In today's complex network environment, networking devices offer a robust set of configuration options to meet the requirements of different businesses. Choosing the appropriate configuration parameters for a network is a multifaceted process: setting the proper parameters, creating the appropriate filters, and enabling and disabling an assortment of services in order to secure the networking environment and device.
Security configuration necessitates a detailed understanding of the security implications of each set parameter. An error or omission in configuring these parameters has the potential to jeopardize network security, as it could create a security hole, which can be exploited, compromising the availability, integrity, and privacy of the information connected to or through the network.
Remote workers, partners, and customers depend on networks for access to vital information, outside of traditional corporate boundaries. By incorporating a "one touch" device lockdown process, Cisco AutoSecure enables rapid implementation of security policies and procedures to ensure secure networking services. This new Cisco IOS® Software feature simplifies the security process, thus lowering barriers to the deployment of critical security functionality.
For additional information about Release 12.3, please visit: http://www.cisco.com/go/release123/
- Checks for a banner and provides facility to add text to automatically configure:
- Login and password
- Transport input & output
- Local AAA
- SSH timeout and ssh authentication-retries to minimum number
- Enable only SSH and SCP for access and file transfer to/from the router
- Disables SNMP If not being used
- Enables Cisco Express Forwarding (CEF) or distributed CEF on the router, when available
- Blocks all IANA reserved IP address blocks
- Blocks private address blocks if customer desires
- Installs a default route to NULL 0, if a default route is not being used
- Configures TCP intercept for connection-timeout, if TCP intercept feature is available and the user is interested
- Starts interactive configuration for CBAC on interfaces facing the Internet, when using a Cisco IOS Firewall image,
- Enables NetFlow on software forwarding platforms
Cisco Feature Navigator: http://www.cisco.com/go/fn/
1Prior to deploying Cisco AutoSecure, please check your network management application requirements. Some applications require services that may be disabled by Cisco AutoSecure.