Hardening CISCO Devices based on Cryptography and Security Protocols - Part One: Background Theory
Journal Title: Annals of Emerging Technologies in Computing - Year 2018, Vol 2, Issue 3
Abstract
Network Security is a vital part of any corporate and enterprise network. Network attacks greatly compromise not only the sensitive data of the consumers but also cause outages to these networks. Thus inadequately protected networks need to be “hardened”. The hardening of network devices refers to the hardware and software components, device operating system’s features, management controls, access-list restrictions, operational configurations and above all making sure that the data and credentials are not stored or transferred in ‘plaintext’ over the network. This article investigates the use of cryptography and network protocols based on encryption, to meet the need for essential security requirements. Use of non-secure protocols, underrating and misconfigurations of management protection are reasons behind network devices not properly being hardened; hence leaving vulnerabilities for the intruders. The gap identified after conducting intense search and review of past work is used as the foundation to present solutions. When performing cryptography techniques by encrypting packets using tunnelling and security protocols, management level credentials are encrypted. These include password encryption and exceptional analysis of the emulated IOS (Internetwork Operating System). Necessary testing is carried out to evaluate an acceptable level of protection of these devices. In a virtual testing environment, security flaws are found mainly in the emulated IOS. The discoveries does not depend on the hardware or chassis of a networking device. Since routers primarily rely on its Operating System (OS), attackers focus on manipulating the command line configuration before initiating an attack. Substantial work is devoted to implementation and testing of a router based on Cryptography and Security Protocols in the border router. This is deployed at the core layer and acts as the first point of entry of any trusted and untrusted traffic. A step-by-step hardening approach is adopted to secure the proposed network framework’s border router. Encrypted services coupled with best practice configurations are implemented and tested in an emulated environment. The use of protocol analysers, CISCO Configuration Professional’s Audit and penetration testing tools corroborated the success of the project.
Authors and Affiliations
Faisal Waheed, Maaruf Ali
Keywords
Related Articles
- EP ID EP350000
- DOI 10.33166/AETiC.2018.03.004
- Views 97
- Downloads 0
A Comparative Study of Data Mining Algorithms for High Detection Rate in Intrusion Detection System
Due to the fast growth and tradition of the internet over the last decades, the network security problems are increasing vigorously. Humans can not handle the speed of processes and the huge amount of data required to ha...
An Investigation on Exhaustion of SAP ERP Users: Influence of Pace of Change and Technostress
Despite recent growing research interest on ERP research, the understanding on ERP induced exhaustion is still limited. This study examines how the pace of change of ERP functionalities and interface causes exhaustion in...
Cultural, Economic and Societal Impacts on Users’ Behaviour and Mobile Broadband Adoption Trends
The diverse range of Internet enabled devices both mobile and fixed has not only impacted the global economy but the very fabric of human communications and lifestyles. The ease of access and lowered cost has enabled hit...
The Cascade Carry Array Multiplier – A Novel Structure of Digital Unsigned Multipliers for Low-Power Consumption and Ultra-Fast Applications
This article presents a low power consumption, high speed multiplier, based on a lowest transistor count novel structure when compared with other traditional multipliers. The proposed structure utilizes 4×4-bit adder uni...
Audio Networking in the Music Industry
This paper surveys the rôle of computer networking technologies in the music industry. A comparison of their relevant technologies, their defining advantages and disadvantages; analyses and discussion of the situation in...