Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Do you really want to delete this prezi?
Neither you, nor the coeditors you shared it with will be able to recover it again.
Make your likes visible on Facebook?
You can change this under Settings & Account at any time.
Transcript of Network hardening
Cisco security solution
Cisco IOS Software delivers a sophisticated set of security capabilities for a comprehensive, layered security approach throughout your network infrastructure.
Cisco IOS security technologies help to defend critical business processes against attack and disruption, protect privacy, and support policy and regulatory compliance controls.
Cisco IOS Content Filtering
Monitor and block Web activity
Protection from malicious websites
Conserve network resources
Cisco IOS Firewall
protect the network infrastructure against network- and application-layer attacks, viruses, and worms.
Suitable for branch offices, small to medium business environments, or managed services.
It works with other Cisco IOS security features, including Cisco IOS IPS, IOS Content Filtering, and IOS Network Address Translation (NAT), to create a completely integrated branch-office perimeter security solution.
Cisco IOS IPS
Inline, deep-packet inspection feature that effectively mitigates a wide range of network attacks.
Provides your network with the intelligence to accurately identify, classify, and stop or block malicious traffic in real time.
Faster remediation of the attack
What is network hardening ?
What are basics of Network hardening ?
CISCO IOS Security
The proactive approach to enterprise network security by implementing preventive measures against attacks before they occur
Ports & services
Admin account & tasks
Filter malicious content
Basics of Network hardening
Change default settings
Rename admin account
disable guest accounts
Only prevents simple attacks
Used only for admin tasks
Run as administrator
$ SU ... (Linux)
1 - Identify unused/unnecessary ports
2- Disable unused services & daemons
Use security template
Disable rogue applications
Find all wireless connections
Provide protection from virus intrusion
Provide protection from malware
Detail recovery procedures
At the server
Access Control Lists
Hardening Mobile Environments
Establish a mobile-device Security Policy
Provide secure mobile authentication
Medium range threats
Short range threats
Long range threats
Hardening Data transport
When in Doubt, Use IPSec
When should encryption be used
Plan for secure wireless networks
Seek & Destroy rogue WLANs
WLAN Topology: Unified, sgemented, VPN Access
Implement WLAN Discovery Procedures
IDS and Firewalls
Internet Security & acceleration Server (ISA)
Accelerates the Internet by web caching
ISA helps to implement an organization's business security policy through its administrative tools
Server and Web publishing
Monitoring and Reporting
Support for Remote Access
Cisco IOS IPsec
IPsec is a robust encryption technology that enables to securely connect branch offices and remote users
You can increase the reach of your network without significantly expanding your infrastructure by using Cisco IOS IPsec VPNs.
access control to business resources,
Cost-saving: easy-to-install, easy-to-use
Cisco IOS SSLVPN
Extend Your Network to Any Location
the industry's first router-based Secure Sockets Layer VPN solution,
offers "anywhere" connectivity from any resources (company resources, employee PCs, contractor or business partner desktops, and Internet kiosks).
Cisco Secure Desktop, a component of SSL VPN, provides data theft prevention even on non corporate devices.
Cisco IOS NFP
Cisco Network Foundation Protection (NFP) framework aim to develop and implement security controls to protect the network infrastructure
And more ...
Cisco - Secure Network infrastructure:
Hardening Network Security, by John Mallery et all, Osborn ISBN 0-07-225703-2
Any questions ?