What are the key elements of Network Infrastructure Management?

CIS Control 12, also referred to as "Network Infrastructure Management," is a crucial security control that focuses on safeguarding an organization's network perimeter and managing inbound and outbound network traffic. Its primary goal is to prevent unauthorized access, identify and mitigate malicious activities, and ensure secure data transfers.

This control revolves around implementing and maintaining robust network security measures to establish secure boundaries between the organization's internal network and external networks, such as the internet. It involves employing practices and technologies that enforce network security policies, control resource access, and monitor network traffic for potential threats.

12 Key elements of CIS Control

1. Firewalls: Deploying and configuring firewalls to regulate inbound and outbound network traffic, allowing only authorized and necessary communication.

2. Intrusion Detection and Prevention Systems (IDPS): Implementing IDPS to monitor network traffic, promptly detect and respond to potential intrusions or malicious activities, and block suspicious network traffic.

3. Secure Configuration of Network Devices: Ensuring network devices like routers and switches have secure settings, including strong passwords, regular firmware updates, and disabling unnecessary services.

4. Network Segmentation: Dividing the network into distinct segments or subnets to isolate critical assets, control network traffic, and mitigate the impact of potential breaches.

5. Network Monitoring: Utilizing network monitoring tools and practices to continuously monitor network traffic, identify anomalies, and promptly address potential security incidents or vulnerabilities.

6. Secure Remote Access: Establishing secure methods for remote access, such as virtual private networks (VPNs), multi-factor authentication, and encrypted connections, to safeguard against unauthorized network access.

By effectively managing network infrastructure and implementing the principles outlined in CIS Control 12, organizations can bolster their network security, minimize the risk of unauthorized access and data breaches, and uphold the integrity and confidentiality of their network communications.