isp responsibility
DESCRIPTION
ISP Responsibility. Working at a Small-to-Medium Business or ISP – Chapter 8. Objectives. Describe ISP security policies and procedures. Describe the tools used in implementing security at the ISP. Describe the monitoring and managing of the ISP. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/1.jpg)
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 1Version 4.1
ISP Responsibility
Working at a Small-to-Medium Business or ISP – Chapter 8
![Page 2: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/2.jpg)
2© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
Objectives Describe ISP security policies and procedures.
Describe the tools used in implementing security at the ISP.
Describe the monitoring and managing of the ISP.
Describe the responsibilities of the ISP with regard to maintenance and recovery.
![Page 3: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/3.jpg)
3© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
ISP Security Considerations Helping clients to create secure passwords
Securing applications
Removing vulnerabilities
Configuring firewalls
Performing security scans
![Page 4: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/4.jpg)
4© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
ISP Security ConsiderationsCommon security practices:
Encrypting data stored on servers
Using permissions to secure access
Implement user accounts
Assign levels of access
![Page 5: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/5.jpg)
5© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
ISP Security ConsiderationsThree steps used to reduce network vulnerability:
Authentication
Authorization
Accounting
![Page 6: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/6.jpg)
6© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
ISP Security Considerations Encryption: use the secure version of a protocol
whenever confidential data is being exchanged
![Page 7: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/7.jpg)
7© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
Security Tools Access control lists and port filtering protect
against DoS and DDoS attacks
![Page 8: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/8.jpg)
8© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
Security Tools Firewalls use ACLs to control which traffic is
passed or blocked
![Page 9: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/9.jpg)
9© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
Security Tools Intrusion Detection System (IDS)
Intrusion Prevention System (IPS)
![Page 10: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/10.jpg)
10© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
Security Tools Wireless security:
Changing default settings
Enabling authentication
MAC filtering
Encryption
![Page 11: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/11.jpg)
11© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
Security Tools Host-based firewalls control inbound and
outbound network traffic
![Page 12: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/12.jpg)
12© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
Security ToolsTargets of host security:
Known attacks
Exploitable services
Worms and viruses
Back doors and Trojans
![Page 13: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/13.jpg)
13© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
Monitoring and Managing the ISP Typical features of a Service Level Agreement
(SLA):
![Page 14: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/14.jpg)
14© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
Monitoring and Managing the ISP Monitoring network link performance
![Page 15: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/15.jpg)
15© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
Monitoring and Managing the ISPIn-band management:
Telnet Virtual Terminal (VTY) session
Secure Shell (SSH): preferred for security
![Page 16: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/16.jpg)
16© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
Monitoring and Managing the ISP SNMP enables administrators to gather data
about the network
Syslog uses syslog clients to generate and forward log messages to syslog servers
![Page 17: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/17.jpg)
17© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
Backups and Disaster Recovery Factors in choosing backup media:
Amount of data
Cost of media
Performance
Reliability
Ease of offsite storage
![Page 18: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/18.jpg)
18© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
Backups and Disaster RecoveryMethods of file backup:
Normal
Differential
Incremental
![Page 19: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/19.jpg)
19© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
Backups and Disaster RecoveryHow to ensure successful backups:
Swap media
Review backup logs
Trial restores
Drive maintenance
![Page 20: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/20.jpg)
20© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
Backups and Disaster Recovery Use TFTP to protect configurations and Cisco
IOS software
Restore a Cisco IOS image using TFTP in ROMmon mode
![Page 21: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/21.jpg)
21© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
Backups and Disaster Recovery Steps to designing an effective recovery plan:
![Page 22: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/22.jpg)
22© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
Backups and Disaster Recovery Phases to creating and implementing a disaster
recovery plan:
![Page 23: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/23.jpg)
23© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public
Summary ISPs provide desktop security services for customers, such
as creating passwords, implementing patches and updates, and assigning permissions.
Many protocols offer secure versions utilizing digital encryption, which should be used when the data being exchanged is confidential.
Port filtering and Access Lists use TCP and UDP port features to permit or deny traffic.
Firewalls can utilize hardware or software to define what traffic can come into or go out of parts of a network.
ISPs are responsible for providing efficient and effective backup and disaster recovery methods for their customers.
![Page 24: ISP Responsibility](https://reader035.vdocuments.site/reader035/viewer/2022062305/56813a42550346895da2301b/html5/thumbnails/24.jpg)
24© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public