Utilizng Ids Routers

Router Protection

The advantages of continuing to invest in our Information Security infrastructure is paramount. With the constant changes and needs in our IT departments and layoffs a true risk exists of past IT staff, contractors, and vendors that have internal knowledge of our policies and configurations.

Current System administrators and security staff are unable to continue to deal with the threats of external attackers The need for more automated and self-adjusting security appliances/routers is a major initiative to counterattack the increase in external attacks. The new appliances/routers utilize internal ACLS along with automated IDS systems on the network can mitigate the risk against insider attacks/threats.

Our first line of defense against external attackers is to assure that all routers and switches are updated properly. To alleviate administrative strains all the routers/switches are on the Cisco Platform. A weekly patch/update session and report is done to assure vulnerabilities are addressed as soon as possible. Limited access administrative access is granted to routers/switches. The routers have Intrustion detection built and send alerts via email/text for any attempts.

Proper development of an internal protection ACLs on all routers and switches are an essential tools in our security architecture. The ACLs limit the type of traffic within the network, and increase performance and decrease the vulnerability to insider attacks, Trojans, and worm propagation.  ACLs, start by determining what each server does and which clients need to access its information. As stated by a 2010 article from Techrepublic “if you run an internal nonSSL Web server, you can place an access list on the port going to your Web server(s) and only allow TCP port 80. But if the server is a domain controller (DC), you'll need to allow a range of ports going to this server for your clients' authentication and logon services.”

To enhance internal...