Cisco DNCS System Release 2.8 3.8 4.3 Design Guide
4000358 Rev B
Security Recommendations for the DBDS Network in a DOCSIS Environment
3-1
Chapter 3
Security Recommendations for the DBDS Network
in a DOCSIS Environment
Overview
Introduction
Before deploying DOCSIS-capable DHCTs, we recommend that your network
administrators update their existing security policies to help protect the DBDS
private network from unauthorized external access (for example, from the Internet)
and from unauthorized internal access (for example, any non-DHCT CPE element).
By denying all foreign access to the DBDS private network, you can reduce the risk
of intrusion, denial of service and theft of data attacks on the DNCS, EMS, App
Servers, QAM Modulators, QPSKs, and DHCTs.
To help guard against a computer security breach, you must understand the basics
To help guard against a computer security breach, you must understand the basics
of system security, establish policies and procedures to protect your network, and
implement such policies and procedures.
This chapter assumes that you already have some network security measures in
This chapter assumes that you already have some network security measures in
place, and does not provide detailed information on network security. This chapter
provides guidelines that your network administrators may consider incorporating
into their existing security policies. Following the security recommendations
included in this chapter does not guarantee complete shielding of the DBDS network
from security threats and attacks. No system that is connected to a network can ever
be completely protected from security threats and attacks.
Disclaimer
Before using the security guidelines provided in this chapter, read the DBDS
DOCSIS Security Guidelines Disclaimer in the Disclaimer section, earlier in this
application guide.
Audience
This chapter is intended for experienced network administrators who manage
network configurations and security.