Cisco Device Hardening
Because of their important role in packet forwarding, Cisco routers make
attractive targets for network attacks. This chapter reviews how to harden
Cisco devices against the most common types of attacks.
Mitigating Network Attacks
Before starting to harden Cisco devices against attack, you need to understand
the types of attacks that are in common use today.
Cisco Self-Defending Network
The Cisco Self-Defending Network strategy consists of three interrelated
components:
■ Secure connectivity—Virtual private network (VPN) solutions,
including VPN-enabled routers, VPN concentrators, and VPN-enabled
firewalls
■ Threat defense—Cisco IOS-based and appliance-based firewalls
■ Trust and identity—Network Access Control (NAC), Cisco Secure
Access Control Server (ACS), and 802.1x