10.2 Basic Security
10.2.2 Physical security
Physical access to a router or switch gives a sufficiently sophisticated user total control over that device. Nearly all switches and routers have "password-recovery techniques" or other back doors to access the device without a password. These techniques are publicly documented on the Internet! It makes no sense to install software security measures when access to the hardware is not controlled.

Physically secure network devices by doing the following:

  • Provide proper physical environment - This includes lockable doors, environmental controls, and backup power supplies.
  • Control direct access to the device - This includes lockable racks and password protection to console and auxiliary ports. You may want to disable ports that are not being used.
Lab Activity
  In this lab activity, you will learn how to use local switch security for controlled user access.