Cisco 交换机加固(国外英语资料).doc

Cisco 交换机加固(国外英语资料) Security reinforcement of Cisco routers and switches Keywords: Cisco, IOS, information security According to the cask theory, how much water a cask can hold depends on the shortest piece of wood in that barrel. Specific to the security of the information system is the same, the safety degree of the whole information system depends on the weakest link in the information system, the network as the information system, the importance of safety requirements is obviously the. The network level security mainly has two aspects, one is the data security level, the use of ACL technology, the auxiliary application system to enhance the overall security system; two is to control the level of security, through restrictions on their own network access equipment, enhance network equipments safety. The data level security in my network layer access control -- ACL (http: ///bang/776870935721410561712713.shtml) detailed discussions have been systematically. This article focuses on the level of control, that is, the safety of the equipment itself, which is still discussed in the case of CISCO equipment with the largest market share. A major security control level, and deal with the principle of CO An operating system control level of network equipment is the essence of the operation, since it is an operating system, then, the threat of network equipment of other operating system may meet the security of all possible; sum up as follows: 1, the systems own shortcomings: operating systems as a complex system, no matter how carefully tested before release, there will always be defects. The only way to do this is to patch up the system as soon as possible. The difference between Cisco IOS/Catos and other general operating system is IOS/Catos, the whole system will need to replace the system patched, can query the http: ///en/US/customer/products/prod_security_advisories_list.htmls latest Cisco Security Bulletin information and patch information. 2, the system