CCNA Security
NFP (Network Foundation Protection)
- Managment Plane:
Authenticate and authorize any administrators. Protect time synchronization by using authenticated
NTP. Use only encrypted remote-access protocols such as SSH for CLI and SSL/TLS for GUI tools, and use secure versions of SNM
- Control Plane:
The control plane tools can be implemented to limit the damage an attacker can attempt to implement directly at the router’s IP address.
- Data Plane:
Access control lists (ACL) Layer 2 controls, such as private VLANs, Spanning Tree Protocol (STP) guards IOS IPS, Zone-Based Firewall
Management Plane Commands:
#AAA New-model
#AAA authentication login default local (this will make cisco device use AAA method including line console 0, vty, Aux and SSH)
#security passwords min-length 8
#aaa local authentication attempts max-fail 3
#login block-for 300 attempts 10 within 60
NFP (Network Foundation Protection)
- Managment Plane:
Authenticate and authorize any administrators. Protect time synchronization by using authenticated
NTP. Use only encrypted remote-access protocols such as SSH for CLI and SSL/TLS for GUI tools, and use secure versions of SNM
- Control Plane:
The control plane tools can be implemented to limit the damage an attacker can attempt to implement directly at the router’s IP address.
- Data Plane:
Access control lists (ACL) Layer 2 controls, such as private VLANs, Spanning Tree Protocol (STP) guards IOS IPS, Zone-Based Firewall
Management Plane Commands:
#AAA New-model
#AAA authentication login default local (this will make cisco device use AAA method including line console 0, vty, Aux and SSH)
#security passwords min-length 8
#aaa local authentication attempts max-fail 3
#login block-for 300 attempts 10 within 60
0 Comments