website creation on security policies

profileVamsi101
Router_Security_Policy.doc
Home>Computer Science homework help>website creation on security policies

Router Security Policy

1.0 Purpose

This document describes a required minimal security configuration for all routers and switches connecting to a production network or used in a production capacity at or on behalf of <Company Name>.

2.0 Scope

All routers and switches connected to <Company Name> production networks are affected. Routers and switches within internal, secured labs are not affected. Routers and switches within DMZ areas fall under the Internet DMZ Equipment Policy.

3.0 Policy

Every router must meet the following configuration standards:

1. No local user accounts are configured on the router. Routers must use TACACS+ for all user authentication.

2. The enable password on the router must be kept in a secure encrypted form. The router must have the enable password set to the current production router password from the router's support organization.

3. Disallow the following:

a. IP directed broadcasts

b. Incoming packets at the router sourced with invalid addresses such as RFC1918 address

c. TCP small services

d. UDP small services

e. All source routing

f. All web services running on router

4. Use corporate standardized SNMP community strings.

5. Access rules are to be added as business needs arise.

6. The router must be included in the corporate enterprise management system with a designated point of contact.

7. Each router must have the following statement posted in clear view:

"UNAUTHORIZED ACCESS TO THIS NETWORK DEVICE IS PROHIBITED. You must have explicit permission to access or configure this device. All activities performed on this device may be logged, and violations of this policy may result in disciplinary action, and may be reported to law enforcement. There is no right to privacy on this device."

4.0 Enforcement

Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.

5.0 Definitions

Terms Definitions

Production Network The "production network" is the network used in the daily business of <Company Name>. Any network connected to the corporate backbone, either directly or indirectly, which lacks an intervening firewall device. Any network whose impairment would result in direct loss of functionality to <Company Name> employees or impact their ability to do work.

Lab Network A "lab network" is defined as any network used for the purposes of testing, demonstrations, training, etc. Any network that is stand-alone or firewalled off from the production network(s) and whose impairment will not cause direct loss to <Company Name> nor affect the production network.

6.0 Revision History