The three simple phases in this appendix are all that are required to convert a wide-open, insecure ISP backbone into one with moderate security. It is quite possible to wrap up the network even more securely, and you are encouraged to consult the main body of the book, especially Chapter 4, to find recommendations of what to do next.
The downsides of an insecure backbone have been covered already in the main text. But it is worth reiterating that if some unauthorized person can get a login prompt for an ISP's network equipment, that person has a very good chance of breaking into it and wreaking havoc in that backbone. Worse, the unauthorized individual could plant "time bombs" that the ISP is unaware of until they take effect. Security is a mandatory requirement for an ISP backbone—if it isn't there at the moment, you are strongly encouraged to drop everything, even pause reading this book, and protect your network immediately. It's never too late. As more ISPs tighten up security, those that previously relied on obscurity for their security will become targets, resulting in operational misery and angry or disappointed customers. Because customers are usually a business's livelihood, avoiding customer dissatisfaction is usually a high priority.
Was this article helpful?