|
Content Assessment: Prioritizing Security Next Steps? NSA Network Infrastructure Security Guidance
Information - 96%
Insight - 95%
Relevance - 97%
Objectivity - 92%
Authority - 96%
95%
Excellent
A short percentage-based assessment of the qualitative benefit of the newly published report from the NSA providing network infrastructure security guidance to assist administrators in preventing adversaries from exploiting their networks.
Editor’s Note: The National Security Agency/Central Security Service (NSA/CSS) leads the U.S. Government in cryptology that encompasses both signals intelligence (SIGINT) insights and cybersecurity products and services and enables computer network operations to gain a decisive advantage for the nation and our allies. The guidance [Network Infrastructure Security Guidance] in this recent report on network security from NSA/CSS was generated from a depth and breadth of experience in assisting NSA customers with evaluating their networks and providing recommendations to immediately harden network devices. Along with essential maintenance functions, the report highlights the important role administrators play in defending networks against adversarial threats. Following the guidance in this report will assist these network defenders in putting cybersecurity best practices into action, lowering the risk against compromise, and ensuring more secure and better-protected networks.
Press Announcement and Report
NSA Details Network Infrastructure Best Practices
National Security Agency
FORT MEADE, Md. — The National Security Agency (NSA) released [March 1, 2022] the “Network Infrastructure Security Guidance” Cybersecurity Technical Report today. The report captures best practices based on the depth and breadth of experience in supporting customers and responding to threats.
Network environments are dynamic and evolve as new technologies, exploits, and defenses affect them. While compromise occurs and is a risk to all networks, network administrators can greatly reduce the risk of incidents as well as reduce the potential impact in the event of a compromise. This guidance focuses on the design and configurations that protect against common vulnerabilities and weaknesses on existing networks.
Recommendations include perimeter and internal network defenses to improve monitoring and access controls throughout the network.
Existing networks likely have some or most of the recommended configurations and devices noted, so administrators can use the report to help prioritize the next steps in continuing to harden their network against cyber threats.
Read the original announcement.
Report Introduction Extract
Guidance for securing networks continues to evolve as new vulnerabilities are exploited by adversaries, new security features are implemented, and new methods of securing devices are identified. Improper configuration, incorrect handling of configurations, and weak encryption keys can expose vulnerabilities in the entire network. All networks are at risk of compromise, especially if devices are not properly configured and maintained. An administrator’s role is critical to securing the network against adversarial techniques and requires dedicated people to secure the devices, applications, and information on the network.
This report presents best practices for overall network security and protection of individual network devices and will assist administrators in preventing an adversary from exploiting their network. While the guidance presented here is generic and can be applied to many types of network devices, sample commands for Cisco Internetwork Operating System (IOS) devices are provided which can be executed to implement the recommendations.
National Security Cybersecurity Technical Report: Network Infrastructure Security Guidance (PDF)
CTR NSA NETWORK INFRASTRUCTURE SECURITY GUIDANCE 20220301Additional Reading
- [Annual Update] International Cyber Law in Practice: Interactive Toolkit
- Defining Cyber Discovery? A Definition and Framework
Source: ComplexDiscovery