Threat Defense Best Cisco CCNA Bootcamp Training Center in Gurgaon

Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India 
Call: +91-9654672192

As part of the Cisco Self-Defending Network, Threat Defense enhances the security in the network infrastructure by adding increased levels of security protection on network devices, appliances, and endpoints. Both internal and external threats have become much more destructive than in the past. DoS attacks, man-in-the-middle attacks, and Trojan horses have the potential to severely impact business operations. The Cisco Threat Defense system provides a strong defense against these internal and external threats.

Threat Defense has three main areas of focus:

• Enhancing the security of the existing network— Preventing loss of downtime, revenue, and reputation
• Adding full security services for network endpoints— Securing servers and desktops with Cisco Security Agent
• Enabling integrated security in routers, switches, and appliances— Security techniques enabled throughout the network, not just in point products or locations

Physical Security

During your security implementations, it is essential to incorporate physical security to increase the strength of the overall security design. Physical security helps protect and restrict access to network resources and physical network equipment. Sound security policies must defend against potential attacks that can cause loss of uptime or reputation, or even revenue impacts.

Here are some considerations for potential physical threats:

• Vulnerabilities inherent in systems when attackers access the hardware directly through console access or untrusted software.
• Access to the network, allowing attackers to capture, alter, or remove data flowing in the network.
• Attackers may use their own hardware, such as a laptop or router, to inject malicious traffic onto the network.

Here are some physical security guidelines to keep in mind when designing physical security architectures:

• Use physical access controls such as locks or alarms.
• Evaluate potential security breaches.
• Assess the impact of stolen network resources and equipment.
• Use controls such as cryptography to secure traffic flowing on networks outside your control.

Figure 13-10 shows some physical security threat locations that an attacker could potentially exploit.

Infrastructure Protection

The infrastructure needs to be protected using security features and services to meet the growing needs of business without disruption. Infrastructure protection is the process of taking steps to reduce the risks and threats to the network infrastructure and to maintain the integrity and high availability of network resources.

By using best practices and a security policy, you can secure and harden the infrastructure equipment to prevent potential attacks. To combat network threats, Cisco has enhanced Cisco IOS with security features to support the secure infrastructure and increase the network's availability.

Here are some solutions for equipment that has built-in integrated security features:

• Adaptive Security Appliance (ASA) integrates essential security technologies in one platform (firewall, IPS, IPsec VPN, and SSL VPN).
• Routers consolidates IOS firewall, IPS, IPsec VPN, DMVPN, and SSL VPN into the routing platforms to secure the router if attacked.
• Catalyst switches combines firewall, IPS, SSL VPN, IPsec VPN, DoS mitigation, and virtual services to build into security zones.

Here are some recommended best practices for infrastructure protection:

• Access network equipment remotely with SSH instead of Telnet.
• Use AAA for access control management.
• Enable SYSLOG collection; review the logs for further analysis.
• Use SNMPv3 for its security and privacy features.
• Disable unused network services such as tcp-small-servers and udp-small-servers.
• Use FTP or SFTP instead of TFTP to manage images.
• Use access classes to restrict access to management and the CLI.
• Enable routing protocol authentication when available (EIGRP, OSPF, IS-IS, BGP, HSRP, VTP).
• Use one-step lockdown in Security Device Manager (SDM) before connecting the router to the Internet.