Securing the Switch CLI
The first step to securing a switch is to secure access to the CLI. Securing the CLI includes protecting access to Cisco Nexus switches’ network-admin role, because from the network-admin role, an attacker could reload the switch or change the configuration.
For example, consider a user who accesses a switch from the console. The default console configuration settings allow a console user to access the Nexus switch with a default username of admin in the network-admin role, with no password required. These defaults make some sense, because when you use the console, you are typically sitting near or next to the switch. If you can touch the switch, even if the console had all the available password protections, you could ...
Get CCNA Data Center DCICN 640-911 Official Cert Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
