HostedDB - Dedicated UNIX Servers
index_104
Router Security Configuration Guide UNCLASSIFIED 104 UNCLASSIFIED Version 1.0g 4.5.  Audit and Management 4.5.1.    Concepts and Mechanisms  Routers are a critical part of network operations and network security.  Careful management and diligent audit of router operations can reduce network downtime, improve security, and aid in the analysis of suspected security breaches.  Cisco routers and Cisco IOS are designed to support centralized audit and management.   This section describes the logging, management, monitoring, and update facilities offered in Cisco IOS 11.3 and 12.0.    § Logging –   Cisco routers support both on-board and remote logs.   § Time –   Accurate time is important for good audit and management; Cisco routers fully support the standard time synchronization protocol, NTP. § Network Management –   The standard protocol for distributed management of network component is the Simple Network Management Protocol (SNMP).  SNMP must be disabled or carefully configured for good security. § Network Monitoring – Cisco routers support basic facilities for Remote Network Monitoring (RMON).  The RMON features depend on SNMP, and must also be disable or carefully configured. § Software Maintenance –   Keeping up with new major software releases is important, because new releases include fixes for security vulnerabilities.  Installing new Cisco IOS software in a router is not especially difficult. § Debugging and Diagnostics – Troubleshooting router problems requires proficiency with Cisco’s diagnostic commands and debugging features.    The sub-sections below describe recommended configurations for good security.   Complete details on the commands and features discussed may be found in the Cisco IOS documentation, especially the Cisco IOS Configuration Fundamentals Command Reference documents for IOS 11.3 and 12.0. 4.5.2.    Configuring Logging and Time Services Logging is a critical part of router security; good logs can help you find configuration errors, understand past intrusions, troubleshoot service disruptions, and react to probes and scans of your network.  Cisco routers have the ability to log a great deal of their status; this section explains the different logging facilities, describes the logging configuration commands, and presents some configuration examples.