US intelligence agency lays out security steps IT admins should take to protect their infrastructure from threats. Credit: gorodenkoff The National Security Agency this week detailed recommendations for businesses to secure their network infrastructure against attacks, giving safe configuration tips for commonly used networking protocols and urging the use of basic security measures for all networks. The NSA’s report highlighted the importance of zero trust principles for network security, but the bulk of it covers specific steps network administrators should take to keep their infrastructure safe from compromise. Configuration tips for network admins include the use of secure, frequently changed passwords for all administrative accounts, limiting login attempts, and keeping potentially vulnerable systems patched and up-to-date. The report also describes safe configurations for SSH (secure shell), HTTP and SNMP (simple network management protocol). “Improper configuration, incorrect handling of configurations, and weak encryption keys can expose vulnerabilities in the entire network,” the report said. “All networks are at risk of compromise, especially if devices are not properly configured and maintained.” The NSA, additionally, recommended the use of network access control systems as an extra layer of security for enterprise networks. The idea is to implement a robust system for identifying individual devices on a network, as port security can be difficult to manage and tracking connected devices via MAC address can be circumvented by an attacker. The use of centralized authorization, authentication and accounting servers are also being highlighted as a strong security measure by the NSA. This helps avoid the use of potentially vulnerable legacy authentication technologies, since they don’t rely on credentials stored on connected devices, which can be relatively simple to compromise. Doubling up on deployment of AAA servers—which handle requests for system resources—provides a level of redundancy and can help detect and prevent malicious activity more easily, according to the agency. Robust logging techniques are another key technique for keeping enterprise networks safe, ensuring that network infrastructure is capturing a sufficient amount of log data makes identifying and tracking a potential attack much simpler than it would otherwise be, the NSA said. Login attempts, successful or unsuccessful, are particularly important for this, but the agency noted that generating too many messages could complicate log reviews. The NSA report, available for download, contains detailed instructions for Cisco IOS users on how to accomplish many of the tasks it suggests, but the general principles are valid for users of any vendor’s networking gear. Related content how-to Doing tricks on the Linux command line Linux tricks can make even the more complicated Linux commands easier, more fun and more rewarding. By Sandra Henry-Stocker Dec 08, 2023 5 mins Linux news TSMC bets on AI chips for revival of growth in semiconductor demand Executives at the chip manufacturer are still optimistic about the revenue potential of AI, as Nvidia and its partners say new GPUs have a lead time of up to 52 weeks. By Sam Reynolds Dec 08, 2023 3 mins CPUs and Processors Technology Industry news End of road for VMware’s end-user computing and security units: Broadcom Broadcom is refocusing VMWare on creating private and hybrid cloud environments for large enterprises and divesting its non-core assets. By Sam Reynolds Dec 08, 2023 3 mins Mergers and Acquisitions news analysis IBM cloud service aims to deliver secure, multicloud connectivity IBM Hybrid Cloud Mesh is a multicloud networking service that includes IT discovery, security, monitoring and traffic-engineering capabilities. By Michael Cooney Dec 07, 2023 3 mins Network Security Cloud Computing Networking Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe