In Part 1 this lab, you use the Cisco Security Policy Builder tool to create a basic
security policy. You will customize the policy by changing the generic names in the
document to a company name of your choosing.
You will also develop Network Device Security Guidelines document, as a supplement
to the basic security policy. This document addresses specific router and switch
security measures and describes the security requirements to be implemented on the
infrastructure equipment. The basic Security Policy and the Network Device Security
Guidelines are presented to your instructor for review prior to starting lab Part 2.
In Part 2 you build the network and configure basic device settings. In Parts 3 and 4 of
the lab you secure routers and switches and in Part 5 you configure a router for VPN
remote access. The Network Device Security Guidelines policy is used as the guiding
The fictitious company you are working for has two locations connected by an ISP.
Router R1 represents a remote site and R3 represents the corporate headquarters.
Router R2 represents the ISP.
The router commands and output in this lab are from a Cisco 1841 with Cisco
IOS Release 12.4(20)T (Advanced IP image). The switch commands and output are
from a Cisco WS-C2960-24TT-L with Cisco IOS Release 12.2(46)SE (C2960-
LANBASEK9-M image). Other routers, switches, and IOS versions can be used. See
the Router Interface Summary table at the end of the lab to determine which interface
identifiers to use based on the equipment in the lab. Depending on the router or switch
model and IOS version, the commands available and output produced might vary from
what is shown in this lab.
Make sure that the routers and switches have been erased and have no startup
Instructions for erasing both the switch and router are provided in
the Lab Manual, located on Academy Connection in the Tools section.
CCNP 1: Advanced Routing v3.0 - Lab 1.4.1Copyright
2003, Cisco Systems, Inc.