Chapter24 Security Audit
Cisco SDM and Cisco IOS AutoSecure
24-26
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
Disable IP Redirects
Disable IP Proxy ARP
Disable IP Directed Broadcast
Disable MOP Service
Disable IP Unreachables
Disable IP Unreachables on NULL Interface
Disable IP Mask Reply
Enable Password Encryption Service
Disable IP Unreachables on NULL Interface
Disable IP Unreachables on NULL Interface
Set Minimum Password Length to Less Than 6 Characters
Enable IP CEF
Enable Firewall on All of the Outside Interfaces
Set Users
Enable Logging
Enable Firewall on All of the Outside Interfaces
Set Minimum Password Length to Less Than 6 Characters
Enable Firewall on All of the Outside Interfaces
Set Users
Set Users
Set Users
Enable Unicast RPF on Outside Interfaces
Enable Firewall on All of the Outside Interfaces
AutoSecure Features Not Implemented in Cisco SDM
The following AutoSecure features are not implemented in this version of Cisco
SDM:
Disabling NTP—Based on input, AutoSecure will disable the Network Time
Protocol (NTP) if it is not necessary. Otherwise, NTP will be configured with
MD5 authentication. Cisco SDM does not support disabling NTP.