Control Summary
Establish, implement, and actively manage network devices, in order to prevent attackers from exploiting vulnerable network services and access points.
Why is it needed?
Establishing a secure network infrastructure serves as a crucial defence mechanism against cyberattacks. This entails implementing an appropriate security architecture, addressing vulnerabilities often introduced by default settings, consistently monitoring for changes, and periodically reassessing current configurations. The network infrastructure encompasses a range of devices, including physical and virtualised gateways, firewalls, wireless access points, routers, and switches.
Default configurations for network devices prioritise ease of deployment and user-friendliness over security. Potential vulnerabilities in default settings may encompass open services and ports, default accounts and passwords, support for outdated and vulnerable protocols, as well as the pre-installation of unnecessary software. Attackers actively seek out these vulnerable default settings, gaps, or inconsistencies in firewall rule sets, routers, and switches, exploiting these weaknesses to breach defences. They leverage these device flaws to gain unauthorised access to networks, redirect network traffic, and intercept data during transmission.
Implementing Control
CIS Control 12 has only one basic safeguard.
Implementation Group 1 requires the following one safeguards:
12.1 Ensure Network Infrastructure is Up-to-Date
This safeguard requires an organisation to ensure its network infrastructure is up to date. This is achieved by ensuring the latest stable software releases are run and/or using the current network as a service (NaaS) offering. In addition, software versions should be reviewed at least monthly to verify they are supported. This basic safeguard is essential for all businesses.
Additional safeguards at level 2 or 3:
12.2 Establish and Maintain a Secure Network Architecture
12.3 Securely Manage Network Infrastructure
12.4 Establish and Maintain Architecture Diagram(s)
12.5 Centralize Network Authentication, Authorization, and Auditing (AAA)
12.6 Use of Secure Network Management and Communication Protocols
12.7 Ensure Remote Devices Utilize a VPN and are Connecting to an Enterprise’s AAA Infrastructure
12.8 Establish and Maintain Dedicated Computing Resources for All Administrative Work
Incident Response Solutions 