It’s officially spring and for a lot of us that means spring cleaning – the attic, garage, basement, or just all those papers off the desk in the office. While you’re cleaning and reorganizing your personal life it’s also a good idea to take a look at your network and make sure that is cleaned up too. Below is a list of our top 8 best practices for cleaning up your network and devices.
Access Class Review
If you have an ACL configured limiting remote access to your network devices, validate that the ACLs are limited to only networks that should have access. If you don’t have ACLs applied for remote administration, we would suggest looking at that and applying.
Evaluate your switch to switch trunk ports and your trunk ports to hypervisors, like VMware. Sometimes these trunks are enabled with no filtering and allow VLANs on trunks that are not required. This allows unneeded traffic to utilize the port (i.e. broadcast traffic). Not pruning VLANs could also be a security risk. You can resolve this by enabling VLAN pruning on each trunk as needed.
Over time, as the network changes, syslog servers are added and removed from the network, however we often forget to go back and remove unneeded syslog servers from our device configurations. We recommend reviewing the syslog server configurations on each of your network devices to ensure unneeded syslog messages aren’t being sent to hosts that no longer exist.
SNMP Access List
Like access classes, access lists control what servers can pull your network devices. We would recommend limiting those hosts with an ACL. Now is a good time to review those ACLs to ensure they are still valid, and if they don’t exist create new ACLs and apply them to SNMP communities.
Firewall Policy Review
Spring cleaning is a great time to review your Internet facing policy and remove unneeded open ports or hosts. A good way to determine what’s being used is to review the hiit count on the access list for Cisco firewalls and routers (other firewall devices may have a different way to view the hiit count). ACLs with low or no hiit count are candidates for removal upon review. It also is a good time to look at rules that may no longer make sense or are no longer needed for your environment.
If you have comparable model devices in your environment, we recommend standardizing an IOS or software version across all like devices. Additionally, it’s a good time to review your current IOS versions against known security vulnerabilities and updating based on if the vulnerability applies to you or how critical it is in nature.
This is also a good time to dust off those old network diagrams and ensure all devices and/ or sites are captured and documented. Additionally, if you leverage a monitoring tool ensure those devices are also up to date in your tool. We recommend all our customer environments be monitored. If you want to learn more about the tool we use to monitor our customer environments, contact us.
Review User Accounts
While your cleaning up your network it’s a good idea to make sure your active user list is up to date. Any accounts for terminated users with network access can cause a security risk as they can be used to access sensitive data. It takes minimal time to audit your user list and ensure only those who should be accessing your network can.
If you are thinking about doing some spring cleaning for your network and have questions or don’t know where to start contact us to discuss our support and management offers.
Written By: Sean Barr, LookingPoint CEO