- Analyzing Your Network Topology (inactive)
- Critical Components
- Sensor Placement
- Installation Configurations
- Summary
Critical Components
After you have analyzed your network topology, you should have a clear understanding of how an attacker can gain access to your network (both internal and external attackers). The next thing that you need to do is define the critical components on your network. These systems represent highly prized targets for an attacker.
Servers
Although every network is unique, there are some common categories of critical machines that you can start with in analyzing your specific network. The first category is servers. Every network has a multitude of different servers. Some common examples include Mail servers, DNS servers, DHCP servers, NFS servers, and Web servers.
Infrastructure Components
The second category of critical systems is your infrastructure components. These components include your routers and switches. These devices enable the hosts on your network to communicate with each other. By gaining control of any of your infrastructure components, an attacker can severely disrupt the operation of your network.
Security Components
A final category of devices includes the security components that protect your network. These components include devices such as firewalls and IDS components. Because these devices are used to protect your network from attack, they need to be thoroughly hardened against attacks. If an attacker can compromise any of the devices protecting your network, it is difficult to prevent him from compromising others' systems on the network as well.