Vro and vswitch Security Policy Example

As an administrator, it is extremely important to develop a set of basic security configuration policies for all network devices of the Organization. To this end, I share the security policies of routers and switches in a certain organization with you:

Router Security Policy Example:

1. the user account cannot be configured on the vro.

2. The enable password command on the vro must be saved in a secure encrypted format.

3. Disable direct IP address broadcast.

4. the router should block data packets whose source address is invalid.

5. Add access rules when your business needs to grow.

6. A vro should be placed in a safe location and its physical access is limited to authorized individuals.

7. Each vro must clearly identify the following statement:

"NOTE: unauthorized access to this network device is prohibited. You must have a clear permission to access or configure the device. All activities performed on this device must be recorded. Violations of this policy will be disciplined and may be taken to justice ."

Each network switch must meet the following configuration standards:

1. user accounts cannot be configured on vswitches.

2. The enable password command on the vswitch must be saved in a secure encrypted format.

3. If the MAC horizontal address of the switch can be locked, this function should be enabled.

4. If a new or unregistered MAC address appears on a port, disable it.

5. If the link is disconnected and re-established, an SNMP trap should be generated.

6. A vswitch should be placed in a safe location and its physical access should be restricted to authorized individuals.

7. The switch should disable any Web server software. If you need such software to maintain the switch, you should start the server to configure the switch and then disable it. All access control for administrator functions should be enabled.

8. Each vswitch must clearly identify the following statement:

"NOTE: unauthorized access to this network device is prohibited. You must have a clear permission to access or configure the device. All activities performed on this device must be recorded. Violations of this policy will be disciplined and may be taken to justice ." These security requirements may not be suitable for your organization and are for your reference only.

Related Articles]

• Topic: routing knowledge Column

• Topic: Switch Security