Unsolved
This post is more than 5 years old
1 Message
0
596
May 2nd, 2017 03:00
Customer has various points with respect to ECS SwitchHardening. I want to know if its possible.
- Configuring encrypted password for accessing the device in configuration mode.
- Configuring crisis username and encrypted PW
- Configuring TCP keep alives
- Configuring Banner as per TCS guidelines
- Disabling ip unreachable command on specific interface
- Disabling redirect message on same interface
- Disable proxy arp
- Tacacs server configuration
- Configuring aaa server configuration
- To configure authorization
- To configure accounting
- Disabling aux port
- Configuring console port
- Avoid DNS translation
- Configuring SNMP community string
- Forbid HTTP Service
- Avoid leaking user information
- Disable to stop attacks
- Disable unused Interface
- Neighbour discovery enabled
- Port-fast on access ports
- BPDU Filter to avoid spanning tree attacks
- Enable Port Security
- VTP mode to be set as transparent
- Allow specific ip and block other ip address
- Configuring NTP server
- Disable console logging
- Configure logging
No Events found!