Chapter Summary

This chapter discussed ways and places in which you can use a router with a deeper purpose than it might have been implemented with. To this end, the chapter examined how you can use a router to prescreen your network as a choke point of entry. The next level was to have the router act as a more advanced packet inspection tool through the use of the Cisco IOS Firewall Feature Set coupled with the intrusion detection feature. Both of these advanced technologies are not a replacement for dedicated devices of the same kind; however, they do offer a higher level of security in your network by adding additional layers of inspection and protection.

Next, the chapter focused on some of the more fundamental methods you can use immediately to secure the router itself. This information was presented in a real router configuration file, thus giving you a point of reference when comparing your router configurations with the suggestions provided here. The chapter concluded with an introduction to securing the routing updates within your network and the best practice methods to do so.