Enable Netflow Switching | 321 Studios OL-7141-04 specs

Chapter 1 Cisco SDM Express

Supplementary Help

You can undo this fix using the Cisco SDM Security Audit feature. To learn how, see the Security Audit online help in Cisco SDM. For more information, click Cisco Router and Security Device Manager.

Enable Netflow Switching

Cisco SDM Express enables Netflow switching whenever possible. Netflow switching is a Cisco IOS feature that enhances routing performance while using Access Control Lists (ACLs) and other features that create and enhance network security. Netflow identifies flows of network packets based on the source and destination IP addresses and TCP port numbers. Netflow then can use just the initial packet of a flow for comparison to ACLs and for other security checks, rather than having to use every packet in the network flow. This enhances performance, allowing you to make use of all of the router security features.

The configuration that will be delivered to the router to enable Netflow is as follows:

ip route-cache flow

You can undo this fix using the Cisco SDM Security Audit feature. To learn how, see the Security Audit online help in Cisco SDM. For more information, click Cisco Router and Security Device Manager.

Enable TCP Keepalives for Inbound Telnet Sessions

Cisco SDM Express enables TCP keepalive messages for both inbound and outbound Telnet sessions whenever possible. Enabling TCP keepalives causes the router to generate periodic keepalive messages, letting it detect and drop broken Telnet connections.

The configuration that will be delivered to the router to enable TCP keepalives for inbound Telnet sessions is as follows:

service tcp-keepalives-in

You can undo this fix using the Cisco SDM Security Audit feature. To learn how, see the Security Audit online help in Cisco SDM. For more information, click Cisco Router and Security Device Manager.

	Cisco SDM Express
1-32	OL-7141-04

Image 38

321 Studios OL-7141-04 manual Enable Netflow Switching, Enable TCP Keepalives for Inbound Telnet Sessions

Contents

Cisco SDM Express User’s Guide Cisco SDM Express User’s Guide N T E N T S Contents Cisco SDM Express Edit Mode Contents Welcome A P T E R Hostname Field Basic ConfigurationUsername and Password Fields Domain Name Field SDM Express Enable Secret Password FieldRouter Provisioning Secure Device Provisioning Provision From USB TokenUSB Token or USB Flash CNS Server Provision From USB Flash File Selection Name Wireless Interface ConfigurationLAN Interface Configuration Size IP Address Field Wireless Parameters FieldsInterface/Bridge-to-Interface List Subnet Mask Field Refresh, Apply Changes, Discard Changes Buttons Dhcp Server ConfigurationEnable Dhcp server on the LAN interface Check Box Starting IP Address Field Secondary Domain Name Server Field Ending IP Address FieldPrimary Domain Name Server Field Use these DNS values for Dhcp clients Check Box Enable PPPoE Check BoxInternet WAN Ethernet Interface Address Type List Confirm Password Field Authentication Type Check BoxPassword Field Username Field Internet WAN User Specified Encapsulation Status Icon and Enable or Disable ButtonInternet WAN Autodetect Encapsulation Virtual Circuit Identifier Field Encapsulation ListVirtual Path Identifier Field IP Address for Remote Connection in Central Office Field Add Connection, Edit, Delete Buttons Enable or Disable ButtonWAN Interface Selection Refresh Button Serial ConnectionInterface List Frame Relay Configuration Settings Link IP Address and Subnet Mask Fields LMI Type Field Frame Relay Configuration SettingsDlci Field Use Ietf Frame Relay Encapsulation Check Box Internet WAN Advanced Options CNS Server Information Secondary DNS Field Firewall ConfigurationPrimary DNS Field Security Settings Disable Snmp Services on Your Router Check Box Disable Services that Involve Security Risks Check Box Summary Enhance Security on Router Access Check BoxEncrypt Passwords Check Box Cisco Router and Security Device Manager Cisco Network ServicesSupplementary Help Security Settings Disable Snmp Disable Finger Service Disable PAD Service Disable TCP Small Servers Service Disable UDP Small Servers Service Disable IP Bootp Server Service Disable IP Identification Service Disable CDP Disable IP Source Route Enable Password Encryption Service Enable Netflow Switching Enable TCP Keepalives for Inbound Telnet Sessions Enable IP CEF Enable TCP Keepalives for Outbound Telnet SessionsEnable Sequence Numbers and Time Stamps on Debugs Set Scheduler Interval Set Scheduler Allocate Set TCP Synwait Time Enable Logging Enable Unicast RPF on Outside Interfaces Disable IP Gratuitous ARPs Disable IP Redirects Disable IP Proxy ARP Disable IP Directed Broadcast Disable MOP Service Disable IP Unreachables Disable IP Mask Reply Set Minimum Password Length to Less Than 6 Characters Set Authentication Failure Rate to Less Than 3 Retries Set Banner Enable Telnet Settings Enable SSH for Access to the Router About Button Cisco SDM Express ButtonsHelp Button Apply Changes Button Reconnecting to the Router After Initial ConfigurationExit Button Discard Changes Button Testing Your WAN Internet Connection SDP Troubleshooting Tips Troubleshooting Tips LAN Fields OverviewIcons Internet WAN Fields Firewall Fields Username/Login Password/Password is Encrypted Fields Edit/Delete Buttons Edit a Username Encrypt password using MD5 hash algorithm CheckboxBridge/Do not bridge LAN interface with wireless Checkbox Refresh/Apply Changes/Discard Changes Buttons LAN interface configuration Fields WirelessWAN-Unable to Configure WAN Interface No WAN Available Firewall Enable Firewall/Disable Firewall ButtonsDelete Connection Unable to configure Firewall Window Unable to Configure NAT Add or Edit Address Translation Rule Routing Disable Services that Involve Security Risks Checkbox Select All Recommended by Cisco Checkbox Encrypt Passwords Checkbox Synchronize with my local PC clock Checkbox Tools Ping Source Field Update SDM from Cisco.comTo clear the output of the ping command Destination Field CCO Login Update SDM from Local PCUpdate SDM from CD Edit Date and Time Fields Date and Time PropertiesSynchronize Checkbox Write down these steps and then reset the router Reset to Factory DefaultsSave Running Config to PC Apply Button Reconfiguring Your PC with a Static or a Dynamic IP Address Microsoft Windows NT Feature Not Available Cisco SDM Express Edit Mode Feature Not Available D E IN-2