When I'm checking out a new network, one of my first security steps is to do a 'show version' on the hardware to see what version of code is running. One of the most overlooked areas of an IT security defense plan is the network operating system running on hardware. It's easy to assume that once the switch, firewall, and router are placed in the network, they can run forever until they die or are replaced.
In the words of Harry Stamper in the movie Armaggedon -- "WAY WRONG ANSWER."
Cisco, the leader in network hardware, releases multiple Security Advisories every month, and the company also updates its software often.
For example, in response to a zone-based firewall vulnerability, Cisco released a code update for its 12.0 and 15.0 code versions. The link to the security bulletin can be found here: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cis...
Administrators need to add a quarterly software audit to their ever-growing list of security concerns. This entails comparing the current version of running network software to the latest release and then considering downtime for an upgrade if major security issues are discovered. Cisco makes this very easy for routers and switches by offering an IOS Software Checker tool as a part of its website. Check it out here and test some of your running code: http://tools.cisco.com/security/center/selectIOSVersion.x.
You can paste the results of a 'show version' command or use other methods to check your hardware for security vulnerabilities.
As shown in the snippet above, someone running 12.0(2) is vulnerable to multiple issues that could cause a denial of service or crack an FTP server.
Finally, sometimes there are emergency patches for critical issues such as a remote access vulnerability or an encryption hack. Administrators should be able to recognize whether they are affected based on the security emails and have a plan to roll out new code in an emergency manner, if necessary.
Having up-to-date OS code on your network devices is just as important as having secure web servers and a strong password policy. Make sure that it's a part of your defense-in-depth plan and that your administrators know what software is running at the heart of your infrastructure.