In my company we have Cisco ASA firewall as edge device on the Internet. So outside interface with public IP address and security level 0 and inside interfaces with higher security levels. Standard implementation.Now we need to put Cisco router in front of ASA, so it would be between my ISP and ASA. Router will have three interfaces with public ip addresses. So he will be very visible on the Internet. And because it is a router and not a firewall I am worried about the safety and security of the router. How can I secure and harden the router? Which services and protocols must be shutdown? What are the recommendations?
↧