Cisco Cisco ASA 5555-X Adaptive Security Appliance Manuale Tecnico
Version 9.x.
Conventions
Refer to the
for more information on document conventions.
Secure Operations
Secure network operations is a substantial topic. Although most of this document is devoted to the
secure configuration of a Cisco ASA device, configurations alone do not completely secure a
network. The operational procedures in use on the network contribute as much to security as the
configuration of the underlying devices.
secure configuration of a Cisco ASA device, configurations alone do not completely secure a
network. The operational procedures in use on the network contribute as much to security as the
configuration of the underlying devices.
These topics contain operational recommendations that you are advised to implement. These
topics highlight specific critical areas of network operations and are not comprehensive.
topics highlight specific critical areas of network operations and are not comprehensive.
Monitor Cisco Security Advisories and Responses
The Cisco Product Security Incident Response Team (PSIRT) creates and maintains publications,
commonly referred to as PSIRT Advisories, for security-related issues in Cisco products. The
method used for communication of less severe issues is the Cisco Security Response. Security
advisories and responses are available at
commonly referred to as PSIRT Advisories, for security-related issues in Cisco products. The
method used for communication of less severe issues is the Cisco Security Response. Security
advisories and responses are available at
.
Additional information about these communication vehicles is available in the
.
In order to maintain a secure network, you need to be aware of the Cisco security advisories and
responses that have been released. You need to have knowledge of a vulnerability before the
threat it can pose to a network can be evaluated. Refer to
responses that have been released. You need to have knowledge of a vulnerability before the
threat it can pose to a network can be evaluated. Refer to
for assistance this evaluation process.
Leverage Authentication, Authorization, and Accounting
The Authentication, Authorization, and Accounting (AAA) framework is vital to secure network
devices. The AAA framework provides authentication of management sessions and can also limit
users to specific, administrator-defined commands and log all commands entered by all users.
See the
devices. The AAA framework provides authentication of management sessions and can also limit
users to specific, administrator-defined commands and log all commands entered by all users.
See the
section of this document for more
information about how to leverage AAA.
Centralize Log Collection and Monitoring
In order to gain knowledge about existing, emerging, and historic events related to security
incidents, your organization must have a unified strategy for event logging and correlation. This
strategy must leverage logging from all network devices and use pre-packaged and customizable
correlation capabilities.
incidents, your organization must have a unified strategy for event logging and correlation. This
strategy must leverage logging from all network devices and use pre-packaged and customizable
correlation capabilities.
After centralized logging is implemented, you must develop a structured approach to log analysis
and incident tracking. Based on the needs of your organization, this approach can range from a
simple diligent review of log data to advanced rule-based analysis.
and incident tracking. Based on the needs of your organization, this approach can range from a
simple diligent review of log data to advanced rule-based analysis.