With cybersecurity now the top concern for IT leaders and their team, dozens of organizations, including private companies, nonprofits, IT providers and cybersecurity vendors have released cyber-hardening guides over the last few years to help organizations secure their infrastructure.
The U.S. Cybersecurity and Infrastructure Agency, in particular, has been a leading voice when it comes to awareness, continuously releasing guides to help administrators secure their organizations’ network.
However, the National Security Agency (NSA) has also been an active voice, including with a recently released Network Infrastructure Security Guide designed to help administrators set up secure networks. The document includes guidance of properly configuring devices and networks.
In a brief press statement, the agency said network environments must evolve as new technologies, exploits and defenses affect them.
“While compromise occurs and is a risk to all networks, network administrators can greatly reduce the risk of incidents as well as reduce the potential impact in the event of a compromise,” the agency said.” This guidance focuses on the design and configurations that protect against common vulnerabilities and weaknesses on existing networks.”
The NSA’s network security report contains recommendations on perimeter and internal network security as well as guides on improving monitoring and access controls through the network.
According to the NSA, existing networks likely have most of the recommended configurations noted in the report, so admins should use the report to help prioritize next steps to help harden networks against malicious activity.
The 58-page report includes guidance on Zero Trust, network architecture and design, security maintenance, authentication, securing administrator accounts, remote logging and monitoring, remote administration and network services, routing, interface ports and notification banners.
Much of the report covers cybersecurity basics, such as password hygiene for admins and maintaining up-to-date systems, but also goes a bit further into topics including authentication procedures, the principle of least privilege, encryption and disabling unnecessary services.
Several times, the report identifies administrators as the IT professionals tasked with defending networks against adversarial threats, calling their role “critical” in doing so.
“Following this guidance will assist these network defenders with putting cybersecurity best practices into action, lowering the risk against compromise and ensuring a more secure and better protected network,” the report said.
Leave a Reply