User Tools

Site Tools


networksecurityrecommendations
no way to compare when less than two revisions

Differences

This shows you the differences between two versions of the page.


networksecurityrecommendations [2013/01/28 04:29] (current) – created - external edit 127.0.0.1
Line 1: Line 1:
 +====== Network Security Recommendations ======
 +  * SNMP ACLs
 +  * VTY ACLs
 +  * VLAN ACLs whitelisting address space for outbound traffic (prevents source spoofing)
 +  * Port Security – We are using it, but we should enable it everywhere even at high number of MAC address allowances (prevent MAC table overflows), set aging time on VM ports
 +  * MAC address ACLs (blacklist MAC addresses on switches preventing user from jumping between switch ports and switching IPs)
  
 +  * DHCP Snooping on switches in DHCP environments (i.e. Engineering, Chemistry, etc.)
 +  * IP Source Guard
 +  * Dynamic ARP Inspection
 +
 +  * Cisco torch – Vulnerability scanning and exploitation
 +  * OpenVAS – Vulnerability scanning and exploitation
 +  * Yersinia – exploit tool
 +  * MetaSploit – exploit tool
 +
 +
 +-- Main.FredPettis - 2012-05-24
networksecurityrecommendations.txt · Last modified: 2013/01/28 04:29 by 127.0.0.1