Network Infrastructure Security basics

Hello again. I have a keen interest in network infrastructure since my experience with routers and switches had got me through 3 years of excellent work with the Bank of America. Security plays a great role in layer 3 and layer 4 traffic of the OSI layer. Today my major focus will be correlated to the security structure of any layer 3 device. I will not dwell into vendor based stuff as a lot of you out there would be running devices across vendors like Juniper, Cisco and Alcatel.

Given my focus is related to layer 3 traffic, i would be talking about securing routers, or internet facing devices.

What is a router? http://compnetworking.about.com/cs/routers/g/bldef_router.htm

Now that you know what a router is; there are three sub-divisions on a router. The control plane, the management plane and the data plane. As it is reflective, the control plane is the section that handles the routing and inherits the sole purpose of why a router is there. The management plane, describes how the router is managed and the protocols/systems involved in managing and governing a router. It can be also denoted as how the user interacts with the machine. The data plane, on the other hand, is the dynamics of packet transmission on the router. It can also be called the forwarding engine.

A detailed understanding of the three planes: http://networkstatic.net/the-control-plane-data-plane-and-forwarding-plane-in-networks/

From my perspective as a security technologist, and someone who has worked with this devices and managed them; this are a few points to take heed!

1. Update your firmware and this coincides with securing the operating system of the router.
2. Practice defence-in-depth; look at security as an onion; its made out of layers, peels.
3. Apply whitelisting instead of blacklisting; this gives lesser work to the hardware and believe me a great reduction of typing to do *haha*
4. Have a firm understanding of your networks, and routing protocols you implement to gain network connectivity to your neighbours.
5. Practice incident management and implement logs. Spend if you have to; this is a critical part of managing your devices.
6. Implement physical security, and login databases/credentials.
7. Do frequent auditing on your network devices such as routers and switches

From the above; key terms.
whitelists vs blacklists – i have written a post on this, check it out.
defence in depth: https://www.nsa.gov/ia/_files/support/defenseindepth.pdf

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s