Assume that a department in your organization requests a temporary relaxation in the Access Control List (ACL) of a router in production to attend to an urgent business requirement. How do you handle this case?
As business needs are in a state of constant flux, administrators are forced to make changes in ACLs, SNMP community, routing protocols and similar security settings quite often. But, if the relaxations in security settings are not properly handled, intruders could create havoc on your network – access and expose confidential data, divert traffic to a fraudulent destination and even sabotage network operations.
What is the way out?
DeviceExpert precisely helps achieve this with ease. You can define standard security settings or security standards for your device configurations. The security standards will comprehesively define the settings that are allowed, that are not allowed, the traffic filtering settings, protocols and other vital controls. The standards will be defined as a policy in DeviceExpert.
Once you define the policy, everything else is automated. DeviceExpert will automatically examine the configurations for compliance to the standards. If any of the settings violate the rules, alerts and reports will be generated. Even if you forget to rollback a temporary relaxation, DeviceExpert will alert you and help you rollback the changes in automated fashion.
In addition, DeviceExpert provides a comprehensive Security Audit Report out-of-the-box. This report analyses the security settings of your configurations and reports vulnerabilities and remediation tips.
With DeviceExpert, your network infrastructure will stay in top shape and you can ensure network security.
The original article/video can be found at Flaws in security settings of device configurations == open invitation to intruders