Using SDM to Perform Security Audits

The SDM security audit feature compares router configurations to a predefined checklist of “best practices” using ICSA and Cisco TAC recommendations.

Examples of what the audit performs includes, but is not limited to, the following:

  • Shuts down unneeded servers on the router (BOOTP, finger, and TCP/UDP small servers)

  • Shuts down unneeded services on the router (CDP, IP source-route, and IP classless)

  • Applies a firewall to the outside interfaces

  • Disables Simple Network Management Protocol (SNMP) or enables it with hard-to-guess community strings

  • Shuts down unused interfaces using no ip proxy-arp

  • Forces passwords for the router console and vty lines

  • Forces the use of an enable secret password

  • Enforces the use of ACLs ...

Get CCSP Self-Study: Securing Cisco IOS Networks (SECUR) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial