Flaws in security settings of device configurations == open invitation to intruders

Assume that a department in your organization requests a temporary relaxation in the Access Control List (ACL) of a router in production to attend to an urgent business requirement. How do you handle this case?

Normally, in most of the enterprises, such requests are immediately accepted and the change in ACL would be deployed. But, due to lack of processes, the change/relaxation will not be rolled back even after the completion of the business requirement. The relaxation will be forgotten and stay on for ever inviting hackers to gain illegal access to your network.

As business needs are in a state of constant flux, administrators are forced to make changes in ACLs, SNMP community, routing protocols and similar security settings quite often. But, if the relaxations in security settings are not properly handled, intruders could create havoc on your network – access and expose confidential data, divert traffic to a fraudulent destination and even sabotage network operations.

In fact, cyber-security experts repeatedly stress that attackers always look for such easy holes in network devices like switches, routers, firewalls and other devices on the perimeter to gain illegal access to the network. Due to lack of processes, unknowingly, we tend to simplify the job of intruders.

What is the way out?

If you manage a large number of network devices, enforcing a manual process to take care of the security controls in device configurations will be cumbersome and error-prone. Automating the security controls is the efficient alternative to handle this.

DeviceExpert precisely helps achieve this with ease. You can define standard security settings or security standards for your device configurations. The security standards will comprehesively define the settings that are allowed, that are not allowed, the traffic filtering settings, protocols and other vital controls. The standards will be defined as a policy in DeviceExpert.

Once you define the policy, everything else is automated. DeviceExpert will automatically examine the configurations for compliance to the standards. If any of the settings violate the rules, alerts and reports will be generated. Even if you forget to rollback a temporary relaxation, DeviceExpert will alert you and help you rollback the changes in automated fashion.

In addition, DeviceExpert provides a comprehensive Security Audit Report out-of-the-box. This report analyses the security settings of your configurations and reports vulnerabilities and remediation tips.

With DeviceExpert, your network infrastructure will stay in top shape and you can ensure network security.


Try DeviceExpert now!
| DeviceExpert integrates with OpManager as NCM Plug-in


Bala


ManageEngine DeviceExpert


Video Demo

|

Free Trial Download

|

White Papers & Success Stories

You Can Learn More About the ManageEngine Product Line By Going to www.ManageEngine.ca

The original article/video can be found at Flaws in security settings of device configurations == open invitation to intruders

About the Author: Shannon Lewis

Leave a Reply Cancel reply