Ingress and Egress Filtering:
The ingress filtering make sure that the incoming packets are from the legitimate networks that they claim to be from. Egress filtering focus on monitoring and restricting the potential flow of information outbound from one network the other.
Access List Directional Filtering:
This type of filtering based on the direction of the traffic where the packet came from. Packets flowing towards the router's interface is consider as the inbound traffic and packets flowing away from the router's interface is consider as the outbound traffic.Apart from implementing various security aspects such as access control, disabling the unused services and perform logging operations on the router are equally important. Disabling the IOS network services which are not in use, can prevent unauthorized access through the ports required to be open for the network services.
List of IOS services which should be disable/restrict when not in used:
**Picture taken from INKS Lecture note,
T12 - Basic Router and Switch Security
Lastly, managing a proper logging system for the perimeter router can ensure the accountability for the network. In the event of any downtime or incident, the network administrator will be able to easily and quickly spot the errors or the person who create the error. Implementing the Syslog server on the perimeter router and encrypting the logs are recommended as the best practice.
Reference:
INKS week 2 lecture notes - Basic Router and Switch Security
http://en.wikipedia.org/wiki/Ingress_filtering
http://en.wikipedia.org/wiki/Egress_filtering
No comments:
Post a Comment