HostedDB - Dedicated UNIX Servers
index_37
UNCLASSIFIED Router Security Principles and Goals  Version 1.0g  UNCLASSIFIED 37   3.3.2.    Updating the Router Periodically the router will require updates to be loaded for either the operating system or the configuration file.  These updates are necessary for one or more of the following reasons:  to fix known security vulnerabilities, to support new features that allow more advanced security policies or to improve performance.  Before updating the administrator should complete some checks.  Determine the memory requirements for the update, and if necessary install additional memory to the router.   Set up and test file transfer capability between the administrator’s computer and the router.  Schedule the required downtime (usually after regular business hours) for the router to perform the update. After obtaining an update from the router vendor, the administrator should follow procedures similar to the following.  Shut down or disconnect the interfaces on the router.  Back up the current operating system and the current configuration file to the administrator’s computer.  Load the update for either the operating system or for the configuration file.  Perform tests to confirm that the update works properly.  If the tests are successful then restore or reconnect the interfaces on the router.  If the tests are not successful then back out the update.   3.3.3.    Logging Logging on a router offers several benefits.  It informs the administrator if the router is working properly or has been compromised.  It can also show what types of attacks are being attempted against the router or the protected network.    Configuring logging on the router should be done carefully.  The administrator should have the router logs sent to a log host, which is a dedicated computer on the protected or trusted network whose only job is to store logs.  Harden the log host by removing all unnecessary services and accounts.  Set the level of loggin g on the router to one that meets the needs of the security policy, and expect to modify the log settings as the network evolves.  The logging level may need to be modified based on how much of the log information is useful to the administrator.  Two areas that should be logged are (1) matches to filter rules that deny access, and (2) changes to the router configuration.    Accurate timestamps are important to logging.  All routers are capable of maintaining their own time-of-day, but this is usually not sufficient.  Instead, direct the router to at least two different reliable time servers to ensure accuracy and availability of time information.  Also, direct the logging host to the reliable time servers. Include a timestamp in each log message.  This will allow the administrator to trace network attacks more credibly.  Finally, consider also sending the logs to a dedicated printer to deal with worst case scenarios, e.g., failure of the log host.