Annex A: Validation Lab

A reference SAFE implementation exists to validate the functionality described in this document. This annex details the configurations of the specific devices within each module in addition to the overall guidelines for general device configuration. The following are configuration snapshots from the live devices in the lab. The authors do not recommend applying these configurations directly to a production network.

Overall Guidelines

The configurations presented here correspond in part to the “SAFE Axioms” section presented earlier in this document.


Here are the basic configuration options present on nearly all routers in the SAFE lab:

 ! turn off unnecessary services ! no ip domain-lookup no cdp run no ip http ...

Get Cisco® Secure Internet Security Solutions now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.