---

---

UNCLASSIFIED Appendices  Version 1.0g  UNCLASSIFIED 221   8.2.  Application to Ethernet Switches and Related Non-Router Network Hardware This appendix identifies specific principles and recommendations from the main body of this guide that apply to Ethernet switches, managed hubs, access servers, and other network hardware components that are not IP routers.  Prior to the 1990s, routers were the only LAN components with sufficient flexibility to need security configuration.  Since the mid-1990s, hubs, switches, access servers, and other LAN components have been gaining substantial capabilities; many of them are as flexible and configurable as a router.  Such devices almost always support remote administration and management, and are therefore subject to compromise over the network.  Because they are vital to network operations and because they can be used as a staging area for additional attacks, it is important to configure them securely.    The discussion below focuses mainly on media -level network components: switches, managed hubs, and bridges.  These devices are characterized by participation in the network itself but forwarding and switching traffic based on a media layer address (e.g. an Ethernet MA C address).  Because they cannot perform network layer or transport layer traffic filtering, switches and hubs cannot generally enforce security policies on network traffic.  The focus for security for these devices is protecting their own configuration, and preventing their use by unauthorized individuals and attacker. Another kind of common network device that needs protection is the access server. An access server is a device that services a set of phone lines, and provides dial-up IP access for remote users.  These kinds of devices usually have very extensive security and  remote administration support, and configuring them securely requires a great deal of care.  Configuring access servers is outside the scope of this guide. 8.2.1.    Security Principles and Goals The general security goals for a switch or smart hub are similar to those for a router, but simpler because such a network component does not act as a boundary device between different networks.  The security goals for a switch or hub are listed below. § preventing unauthorized examination of device state and configuration § preventing unauthorized changes to the device state and configuration § preventing use of the device for attacking the local network § preventing unauthorized remote management/monitoring of the device To achieve these goals, the device must be configured to strictly limit all forms of access: physical, local connections, and remote network connections.  If possible, it is best to create a security checklist for LAN switches.  Follow the general form of the security checklist given at the end of Section 3.