CCNA Discovery 2 - Chapter 8

2,326 views
2,141 views

Published on

Published in: Technology, Education
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,326
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
4
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

CCNA Discovery 2 - Chapter 8

  1. 1. ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8Version 4.1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 1
  2. 2. Objectives Describe ISP security policies and procedures. Describe the tools used in implementing security at the ISP. Describe the monitoring and managing of the ISP. Describe the responsibilities of the ISP with regard to maintenance and recovery. © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 2
  3. 3. ISP Security Considerations Helping clients to create secure passwords Securing applications Removing vulnerabilities Configuring firewalls Performing security scans © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 3
  4. 4. ISP Security ConsiderationsCommon security practices: Encrypting data stored on servers Using permissions to secure access Implement user accounts Assign levels of access © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 4
  5. 5. ISP Security ConsiderationsThree steps used to reduce network vulnerability: Authentication Authorization Accounting © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 5
  6. 6. ISP Security Considerations Encryption: use the secure version of a protocol whenever confidential data is being exchanged © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 6
  7. 7. Security Tools Access control lists and port filtering protect against DoS and DDoS attacks © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 7
  8. 8. Security Tools Firewalls use ACLs to control which traffic is passed or blocked © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 8
  9. 9. Security Tools Intrusion Detection System (IDS) Intrusion Prevention System (IPS) © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 9
  10. 10. Security ToolsWireless security: Changing default settings Enabling authentication MAC filtering Encryption © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 10
  11. 11. Security Tools Host-based firewalls control inbound and outbound network traffic © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 11
  12. 12. Security ToolsTargets of host security: Known attacks Exploitable services Worms and viruses Back doors and Trojans © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 12
  13. 13. Monitoring and Managing the ISP Typical features of a Service Level Agreement (SLA): © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 13
  14. 14. Monitoring and Managing the ISP Monitoring network link performance © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 14
  15. 15. Monitoring and Managing the ISPIn-band management: Telnet Virtual Terminal (VTY) session Secure Shell (SSH): preferred for security © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 15
  16. 16. Monitoring and Managing the ISP SNMP enables administrators to gather data about the network Syslog uses syslog clients to generate and forward log messages to syslog servers © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 16
  17. 17. Backups and Disaster RecoveryFactors in choosing backup media: Amount of data Cost of media Performance Reliability Ease of offsite storage © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 17
  18. 18. Backups and Disaster RecoveryMethods of file backup: Normal Differential Incremental © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 18
  19. 19. Backups and Disaster RecoveryHow to ensure successful backups: Swap media Review backup logs Trial restores Drive maintenance © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 19
  20. 20. Backups and Disaster Recovery Use TFTP to protect configurations and Cisco IOS software Restore a Cisco IOS image using TFTP in ROMmon mode © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 20
  21. 21. Backups and Disaster Recovery Steps to designing an effective recovery plan: © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 21
  22. 22. Backups and Disaster Recovery Phases to creating and implementing a disaster recovery plan: © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 22
  23. 23. Summary ISPs provide desktop security services for customers, such as creating passwords, implementing patches and updates, and assigning permissions. Many protocols offer secure versions utilizing digital encryption, which should be used when the data being exchanged is confidential. Port filtering and Access Lists use TCP and UDP port features to permit or deny traffic. Firewalls can utilize hardware or software to define what traffic can come into or go out of parts of a network. ISPs are responsible for providing efficient and effective backup and disaster recovery methods for their customers. © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 23
  24. 24. © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 24

×