The router is the very first line of defense. It provides packet routing, and it can also be configured to block or filter the forwarding of packet types that are known to be vulnerable or used maliciously, such as ICMP or Simple Network Management Protocol (SNMP).
If you don’t have control of the router, there is little you can do to protect your network beyond asking your ISP what defense mechanisms they have in place on their routers.
The configuration categories for the router are:
Patches and updates
Auditing and logging
Subscribe to alert services provided by the manufacturer of your networking hardware so that you can stay current with both security ...