Access control lists can be applied to restrict access to the Cisco CSS
device, as well as additional firewall or access lists to restrict connection
to the management interface. Access control lists also affect traffic to the
Virtual interface of the Cisco CSS device, so must be applied with care. For
further details on configuring access lists, please refer to the product
Additionally, the use of SSH to prevent snooping of the management
traffic to the device is encouraged.
Telnet service can also be disabled. This is not a feasible option for
many customers in a co-location environment, but it is included in this section
for customers that may have the ability to implement this configuration.
CS150(config)# telnet access disabled