Chapter 13: Policy Networking; In Depth; Access Security Policies - Cisco RJ-45-to-AUX Brochure

Chapter 13: Policy Networking

In Depth

Behind all switching implementations and configurations lies an area that, if left unattended, can render you
and your network defenseless: access security policies. In this chapter, we will discuss the need for and
creation of access security policies; we will also focus on how to implement these policies.
Security is one of the most important functions in today's networks. Without it, competitors would have
access to various data warehouses, and hackers and common users would have an open invitation to your
network. With e−commerce booming, the need to strengthen network security in order to reduce network
intrusion and network vulnerabilities becomes increasingly important.
Note You can never count on network and data security even if it is in place, because it's only as
secure as you make it. To implement strong security measures, you must begin at the physical
device and extend them throughout your entire network.
Once access policies have been created, it's a great advantage to you, as the network administrator, to know
how to implement these policies and how to distribute them. The following sections will cover this material in
depth and explain how it relates to Internet Protocol (IP) switching and routing.

Access Security Policies

An access security policy is designed to help define what your network needs in order to be secure from all
possible intrusions. Creating this policy for your business or entity allows you, as the network administrator,
to provide service−level agreements (SLAs) based on a set of defined traffic and security standards.
An access security policy should define the following:
The physical security of all the devices in the network
Control of user access to the network through the implementation of virtual LANs (VLANs) and port
security
What traffic should be allowed in and out of the network
Route filters to determine the data that should be sent through the network and what route filters
should be applied at the Distribution layer
User groups that have access to each area of the network
Types of access each user group should have to the network
Each layer of the network has a different function and applies policies differently. Figure 13.1 shows the
policies and switches found at each layer of the network. Policies defined in the access security policy need to
be applied to all the devices in your network. In the following sections, we will address how security should
be applied at each individual layer of the network.
254