Pakhnyushchyy - Fotolia
What is the Border Router Security Tool (BRST) and how does work? Should it be considered for use in an enterprise security strategy?
"Securing the Internet one router at a time."
That's the worthy goal of the Border Router Security Tool.
BRST provides a means for organizations to easily configure routers before deploying them, when upgrading and so on. This approach lends itself to more consistent standards and, presumably, better security.
Various options for configuring your router include:
- Enabling/disabling global and internal network segment services such as DHCP, HTTP, Finger and IP redirect;
- Identifying a trusted computer for remote access;
- Configuring a DMZ; and
- Enabling logging.
Here's a snippet of the Border Router Security Tool interface:
There's also a downloadable version of the Border Router Security Tool available on GitHub if you want to use it internally on your network.
I don't think there's anything wrong with using such a tool in your enterprise security strategy. If anything, it can increase productivity and ensure standardization across systems. I can't imagine any IT professional not being able to benefit from such an approach. As the tool suggests, just be careful entering in potentially sensitive configuration information and passwords that could end up being used against you at some point.
Ask the Expert:
Have a question about network security? Send it via email today. (All questions are anonymous.)
Learn more about using routers to boost network firewall security
Dig Deeper on Network device security: Appliances, firewalls and switches
Related Q&A from Kevin Beaver
Explore the differing roles of inbound versus outbound firewall rules for enterprise network security and the varying use cases for each. Continue Reading
Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective ... Continue Reading
Different tools protect different assets at the network and application layers. But both network and application security need to support the larger ... Continue Reading