Keep the router configuration safe

Routers are a very important component in enterprise networking. When clients request information, the server provides information, the switch connects clients and servers to each other, and the router works on the network.

The security you add when managing a router can make a lot of difference between providing a functional and responsive network or an independent intranet that does not provide services. Follow these steps to keep the router safe.

Managing routers starts with how you configure them. If there is no detailed documentation for configuring routers, you need to create a copy.

If you need any help, see this guide (English). These instructions are very complete and provide a great starting point.

Setting up and documenting how to configure the router gives you an important first step to securely managing that configuration: Downloading and storing the initial basic configuration in a secure location is a good thing to do. .

Ideally, you should perform the initial configuration from the control device and store it on a network drive. Most importantly, don't store it on a laptop hard drive! Laptop devices (For example, laptops, PDAs, memory sticks .) are vulnerable to theft, which can compromise the integrity and functionality of the entire network.

After downloading the configuration, the next step is to synchronize the running configuration with the boot configuration. But don't think you have completed the router and run it on the network. You need to maintain that configuration and make changes periodically.

Some administrators prefer making changes online, while others prefer making offline changes and then loading configuration data. Both have their own benefits.

When changing online, you can immediately respond and check. For example, the router will alert if you enter an incorrect command. In addition, if you make changes that cause many problems with the network, you will know right away.

On the other hand, if you make offline changes, you have the opportunity to add comments and edit the router configuration. However, this method does not provide syntax checking or feedback if there is a change.

If you decide to use an offline approach, be sure to use a secure method of configuration distribution. The Trivial File Transfer Protocol (TFTP) is not the recommended method because it does not provide security for connection configuration or distribution. You should use the File Transfer Protocol (FTP) transfer protocol as soon as you configure a login and password or a secure backup protocol Secure Copy Protocol (SCP) are the safest methods for a configuration. new.

Regardless of how you manage the updates of router configurations, it is important to save each configuration change and write to all modifications. This allows you and others to better understand the changes and review them when detecting errors.

The last hint

The data has a way of "going out the door" and usually ends with nothing fun. To prevent this, remember not to store the router configuration on mobile devices. Instead, save secure configurations within folders with appropriate network permissions.