Network Consultant’s/Engineer’s Handbook (Professional and Managed Services)

Important Links

IT Compliance, Standards, Guidelines, Frameworks and Industry Best Practices:

IT Security Standards:

International Standards:
ISO/IEC 27001 and 27002
National Standards:
NIST Cybersecurity Framework (National Institute of Standards and Technology)
Cyber Essentials Plus (National Cyber Security Centre (NCSC))(Cyber Essentials is a UK Government-backed, industry-supported scheme to help organisations protect themselves against common online threats.)
Industry-Specific Standards:
PCI DSS (Payment Card Industry Data Security Standard)
HIPAA (Health Insurance Portability and Accountability Act)

Security Advisories:

US-CERT:
https://www.us-cert.gov/ncas/current-activity
Palo Alto: https://securityadvisories.paloaltonetworks.com
Checkpoint: https://www.checkpoint.com/advisories/
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsecurityalerts=#severity=&type=Security+Alerts&product=&version=
Cisco: https://tools.cisco.com/security/center/publicationListing.x
Meraki: https://meraki.cisco.com/blog/cisco-meraki-customer-advisories
Juniper: https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES

EoL links:
Cisco: https://www.cisco.com/c/en/us/products/security/asa-5500-series-next-generation-firewalls/eos-eol-notice-listing.html
https://www.curvature.com/resources/cisco-end-of-life-guide
Palo Alto: https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-summary

https://www.paloaltonetworks.com/services/support/end-of-life-announcements/hardware-end-of-life-dates
Meraki: https://documentation.meraki.com/zGeneral_Administration/Other_Topics/Product_End-of-Life_(EOL)_Policies
Checkpoint: https://www.checkpoint.com/support-services/support-life-cycle-policy/

CVE (Common Vulnerabilities and Exposures) and CVSS (Common Vulnerability Scoring System):
https://www.cvedetails.com/cvss-score-distribution.php
https://nvd.nist.gov/vuln-metrics/cvss
https://cve.mitre.org/

Important Organizations:

  • United States Computer Emergency Readiness Team (US-CERT)
  • National Cybersecurity and Communications Integration Center (NCCIC)
  • Cybersecurity and Infrastructure Security Agency (CISA)
  • National Institute of Standards and Technology (NIST)
  • National Cyber Security Centre (NCSC)
  • National Security Agency (NSA)
  • Government Communications Headquarters (GCHQ)
  • Cybersecurity and Infrastructure Security Agency (CISA)
  • The Council for Registered Ethical Security Testers (CREST)

Gartner Magic Quadrant: NGFWs and SD-WAN:

Gartner Magic Quadrant for Network Firewalls 2021 | Hillstone Networks2021 Gartner Magic Quadrant Report for WAN Edge Infrastructure | Juniper  Networks

ISO/IEC 27001 and 27002

ISO/IEC 27001 and 27002 (International Standards Organization/International Electrotechnical Commission)(International standards for ISMS (Information Security Management Systems))(10 sections known as clauses and 4.0 to 10.0 are mandatory)(Clause 6.0 requirements are also called Annex A which has 14 sections and 114 clauses)

https://www.itgovernance.co.uk/blog/iso-27001-the-14-control-sets-of-annex-a-explained

https://www.isms.online/iso-27001/requirements-controls/

SNMP Configuration Cisco

Switches

ip access-list standard SNMP-Permitted
10 permit 192.168.130.242


1.3.6.1.2.1.4.21 – ipRouteTable (IP route table)
1.3.6.1.2.1.4.22 – ipNetToMediaTable (IPv4 ARP table) (deprecated by ipNetToPhysicalTable)
1.3.6.1.2.1.4.35 – ipNetToPhysicalTable (combined IPv4/IPv6 translation table)
1.3.6.1.2.1.3 – atTable (layer two address table)

and

snmpUsmMIB, snmpVacmMIB, and snmpCommunityMIB Objects excluded below


snmp-server view Company-RO iso included
snmp-server view Company-RO 1.3.6.1.2.1.4.21 excluded
snmp-server view Company-RO 1.3.6.1.2.1.4.22 excluded
snmp-server view Company-RO 1.3.6.1.2.1.4.35 excluded
snmp-server view Company-RO 1.3.6.1.2.1.3 excluded
snmp-server view Company-RO 1.3.6.1.6.3.15 excluded
snmp-server view Company-RO 1.3.6.1.6.3.16 excluded
snmp-server view Company-RO 1.3.6.1.6.3.18 excluded

snmp-server enable traps
snmp-server ifindex persist
snmp-server engineID local 8000000903005C710DE1D280
snmp-server location London
snmp-server contact support@Company.com
snmp-server group Company_snmp_mon_grp v3 priv read Company-RO access SNMP-Permitted
snmp-server user Company_snmp_mon Company_snmp_mon_grp v3 auth sha 3ZU50CjGs56ikZwxVLLy-5bm07WEQo priv aes 128 09pxfF-HTIJnhxZvL_vJ-VBKZawXqN

snmp-server host 192.168.130.242
snmp-server host 192.168.130.242 version 3 priv Company_snmp_mon