1 / 24

ISP Responsibility

ISP Responsibility. Working at a Small-to-Medium Business or ISP – Chapter 8. Objectives. Describe ISP security policies and procedures. Describe the tools used in implementing security at the ISP. Describe the monitoring and managing of the ISP.

dayton
Download Presentation

ISP Responsibility

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8

  2. Objectives • Describe ISP security policies and procedures. • Describe the tools used in implementing security at the ISP. • Describe the monitoring and managing of the ISP. • Describe the responsibilities of the ISP with regard to maintenance and recovery.

  3. ISP Security Considerations • Helping clients to create secure passwords • Securing applications • Removing vulnerabilities • Configuring firewalls • Performing security scans

  4. ISP Security Considerations Common security practices: • Encrypting data stored on servers • Using permissions to secure access • Implement user accounts • Assign levels of access

  5. ISP Security Considerations Three steps used to reduce network vulnerability: • Authentication • Authorization • Accounting

  6. ISP Security Considerations • Encryption: use the secure version of a protocol whenever confidential data is being exchanged

  7. Security Tools • Access control lists and port filtering protect against DoS and DDoS attacks

  8. Security Tools • Firewalls use ACLs to control which traffic is passed or blocked

  9. Security Tools • Intrusion Detection System (IDS) • Intrusion Prevention System (IPS)

  10. Security Tools Wireless security: • Changing default settings • Enabling authentication • MAC filtering • Encryption

  11. Security Tools • Host-based firewalls control inbound and outbound network traffic

  12. Security Tools Targets of host security: • Known attacks • Exploitable services • Worms and viruses • Back doors and Trojans

  13. Monitoring and Managing the ISP • Typical features of a Service Level Agreement (SLA):

  14. Monitoring and Managing the ISP • Monitoring network link performance

  15. Monitoring and Managing the ISP In-band management: • Telnet Virtual Terminal (VTY) session • Secure Shell (SSH): preferred for security

  16. Monitoring and Managing the ISP • SNMP enables administrators to gather data about the network • Syslog uses syslog clients to generate and forward log messages to syslog servers

  17. Backups and Disaster Recovery Factors in choosing backup media: • Amount of data • Cost of media • Performance • Reliability • Ease of offsite storage

  18. Backups and Disaster Recovery Methods of file backup: • Normal • Differential • Incremental

  19. Backups and Disaster Recovery How to ensure successful backups: • Swap media • Review backup logs • Trial restores • Drive maintenance

  20. Backups and Disaster Recovery • Use TFTP to protect configurations and Cisco IOS software • Restore a Cisco IOS image using TFTP in ROMmon mode

  21. Backups and Disaster Recovery • Steps to designing an effective recovery plan:

  22. Backups and Disaster Recovery • Phases to creating and implementing a disaster recovery plan:

  23. Summary • ISPs provide desktop security services for customers, such as creating passwords, implementing patches and updates, and assigning permissions. • Many protocols offer secure versions utilizing digital encryption, which should be used when the data being exchanged is confidential. • Port filtering and Access Lists use TCP and UDP port features to permit or deny traffic. • Firewalls can utilize hardware or software to define what traffic can come into or go out of parts of a network. • ISPs are responsible for providing efficient and effective backup and disaster recovery methods for their customers.

More Related