Australia: Australian Signals Directorate published guidance on strengthening network infrastructure

On 15 October 2025, the Australian Signals Directorate (ASD) published guidance aimed at strengthening the network infrastructure of medium-to-large organisations and government entities. The guidance provides advice for executive and technical staff on protecting internet-facing and internal network devices from unauthorised access, lateral movement, and data exfiltration. It complements existing ASD advice on securing edge devices by extending mitigations across core routing, switching, and intermediary network components, with the goal of reducing attack surfaces, enhancing resilience, and improving detection and response through a defence-in-depth approach. The guidance categorises network defence actions into critical, high, medium, and foundational priorities. Critical measures include patching internet-facing devices for critical vulnerabilities, implementing phishing-resistant multi-factor authentication, changing default credentials, disabling insecure protocols, securing management interfaces, and applying event logging best practices. High-priority actions include maintaining secure backups of device configurations, enforcing egress traffic rules, and implementing network segmentation to limit lateral movement. Medium-priority actions focus on deploying network detection and response solutions, enabling just-in-time privileged access, and applying network access controls. Foundational actions cover maintaining a network device register, monitoring configuration integrity, establishing baselines for device health and traffic, reviewing service and local accounts, securing new network devices, maintaining an incident response plan, and providing ongoing security awareness training.