Chapter 24 Security Audit
Cisco SDM and Cisco IOS AutoSecure
24-26
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
• Disable IP Redirects
• Disable IP Proxy ARP
• Disable IP Directed Broadcast
• Disable MOP Service
• Disable IP Unreachables
• Disable IP Unreachables on NULL Interface
• Disable IP Mask Reply
• Enable Password Encryption Service
• Disable IP Unreachables on NULL Interface
• Disable IP Unreachables on NULL Interface
• Set Minimum Password Length to Less Than 6 Characters
• Enable IP CEF
• Enable Firewall on All of the Outside Interfaces
• Set Users
• Enable Logging
• Enable Firewall on All of the Outside Interfaces
• Set Minimum Password Length to Less Than 6 Characters
• Enable Firewall on All of the Outside Interfaces
• Set Users
• Set Users
• Set Users
• Enable Unicast RPF on Outside Interfaces
• Enable Firewall on All of the Outside Interfaces
AutoSecure Features Not Implemented in Cisco SDM
The following AutoSecure features are not implemented in this version of Cisco
SDM:
• Disabling NTP—Based on input, AutoSecure will disable the Network Time
Protocol (NTP) if it is not necessary. Otherwise, NTP will be configured with
MD5 authentication. Cisco SDM does not support disabling NTP.