No matter for businesses or home networks systems, keeping network secure is a constant struggle in this modern world. As Internet Security Threat Report estimates a 93 percent increase in Web attacks from 2010, protecting the valuable information against constantly evolving malware, identity theft, hacktivism, state sponsored hacking, etc. have gained more and more attention. But how to build the more secure and flexible networks practically?
1. Installing a firewall is necessary through firewalls are not almighty. ( if you need more details on Cisco firewall configuration, there are some materials to refer to:
http://blog.router-switch.com/2012/06/eight-commands-on-a-cisco-asa-security-appliance-you-should-know/
http://blog.router-switch.com/2012/05/vlan-sub-interfaces-on-cisco-asa-5500-firewall-configuration/ )
2. Make sure anti-virus software is uploaded on every computer for third-party software such as Java, Adobe products and browsers are often gateways for malware.
3. PCs, tablets, switches and routers all need to be constantly updated and monitored to guard against network threats. Using a remote monitoring and management (RMM) tool that includes the ability for both operating system and third-party patching makes this process easy for a solution provider to update all software on an endpoint. (Juniper’s Care Plus and Cisco’s Smart Care are two examples. Those initiatives help solution providers ensure their entire customer networks are healthy, offer access to vendor technical support and also provide reporting on a scheduled basis.)
4. Be sure to change the default administrative password on the new devices such as wireless router, which is typically "password." If possible, create a new administrative user id, and disable the default, which is typically "admin." Perform all administration and configuration tasks through the LAN cable interface.
5. Pay attention to data encryption. Choose the highest encryption level that your computing equipment can support, and choose a pass-phrase that is easy for you to remember but hard for outsiders to guess.
Network Data Encryption |
6. Remember to take MAC (Media Access Control), which is the actual address of your network interface that is typically burned in by the manufacturer. (Wireless routers allow you to build a table of authorized MAC addresses that may connect to your network. Through some degree of investigative work in determining the MAC address on each of your home computers may increase security for your network, the address can be spoofed (faked), and the hacker still has to know a valid MAC address in order to accomplish this task.)
7. Protect the SSID (Service Set Identifier) - the name that your router broadcasts for others to see. The default is typically the name of the manufacturer of your router, and you should change this to something obscure. Do not give it your family name, address, car tag number or anything else recognizable as your network. And be careful with whom you share your network name. For the maximum security on SSIDs simply turn off SSID broadcasts.
We have to admit that we cannot list all the solutions to protect the network safe absolutely, but remember that operating system and software patching, using the most up-to-date anti-malware programs, keeping the network infrastructure healthy and current, and performing regular security testing will go a long way toward ensuring solutions to secure networks and against evolving network threats. So let’s keep the network security from then on with paying attention to details.
Thanks for sharing this valuable resource with us. I'm sure it will be a valuable asset for many people.Also, have a look on these CISCO products:
ReplyDeleteWS-C3560-24TS-E