Skip to content

CS407 - Routing and Switching

3 Topics 16 Posts
  • 0 Votes
    13 Posts
    474 Views
    zaasmiZ

    @moaaz said in CS407 Assignment 1 Solution and Discussion:

    What access mode of command line interface will be more suitable to perform remote configurations on the router in secure manners?

    Network infrastructure devices often provide a range of different access mechanisms, including console and asynchronous connections, as well as remote access based on protocols such as Telnet, rlogin, HTTP, and SSH. Some mechanisms are typically enabled by default with minimal security associated with them; for example, Cisco IOS software-based platforms are shipped with console and modem access enabled by default. For this reason, each infrastructure device should be carefully reviewed and configured to ensure only supported access mechanisms are enabled and that they are properly secured.

    The key steps to securing both interactive and management access to an infrastructure device are:

    • Restrict Device Accessibility

    Limit the accessible ports, restrict the permitted communicators and restrict the permitted methods of access.

    • Present Legal Notification

    Display legal notice, developed in conjunction with company legal counsel, for interactive sessions.

    • Authenticate Access

    Ensure access is only granted to authenticated users, groups, and services.

    • Authorize Actions

    Restrict the actions and views permitted by any particular user, group, or service.

    • Ensure the Confidentiality of Data

    Protect locally stored sensitive data from viewing and copying. Consider the vulnerability of data in transit over a communication channel to sniffing, session hijacking and man-in-the-middle (MITM) attacks.

    • Log and Account for all Access

    Record who accessed the device, what occurred, and when for auditing purposes.

  • 0 Votes
    2 Posts
    162 Views
    zareenZ

    @zaasmi please share idea solution

  • 0 Votes
    1 Posts
    89 Views
    No one has replied