Network/Cyber/Cloud/Information Security and GRC(GRC-Governance Risk Compliance)/IT Management and Strategy/Project Management)

Advertisement

Important Links

IT Compliance, Standards, Guidelines, Frameworks and Industry Best Practices:

IT Security Standards:

International Standards:
ISO/IEC 27001 and 27002
National Standards:
NIST Cybersecurity Framework (National Institute of Standards and Technology)
Cyber Essentials Plus (National Cyber Security Centre (NCSC))(Cyber Essentials is a UK Government-backed, industry-supported scheme to help organisations protect themselves against common online threats.)
Industry-Specific Standards:
PCI DSS (Payment Card Industry Data Security Standard)
HIPAA (Health Insurance Portability and Accountability Act)

Security Advisories:

US-CERT:
https://www.us-cert.gov/ncas/current-activity
Palo Alto: https://securityadvisories.paloaltonetworks.com
Checkpoint: https://www.checkpoint.com/advisories/
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsecurityalerts=#severity=&type=Security+Alerts&product=&version=
Cisco: https://tools.cisco.com/security/center/publicationListing.x
Meraki: https://meraki.cisco.com/blog/cisco-meraki-customer-advisories
Juniper: https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES

EoL links:
Cisco: https://www.cisco.com/c/en/us/products/security/asa-5500-series-next-generation-firewalls/eos-eol-notice-listing.html
https://www.curvature.com/resources/cisco-end-of-life-guide
Palo Alto: https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-summary

https://www.paloaltonetworks.com/services/support/end-of-life-announcements/hardware-end-of-life-dates
Meraki: https://documentation.meraki.com/zGeneral_Administration/Other_Topics/Product_End-of-Life_(EOL)_Policies
Checkpoint: https://www.checkpoint.com/support-services/support-life-cycle-policy/

CVE (Common Vulnerabilities and Exposures) and CVSS (Common Vulnerability Scoring System):
https://www.cvedetails.com/cvss-score-distribution.php
https://nvd.nist.gov/vuln-metrics/cvss
https://cve.mitre.org/

Important Organizations:

  • United States Computer Emergency Readiness Team (US-CERT)
  • National Cybersecurity and Communications Integration Center (NCCIC)
  • Cybersecurity and Infrastructure Security Agency (CISA)
  • National Institute of Standards and Technology (NIST)
  • National Cyber Security Centre (NCSC)
  • National Security Agency (NSA)
  • Government Communications Headquarters (GCHQ)
  • Cybersecurity and Infrastructure Security Agency (CISA)
  • The Council for Registered Ethical Security Testers (CREST)

Gartner Magic Quadrant: NGFWs and SD-WAN:

Gartner Magic Quadrant for Network Firewalls 2021 | Hillstone Networks2021 Gartner Magic Quadrant Report for WAN Edge Infrastructure | Juniper  Networks

ISE (Identity Services Engine) Basic Configuration and Commands

Cisco Switch Dot1x Config:

Configuring Global AAA Parameters:

conf t
username admin privilege 15 secret Cisco123
aaa new-model
aaa authentication login default local
aaa authentication dot1x default group radius
aaa authorization network default group radius
aaa accounting dot1x default start-stop group radius

radius server Our-ISE
address ipv4 192.168.1.105 auth-port 1812 acct-port 1813
key Cisco123
automate-tester username testuser
exit

aaa group server radius Our-Group
server name Our-ISE
exit

radius-server dead-criteria time 3 tries 3
radius-server deadtime 15
aaa server radius dynamic-author
client 192.168.1.222
server-key Cisco123
exit

ip radius source-interface gig 0/1
radius-server vsa send authentication
radius-server vsa send accounting

dot1x system-auth-control
ip adevice tracking
end

wr

Switch Port Configuration:

conf t
vlan 10,20,30,80,999

int range fa 0/1-8
switchport host
switchport access vlan 999
authentication priority dot1x mab
authentication order dot1x mab
authentication event fail action next-method
authentication event server dead action authorise vlan 10
authentication event server alive action reinitialize
authentication host-mode multi-domain
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 5
authentication port-control auto
end

wr

Verification and Troubleshooting:
show int status (to check vlans the interfaces are)
show vlan brief (to see if the vlan now exists and an authenticated port it assigned to it)
show authentication sessions
show authentication sessions int fa 0/1 (MAC/IP/user/status/DACL/success/failure)

ISE:
Operations>RADIUS>Live Logs>Magnifying glass (detail) (shows the matching 5200 successful policy set/Authentication policy/Authorization policy)(Shows Switch/NAS IP and the switch port number)

ISO/IEC 27001 and 27002

ISO/IEC 27001 and 27002 (International Standards Organization/International Electrotechnical Commission)(International standards for ISMS (Information Security Management Systems))(10 sections known as clauses and 4.0 to 10.0 are mandatory)(Clause 6.0 requirements are also called Annex A which has 14 sections and 114 clauses)

https://www.itgovernance.co.uk/blog/iso-27001-the-14-control-sets-of-annex-a-explained

https://www.isms.online/iso-27001/requirements-controls/