The NSA website contains several guides with security recommendations. There are documents with Windows and Cisco configuration guidelines. The following security guides are available on the NSA website:
Windows XP Guides
Windows Server 2003 Guides
Windows 2000 Guides
Windows NT Guides
Cisco Router Guides
E-mail and Executable Content Guides
Supporting Documents
NOTE
All of these guides can be found on the NSA website: http://nsa2.www.conxion.com/. This appendix covers only the "Cisco Router Security Configuration Guide."
The "Cisco Router Security Configuration Guide" provides technical guidance intended to help network administrators and security officers improve the security of their networks. It contains principles and guidance for secure configuration of IP routers, with detailed instructions for Cisco Systems routers. The following list describes the outline of the guide:
Introduction Defines the role of routers in a modern network.
Background and Review Reviews some background information about TCP/IP networking, router hardware architecture, router software architecture, and network security.
Router Security Principles and Goals Describes general principles for protecting the router itself, protecting a network with a router, and managing a router securely. There is also a paragraph about security policies in this chapter.
Implementing Security on Cisco Routers Discusses router access security, access lists, and filtering. It also covers routing and routing protocols.
Advanced Security Services Describes IP network security and using SSH for remote administration security as well as using a router as a firewall and Cisco IOS intrusion detection.
Testing and Security Validation Outlines the principles for router security testing and the testing tools.
Additional Issues in Router Security Discusses ATM, MPLS, IPSec, and Dynamic VPNs. IP quality of service (QOS) and RSVP are also covered.
The "Cisco Router Security Configuration Guide, Executive Summary" is a two-page paper that describes quick but effective ways to tighten the security on a Cisco router, along with some important general principles for maintaining good router security. The topics you find on these pages are as follows:
General recommendations
Router access
Access lists
Logging and debugging
Router security checklist
It is a very useful reference to verify that the router you are configuring is protected against intruders.