Cisco SDM and Cisco IOS AutoSecure
AutoSecure Features Not Implemented in Cisco SDM
Cisco Router and Security Device Manager 2.5 User's Guide
24-26
Disable IP Redirects
•
Disable IP Proxy ARP
•
Disable IP Directed Broadcast
•
Disable MOP Service
•
Disable IP Unreachables
•
Disable IP Unreachables on NULL Interface
•
Disable IP Mask Reply
•
Enable Password Encryption Service
•
Disable IP Unreachables on NULL Interface
•
Disable IP Unreachables on NULL Interface
•
Set Minimum Password Length to Less Than 6 Characters
•
Enable IP CEF
•
Enable Firewall on All of the Outside Interfaces
•
Set Users
•
Enable Logging
•
Enable Firewall on All of the Outside Interfaces
•
Set Minimum Password Length to Less Than 6 Characters
•
Enable Firewall on All of the Outside Interfaces
•
Set Users
•
•
Set Users
Set Users
•
Enable Unicast RPF on Outside Interfaces
•
Enable Firewall on All of the Outside Interfaces
•
The following AutoSecure features are not implemented in this version of Cisco
SDM:
Disabling NTP—Based on input, AutoSecure will disable the Network Time
•
Protocol (NTP) if it is not necessary. Otherwise, NTP will be configured with
MD5 authentication. Cisco SDM does not support disabling NTP.
Chapter 24
Security Audit
OL-4015-12