×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Audit Cisco Router and Switch

Unanswered Question
Jan 7th, 2003
User Badges:

Folks,


I am looking for a workprogram, which allows to audit Cisco routers and switches. In detail i) I have to define controls that make sense for each device (router & switch) and ii) afterwards I have to perform test procedures.


What should be reviewed? What tests should be performed?


Any response is appreciated


Urs

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
b-pelphrey Tue, 01/07/2003 - 05:43
User Badges:

There are many places you can go and get some great ideas, but ultimately, it will depend on your environment....where each device is located, what are the capabilities that you are looking for each device to do...just to name a few.


Some suggestions to get you started might be:


~Create a "Router Security Policy" (www.sans.org has an example)

~Create a "IOS Security Checklist" (a baseline if you will, something that is needed for ALL IOS devices. If you switches run Native IOS instead of CatOS you could use this here as well. You can use a portion of the SANS policy and implement into this.)

~Create a "CatOS Security Checklist" (Same as above)

~CIS (Center for Internet Security has a Cisco router tool that you can run to check your devices. I have never used it, but I have heard good things about it.)

~NIST (National Institute of Standards Technology) also has a lot of great stuff to give you some ideas.)

~Finally, I would end with your port/ service scan tool. (There are a variety of tools that you can use for this.)


Hopefully, I have helped out a little to get you thinking and some places to start. I will keep checking back to see how you are doing.


Good luck!

uvoigt Mon, 02/17/2003 - 03:52
User Badges:

Thank you very much!

With your hints and references I was able to develop a test plan for both platforms.


Cheers,


Urs

Actions

This Discussion