Friday, June 11, 2010

Router audit check list-ISO 27001

Routers are increasingly an enterprises first and continued line of defense. As Router become more complex, streamlining the audit process, and ensuring risks and clutter are not injected into the rule base becomes an significant task. Below is the audit check list from ISO 27001 for auditing routers. ISO 27001 audit program covers the following area.
Router Policy
Disable Unneeded Services
Password Encryption
Authentication Settings
Administrator Authentication
Management Access
Route Protocol Security
Configuration Maintenance
Router Change Management
Router Redundancy
Log monitoring and Incident Handling
Security Updates