Hi All,
The NSA just published CTR Network Report Infrastructure Security Guidance
Guidance for securing networks continues to evolve as new vulnerabilities are exploited
by adversaries, new security features are implemented, and new methods of securing
devices are identified. Improper configuration, incorrect handling of configurations, and weak
encryption keys can expose vulnerabilities in the entire network. All networks are at risk of
compromise, especially if devices are not properly configured and maintained. An
administrator's role is critical to securing the network against adversarial techniques and requires dedicated people to secure the
devices, applications, and information on the network.
This report presents best practices for overall network security and protection of
individual network devices, and will assist administrators in preventing an adversary
from exploiting their network. While the guidance presented here is generic and can be
applied to many types of network devices, sample commands for Cisco Internetwork
Operating System (IOS) devices are provided which can be executed to implement the
recommendations.
------------------------------
Michael Roza CPA, CISA, CIA, MBA, Exec MBA
------------------------------