NSA publishes network security guide

March 19, 2022
| No comments
NSA publishes network security guide

Share post

The US espionage agency NSA has published a guide to protecting networks from attacks - probably also as a reaction to the war and cyber attacks in Ukraine: "Cybersecurity Technical Report (CTR): Network Infrastructure Security Guidance".

The US National Security Agency (NSA) has just published new guidelines for protecting IT networks from cyber attacks. The report entitled "Cybersecurity Technical Report (CTR): Network Infrastructure Security Guidance" (as PDF) is available free of charge to all network administrators and CIOs to protect their networks from cyber attacks.

Guide in Response to Russian Cyber ​​Attacks

The release can also be seen as a response to the massive cyberattacks by Russian and Belarusian hackers on Ukraine, which used DDoS attacks as well as a new disc wiper malware called Hermetic. The security situation worldwide has become even more tense since then and various security agencies such as the FBI and BSI have increased their warning levels (we reported). The US Agency for Cybersecurity and Infrastructure Security (CISA) also recommends that those responsible in the US and worldwide read the NSA document and apply the recommendations made therein.

The report covers everything from network design and password management to remote logging and management, update and patch management, and the most important Exchange algorithms. Network protocols such as Network Time Protocol, SSH, HTTP and Simple Network Management Protocol (SNMP) are also covered.

Notes on Zero Trust Rules

In addition, the document deals with the introduction of "zero trust" rules, which we also reported on here recently. US federal authorities must implement this standard by 2024, and the National Institute of Standards and Technology (NIST) has already published a corresponding handout, which the NSA report now follows and makes recommendations for implementation. This involves installing routers, using multiple vendors, and creating firewalls that reduce the potential for an exploit.

But the report is also worth reading for companies and organizations for which Zero Trust is still out of reach, because it provides valuable assistance in eliminating the most common weak points in existing networks.

More tips and guides

The NSA's free guide "Cybersecurity Technical Report (CTR): Network Infrastructure Security Guidance" (Image: NSA)

Among other things, dealing with Cisco and its widespread IOS network software for routers and switches is discussed. It also covers how to store passwords using the algorithms that Cisco IOS devices use. In addition, it is recommended:

  • Group similar systems within a network to protect against the attacker spreading to neighboring systems after a compromise.
  • Remove backdoor connections between devices on the network, use strict perimeter access control lists, and implement network access control (NAC) that authenticates individual devices connected to the network.
  • For VPNs, disable all unneeded features and implement strict traffic filtering rules. The document also specifies the algorithms that should be used for key exchange in IPSec VPN configurations.
  • Local administrator accounts should be protected with a unique and complex password.

The NSA also recommends enforcing a new password policy and warns against default settings that bring administrative rights by default. Administrators should therefore remove all default configurations and then reconfigure them with a unique secure account for each administrator. Last but not least, the special challenges of the past two years are taken into account with guidelines for the selection of suitable VPN networks. The NSA Guide can be downloaded free of charge as a PDF file.

More at 8Com.de

 

About 8com

The 8com Cyber ​​Defense Center effectively protects the digital infrastructures of 8coms customers from cyber attacks. It includes security information and event management (SIEM), vulnerability management and professional penetration tests. It also offers the setup and integration of an Information Security Management System (ISMS) including certification according to current standards. Awareness measures, security training and incident response management round off the offer.

 

Matching articles on the topic

Cybersecurity platform with protection for 5G environments

Cybersecurity specialist Trend Micro unveils its platform-based approach to protecting organizations' ever-expanding attack surface, including securing ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

Windows operating systems: Almost two million computers at risk

There are no longer any updates for the Windows 7 and 8 operating systems. This means open security gaps and therefore worthwhile and ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

DSPM product suite for Zero Trust Data Security

Data Security Posture Management – ​​DSPM for short – is crucial for companies to ensure cyber resilience against the multitude ➡ Read more

Data encryption: More security on cloud platforms

Online platforms are often the target of cyberattacks, such as Trello recently. 5 tips ensure more effective data encryption in the cloud ➡ Read more

PR News