My company would like to connect two external "untrusted" third parties to our internal network via Cisco routers. Although there are plans to restrict the ports, the protocols and use ACLs (Access Control Lists) to limit traffic to the minimal number of IP addresses, I am not comfortable with this setup. Do you think this is a bad idea? Or am I being overly cautious?
I understand and share your concerns. Simple ACLs (Access Control Lists) are not enough to handle traffic from an untrusted network, in my opinion. Make sure they are at least using stateful packet filtering, such as that available in the
firewall feature set for IOS. Also, given that the networks are untrusted, I'd enhance the detection capabilities beyond the router's function by deploying network-based
intrusion detection capabilities on the border network. Use a solid commercial IDS or even the free Snort tool to monitor for attacks. Using the firewall feature set, and a low-cost or free IDS can significantly help improve the security of your proposed set-up at minimal additional cost.
Best Web Links: Infrastructure and network security
On-demand webcast: IDS vs. IPS: Which is better?
Hacking through the firewall myth
This Content Component encountered an error
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.