Figure 1-1 Security Process
Secure
Test
Improve
Monitor
Evaluate
Evaluate
Evaluate
Evaluate
Step 1: Secure
Step 1 is to implement your network security design. This includes hardening your network
systems by installing security devices such as firewalls, intrusion detection sensors, and
authentication, authorization, and accounting (AAA) servers. Firewalls on the network
perimeter prevent unwanted traffic from entering the network. Firewalls within the network
verify that only authorized traffic moves from one network segment to another. Restrict
access to resources to only authorized users, and implement a strong password convention.
Implement data encryption to protect data that is passing from one network to another
across an unsecured connection (via the Internet) or to protect sensitive data within your
network. Cisco Security Appliance family of firewalls and Cisco Secure IDS are both
industry-leading network security devices that are commonly used for securing the network
perimeter and monitoring all traffic that traverses critical points on the network. The
purpose of this step is to prevent unauthorized access to the network and to protect network
resources.