Network security

Securely configuring your network hardware and configurations will ensure that you have an effective and secure communication infrastructure. Bear in mind the following principles and guidelines:

  • Ports, protocols, and services:
    • Ensure that you extend the concepts of least privilege and least functionality to the network.
    • Block any outbound traffic that is not required as this can be used to exfiltrate data from your network.
    • The same goes for inbound traffic. If you do not need a port, protocol, or service to be open, close it.
  • Traffic monitoring:
    • Ensure that you are monitoring the outbound ports that you allow with a full packet capture and analysis capability to ensure that the traffic that is leaving your network is legitimate.
    • For encrypted traffic, add an SSL decrypter to your network. Run this traffic through your security tool suite, including your full packet capture tools, to detect and alert you to potential malware activity.
    • These tools should all roll up into your security operations center for analysis by your SOC analysts.
  • SNMP:
    • Change the default community strings to an organizationally defined string
    • Establish authorized SNMP management stations
    • If SNMP is not required, then turn off the service
  • VLAN:
    • VLANs should be used to isolate and segment your network
    • Network segmentation examples include:
      • Internal servers
      • DMZ
      • Workstations
      • Security devices
      • Management network
  • Promiscuous mode:
    • Establish restriction on network equipment so that promiscuous mode network devices cannot collect packet data from the enterprise network without authorization.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.141.31.209