Principles and Practise of Cisco Router Security

Lev Lafayette 2006

The foundation of network security is router security. As the gateway for the network, it is also the first line of defense. If the router is compromised, all else follows. Despite this, sparse information is available for this critically important device with most texts concentrating on network security. Whilst an important topic itself, and which there are some excellent resources available, network security per se is not the purpose of this talk. It is about router security in general and, given an approximate 80% market share, Cisco routers in particular.

Four main themes are discussed in this article. The first discusses router security within a general IT security plan, IOS software and standard access. The second theme discusses password security and authentication. The third theme discusses services, applications and protocol security. The final theme is concerned with NTP, logging and incident response. The article assumes a basic degree of knowledge of Cisco IOS, including Access Control Lists (ACLs).

About Lev Lafayette

Lev Lafayette is a sociologist by profession and a systems administrator by vocation. He is a doctoral candidate at the Ashworth Centre for Social Theory at the Department of History and Philosophy of Science at the University of Melbourne and has an honours degree from Murdoch University in Politics, Philosophy and Sociology. He has worked for the Parliament of Victoria as a database administrator and trainer, and for East Timor's Ministry of Foreign Affairs as their ICT Advisor in their first year of independence and is currently employed at the Victorian Partnership for Advanced Computing (VPAC).