Views:
FRAMEWORKS AND STANDARDS

CIS Critical Controls 12 Explained

An overview of CIS control 12, its purpose, and how to implement the control.

 

Published Date: October 28, 2024

Product Line: CIS Controls

Audience: Executives, Security Administrators

Get your copy of the CIS Controls V8.1 here.

What is Network Infrastructure

Network infrastructure is the foundation to organizations’ assets, including the hardware and software, which allow devices/services to communicate with one another and connect out to the internet. Loosely managed infrastructure with weak security controls allows hackers the ability to enter systems, disrupt services, and gain access to sensitive information.

What is a Network Architecture

Architectures are models used to design system components from network devices/endpoints, network connections, security controls, services and more. Network architectures demonstrate how components within a system are connected, through what protocols, and with what topology.

Why is Network Infrastructure Management Important?

Protecting network infrastructure within an enterprise may seem daunting, but through proper techniques, network infrastructure management can greatly enhance an organization’s security posture. Without proper management, threats like default configurations, modifications to endpoints, open ports, unnecessary software, and unsecure protocols can go unnoticed and leave an enterprise vulnerable to compromise.

Network Management Techniques

Network security is an ever-changing field that requires organizations to be constantly evaluating their architectures to adapt to new CVEs. To ensure proper protection of components, the following techniques can be used.

  1. Maintain Updated Documentation/Architecture Diagrams: ensure all network infrastructure is documented and any changes to architecture are reflected in documentation. 
    • Includes maintaining an up-to-date network architecture diagram.
    • Review and update documentation and architecture diagrams when necessary. 
  2. Vendor Support for Key Infrastructure Components: validate vital devices/software are patched and get feature updates from their original vendors. 
  3. Ensure Network Infrastructure is Up to Date: utilize latest releases of software and ensure updates are taking place. 
    • Assess infrastructure versions and configurations that may result in vulnerabilities within a system.
  4. Centralize Network Authentication, Authorization, and Auditing (AAA): access and monitoring of systems is performed in a central platform for simple analysis. 
  5. Use a VPN for Remote Devices: when remotely connecting to enterprise infrastructure, use an enterprise managed VPN and proper authentication. 
    • VPN: protect network traffic between resources. 
    • Authentication: ensure remote users are permitted to access resources.
  6. Dedicate Computing Resources for Administrative Work: physically and/or logically separate resources for tasks which require high level privileges/admin access.  
    • Prevent internet access to these resources and separate them from the enterprise network.  
  7. Routine Configuration Audits and Compliance Checks: conduct regular configuration reviews to detect and correct any deviations from established security policies.

Extra Tips

  • Upgrade End-of-Life Components: upgrade end of life components before they are out-of-date for future support. This involves replacing the components or isolating them and applying other security controls to mitigate risk. 
  • Use secure protocols to route traffic within a network: utilize protocols which contain default encryption and authentication.
    • Examples: HTTPS and SSH, 802.1x, WPA2, MFA…
  • Evaluate Infrastructure as a Code: ensure changes to code are tracked in a version control system.
  • Secure Infrastructure Administration: perform infrastructure administration over secure protocols and from admin accounts only.
Keywords: Control 12