Cisco Systems RJ-45-to-AUX manual Policy Networking, Access Security Policies, 254

Chapter 13: Policy Networking

In Depth

Behind all switching implementations and configurations lies an area that, if left unattended, can render you and your network defenseless: access security policies. In this chapter, we will discuss the need for and creation of access security policies; we will also focus on how to implement these policies.

Security is one of the most important functions in today’s networks. Without it, competitors would have access to various data warehouses, and hackers and common users would have an open invitation to your network. With e−commerce booming, the need to strengthen network security in order to reduce network intrusion and network vulnerabilities becomes increasingly important.

Once access policies have been created, it’s a great advantage to you, as the network administrator, to know how to implement these policies and how to distribute them. The following sections will cover this material in depth and explain how it relates to Internet Protocol (IP) switching and routing.

Access Security Policies

An access security policy is designed to help define what your network needs in order to be secure from all possible intrusions. Creating this policy for your business or entity allows you, as the network administrator, to provide service−level agreements (SLAs) based on a set of defined traffic and security standards.

An access security policy should define the following:

∙The physical security of all the devices in the network

∙Control of user access to the network through the implementation of virtual LANs (VLANs) and port security

∙What traffic should be allowed in and out of the network

∙Route filters to determine the data that should be sent through the network and what route filters should be applied at the Distribution layer

∙User groups that have access to each area of the network

∙Types of access each user group should have to the network

Each layer of the network has a different function and applies policies differently. Figure 13.1 shows the policies and switches found at each layer of the network. Policies defined in the access security policy need to be applied to all the devices in your network. In the following sections, we will address how security should be applied at each individual layer of the network.

254