Device Security Overview

Port Numbers

• Port Numbers & Network Services: Each network-based service has an open port number, which acts as an entry point.
• Managing Open Ports:
  • Keep ports open only for active services.
  • Close ports for unused services to enhance security.
• Firewalls: Control device connection access via firewalls.
• Third-party Port Scanning Tools:
  • Use tools like InMap to identify open ports and decide on necessary actions.

Default Credentials

• Standard Credentials: Often set for devices like routers, switches, firewalls.
• Security Risk: Default credentials can allow unauthorized access.
• Database of Default Credentials: Accessible at routerpasswords.com.

Switch Network Security

• Port Security:
  • Prevent unauthorized access by monitoring MAC addresses.
  • Configure allowed MAC addresses per interface.
• Disabling Unused Interfaces:
  • Disable interfaces not in use to prevent unauthorized access.
  • Requires additional management but enhances security.

Network Access Control (NAC)

• 802.1X Authentication: Requires authentication before network access.
• MAC Address Filtering:
  • Used to restrict network access based on device MAC addresses.
  • Can be circumvented, categorized as security through obscurity.

Key Management

• Managing Authentication Details:
  • Includes certificates, encryption keys, etc.
  • Third-party software can centralize key management.
• Key Management Features:
  • Creation, renewal, and revocation of keys.
  • Monitoring and reporting on key usage.
• SSL and SSH Key Management:
  • Centralized management allows for easy monitoring and renewal.
  • Detailed reports available for key usage and authentication.