ITM Tech Cybersecurity Essentials Booklet - Flipbook - Page 31
12.1 Ensure Network Infrastructure
is Up-to-Date
Network
Protect
12.2 Establish and Maintain a Secure
Network Architecture
Network
Protect
12.3 Securely Manage Network
Infrastructure
Network
Identify
12.5 Centralise Network
Authentication, Authorisation,
and Auditing (AAA)
Network
Protect
12.6 Use of Secure Network
Management and
Communication Protocols
Network
Protect
12.7 Ensure Remote Devices Utilise
a VPN and are Connecting
to an Enterprise’s AAA
Infrastructure
Devices
Protect
12.8 Establish and Maintain
Dedicated Computing
Resources for All
Administrative Work
Devices
Safeguards Total
8
IG1
1/8
IG2
7/8
IG3
8/8
Establish, implement, and actively manage (track, report, correct) network
devices, in order to prevent attackers from exploiting vulnerable network
services and access points.
Why Is This CIS Control Critical?
Protect
12.4 Establish and Maintain
Architecture Diagram(s)
Network
12 - Network Infrastructure Management
Protect
Secure network infrastructure is an
essential defense against attacks.
This includes an appropriate security
architecture, addressing vulnerabilities that
are, often times, introduced with default
settings, monitoring for changes, and
reassessment of current configurations.
Network infrastructure includes devices
such as physical and virtualised gateways,
firewalls, wireless access points, routers,
and switches.
Default configurations for network devices
are geared for ease-of-deployment and
ease-of-use—not security. Potential
default vulnerabilities include open
services and ports, default accounts and
passwords (including service accounts),
support for older vulnerable protocols, and
pre-installation of unneeded software.
Attackers search for vulnerable default
settings, gaps or inconsistencies in firewall
rule sets, routers, and switches and use
those holes to penetrate defenses.
They exploit flaws in these devices to
gain access to networks, redirect traffic
on a network, and intercept data while in
transmission.
Network security is a constantly
changing environment that necessitates
regular re-evaluation of architecture
diagrams, configurations, access controls,
and allowed traffic flows. Attackers
take advantage of network device
configurations becoming less secure over
time as users demand exceptions for
specific business needs.
CONTROL 12
THE SAFEGUARDS
31
1
2
3
4
5
Asset Type Security Function
1= Asset Type
2= Security Function
3= Implentation Group 1
4= Implentation Group 2
5= Implentation Group 3
Did You Know?
Research from Gartner suggests that, through 2022, 99% of firewall breaches will be caused
by simple firewall misconfigurations. Regular and ongoing Network Configuration Monitoring
and Audits can help pick up any weak points. We can work with you to develop a plan.
