latest patches and updates are installed.
- Administrative interfaces are enumerated and secured.
- Unused administrative interfaces are disabled.
- Unused services are disabled.
- Available services are secured.
[edit]
Resources
- See online on MSDN: http://msdn.microsoft.com/library/en-us/dnnetsec/html/CL_SecuNet.asp